From patchwork Mon Feb 9 11:38:48 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 80757 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2DE50E7E0D1 for ; Mon, 9 Feb 2026 11:39:08 +0000 (UTC) Received: from mail-wm1-f43.google.com (mail-wm1-f43.google.com [209.85.128.43]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.45580.1770637147301875427 for ; Mon, 09 Feb 2026 03:39:07 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=ejFdiESq; spf=pass (domain: gmail.com, ip: 209.85.128.43, mailfrom: skandigraun@gmail.com) Received: by mail-wm1-f43.google.com with SMTP id 5b1f17b1804b1-4834826e555so2550575e9.2 for ; Mon, 09 Feb 2026 03:39:07 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1770637146; x=1771241946; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:message-id:date:subject:to :from:from:to:cc:subject:date:message-id:reply-to; bh=0hReedumWv9bObsfCo1a115xFMbIDmYnR1idXADXTUc=; b=ejFdiESqkOtjMdMa3qmMibN4QoUPgTIdMMmbrxLPrZJ0t5t0sk26N0dUJa2dlplhM6 RPKbVux1ftAxD4g6D8YBH8FmsribmV1MIjcZyMRBCav9J/xdvd6Lfe7VzePyffr6JpQX tqVOBdGppSwtQE5fdaMPODvj7U+6a+4S/r4h747JSiffogNxSX7auusVYxy1O/nXYlTu pdS1eQpkmFuSiApXc17eZgPHEI+94/rSH1FBkRRJRBK/A8lVkNLmCdycAE78LoeDZwca QVAoyGUPIYUMoVo7GPvafavL549FLTHSDn7bJb6xcsAAbCEPNbPh1m1qxZZfmaeh5tGu gIFw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1770637146; x=1771241946; h=content-transfer-encoding:mime-version:message-id:date:subject:to :from:x-gm-gg:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=0hReedumWv9bObsfCo1a115xFMbIDmYnR1idXADXTUc=; b=f61HEnIYt5DuYaufCmmIXk+rkk7y3U6y09bXZpXGsT45Q9zN6iQb4I1GDb7mfXTIf2 hmMI+MxqX5fiRhsIFGzokocfS9ixjJHKS82FV15Z9FlDcN7DwgcydCXkpb2+vPg1kel2 Se1YgfZLnv9gOxUsERiejD8CIQEj0KinqKVLqFmbhBQVvgqnEJiiO2zVXmmX6Hqfylwg 6Icci3a+0CK3PPu4Dph3bAgppJ64PTQGYrSHWFn41ALbzSCj8gMreKS+NnpNkkqMIqDG OJhcZ61FiqxsKd9Dr8I5ujLdyuWFSsuc7fAjeVtHyTwHMeFKwzunQJw8JWXzigUvTtza aURw== X-Gm-Message-State: AOJu0Yx8UQpt15YTTAjg/wHFOPTQAFoEA5j6VboukBf1kfJFqhUmfTvQ joRkJpsdu0fcvXZKSh3BUn9vF1p7G2C3IxBVGpIJtEC7JK1DajOsBw5W5bwVYA== X-Gm-Gg: AZuq6aJtVeQIU7ugCpOclpTu4yQxifbsDEEcKY1+qt7XUVVVQ4QWVcSvXXmgU9/9FAQ +hbnl6xt9+3kHNkAKQgGQfKSE6mLfNXhBi9TG38edkL/0rFmW8+cB9dVn4U8bGmchx89CN8NV3a o1SeRLKIYRCVjd7vIO4wTMHyX2D+pDSsHNT8RGPIcp6ZHnPuGJbaudDjFBRVp+I+2Hc05Kbad3W w7ciuHfNtseeljtTawtwFcnllRL4ANRN7TYteT3h7UHKsO9oe3/B8jAPMOwbv/Ithr7fa9idaAY SA2M5lPOuYvet4UNR2wqm7hyQVbl5DkfB/KP6zoFsIzgiH6O96sdtSrJiYwDO2difvTb6pxuqRU 1pmQnGod6H34ugWC51CGSnCNmQNiejAL9l3t/wzZB/sHQpFDAvWePHAr6Q8vo11R8ywEupahtAJ iMD8N9FXgT X-Received: by 2002:a05:600c:1390:b0:477:5ad9:6df1 with SMTP id 5b1f17b1804b1-483201dc4bamr148234595e9.3.1770637145402; Mon, 09 Feb 2026 03:39:05 -0800 (PST) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-4834304232bsm56030375e9.2.2026.02.09.03.39.04 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 09 Feb 2026 03:39:05 -0800 (PST) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-multimedia][kirkstone][PATCH 01/16] sox: patch CVE-2017-11332 Date: Mon, 9 Feb 2026 12:38:48 +0100 Message-ID: <20260209113904.3442496-1-skandigraun@gmail.com> X-Mailer: git-send-email 2.53.0 MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 09 Feb 2026 11:39:08 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/124296 Details: https://nvd.nist.gov/vuln/detail/CVE-2017-11332 Pick the patch that was identified by Debian[1] as the solution. [1]: https://security-tracker.debian.org/tracker/CVE-2017-11332 Signed-off-by: Gyorgy Sarvari --- .../sox/sox/CVE-2017-11332.patch | 28 +++++++++++++++++++ .../recipes-multimedia/sox/sox_14.4.2.bb | 1 + 2 files changed, 29 insertions(+) create mode 100644 meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-11332.patch diff --git a/meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-11332.patch b/meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-11332.patch new file mode 100644 index 0000000000..383813e469 --- /dev/null +++ b/meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-11332.patch @@ -0,0 +1,28 @@ +From 80479b4978ddeb6fadb75007abc81f1ca2c50abb Mon Sep 17 00:00:00 2001 +From: Mans Rullgard +Date: Sun, 5 Nov 2017 16:29:28 +0000 +Subject: [PATCH] wav: fix crash if channel count is zero (CVE-2017-11332) + +CVE: CVE-2017-11332 +Upstream-Status: Backport [https://github.com/mansr/sox/commit/7405bcaacb1ded8c595cb751d407cf738cb26571] +Signed-off-by: Gyorgy Sarvari +--- + src/wav.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/src/wav.c b/src/wav.c +index 5202556..71fd52a 100644 +--- a/src/wav.c ++++ b/src/wav.c +@@ -712,6 +712,11 @@ static int startread(sox_format_t * ft) + else + lsx_report("User options overriding channels read in .wav header"); + ++ if (ft->signal.channels == 0) { ++ lsx_fail_errno(ft, SOX_EHDR, "Channel count is zero"); ++ return SOX_EOF; ++ } ++ + if (ft->signal.rate == 0 || ft->signal.rate == dwSamplesPerSecond) + ft->signal.rate = dwSamplesPerSecond; + else diff --git a/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb b/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb index 0791c85f74..c8a7a1829d 100644 --- a/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb +++ b/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb @@ -30,6 +30,7 @@ LIC_FILES_CHKSUM = "file://LICENSE.GPL;md5=751419260aa954499f7abaabaa882bbe \ SRC_URI = "${SOURCEFORGE_MIRROR}/sox/sox-${PV}.tar.gz \ file://0001-remove-the-error-line-and-live-without-file-type-det.patch \ file://0001-Update-exported-symbol-list.patch \ + file://CVE-2017-11332.patch \ " SRC_URI[md5sum] = "d04fba2d9245e661f245de0577f48a33" SRC_URI[sha256sum] = "b45f598643ffbd8e363ff24d61166ccec4836fea6d3888881b8df53e3bb55f6c" From patchwork Mon Feb 9 11:38:49 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 80759 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 17DC4E7E0D0 for ; Mon, 9 Feb 2026 11:39:18 +0000 (UTC) Received: from mail-wr1-f41.google.com (mail-wr1-f41.google.com [209.85.221.41]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.45581.1770637148469583735 for ; Mon, 09 Feb 2026 03:39:08 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=F9Qnb1Dl; spf=pass (domain: gmail.com, ip: 209.85.221.41, mailfrom: skandigraun@gmail.com) Received: by mail-wr1-f41.google.com with SMTP id ffacd0b85a97d-4362507f0feso1950950f8f.0 for ; Mon, 09 Feb 2026 03:39:08 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1770637147; x=1771241947; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=mj0+gkN1u6gSc/nAzjY4nNqtAnzrxXQIMXr+RF6VLoc=; b=F9Qnb1DleU/AyzTGO3Fed5qCEnRwjRqljCFJPumczpq2m5g8i5VEq9Ki4w2oYMjuX4 9WbxHQcxOv0SteNmyeQYceYgtUFEKlwKKSOHzV1++wJt/vpCxyi9OEG4hVm7OE5c2rmF mfhRcDJ3cjMmVSqxmY4XIrNDYvuDCbCbX3gxbWLrjwDbeWxDqC27WcY9YL/PWk6fra3t szoH6+X64a07zgkAr6HTyNvL6I26xesIiKmnqay66wN/par6RFUkcjOSx77vr8oR/bWV R25GSMSUb/+GSXrDhW7HfBh7iP4uzQxGSf17zgLrdOCFrjtgxJE86Y7t9oow93hk5TOq NTZw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1770637147; x=1771241947; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=mj0+gkN1u6gSc/nAzjY4nNqtAnzrxXQIMXr+RF6VLoc=; b=W1lp13DeP07+Kb7CLTtBX+JWhgkIytSi59b1V68qhjw/kkL0gbHnjoOdgxY8AamD1S dmuM1GGLfAIZASqXA5OTL+mHRcjUygDyZMOaUqHedHDq+SXslglQ4D8g5sCeLNZaAUhH Pc/lMp890cMv8yIdh9n2Ye02xcF4xwAZr25xaqInb4WvYwcMAn4IsFzTdTDsIUkgu+ih KTM5fZTwlqPdGtf/D6rjHgRkflBkf7uALnMh7V/z98t85FnJP4t41j1nbZbojgTqALpj 4WSr5DVIK4a/zeX8y38NAvYVP8XqFv3muMz3Qermt5CJ6t1r5FluJmq79uhJN7DzveE1 sx+A== X-Gm-Message-State: AOJu0YyNorNVmfeHWhO8ajnL395VDKu4C6m1l+Druz25PrfXMbh+2PT8 +crJ4unwPxPA2FxscQOnjweyQXtR3HvwTCs01QbMbUmQtu9tbDFJxsz9+Ki8yA== X-Gm-Gg: AZuq6aLgbkFUpQShBk5CmCL9J0nQI/39Lm5AcHm9LFZwhpk/YLOcw+1MQwh76upBnuD zdDMA2bdLFnnZu64w0JjDwZteDw1XrnTC8RMwGQQ99hcLB1lWX/jOjjL+U0RBUIuK07hlRWEDeY K1zFm31G018jigxTadi+ub5LUzqZQPc4+yOgxS0ty/ZzPl6Pl2ocqima+uz6guoRuUrGfHA/+Cu S8VXsQv3cMadSD9HM3RtlqzUBQlC+Wgp9s8uHspDa7U4U9e4mRJjw5KoHidNyK98tC2IX8AJcjM bACW3XhuEj8M9NFN8i2nCu+NFZQYJrULLI1Z/tGLtaIqyg194r+f+bBwBNuIrodFDLXaU2I1J+T Rmq+RcQr7B0fyLPwV0U0qvBMR9p4rjNbvbF4i8RQyqsBDG9OXYpvcZ4F+GXZfUK+Q0NXBU2ugOZ hZMfEkkuOXrjIXXfvT1v8= X-Received: by 2002:a05:600c:5488:b0:480:1e8f:d15f with SMTP id 5b1f17b1804b1-483201d5fa2mr144440535e9.2.1770637146079; Mon, 09 Feb 2026 03:39:06 -0800 (PST) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-4834304232bsm56030375e9.2.2026.02.09.03.39.05 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 09 Feb 2026 03:39:05 -0800 (PST) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-multimedia][kirkstone][PATCH 02/16] sox: patch CVE-2017-11358 Date: Mon, 9 Feb 2026 12:38:49 +0100 Message-ID: <20260209113904.3442496-2-skandigraun@gmail.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260209113904.3442496-1-skandigraun@gmail.com> References: <20260209113904.3442496-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 09 Feb 2026 11:39:18 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/124297 Details: https://nvd.nist.gov/vuln/detail/CVE-2017-11358 Pick the patch that was identified by Debian[1] as the solution. [1]: https://security-tracker.debian.org/tracker/CVE-2017-11358 Signed-off-by: Gyorgy Sarvari --- .../sox/sox/CVE-2017-11358.patch | 29 +++++++++++++++++++ .../recipes-multimedia/sox/sox_14.4.2.bb | 1 + 2 files changed, 30 insertions(+) create mode 100644 meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-11358.patch diff --git a/meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-11358.patch b/meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-11358.patch new file mode 100644 index 0000000000..9e797c0e7b --- /dev/null +++ b/meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-11358.patch @@ -0,0 +1,29 @@ +From 0e3909288d38487d7c86b11c7509cca01296fdc8 Mon Sep 17 00:00:00 2001 +From: Mans Rullgard +Date: Sun, 5 Nov 2017 16:43:35 +0000 +Subject: [PATCH] hcom: fix crash on input with corrupt dictionary + (CVE-2017-11358) + +CVE: CVE-2017-11358 +Upstream-Status: Backport [https://github.com/mansr/sox/commit/6cb44a44b9eda6b321ccdbf6483348d4a9798b00] +Signed-off-by: Gyorgy Sarvari +--- + src/hcom.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/src/hcom.c b/src/hcom.c +index e76820e..ee28cba 100644 +--- a/src/hcom.c ++++ b/src/hcom.c +@@ -150,6 +150,11 @@ static int startread(sox_format_t * ft) + lsx_debug("%d %d", + p->dictionary[i].dict_leftson, + p->dictionary[i].dict_rightson); ++ if ((unsigned) p->dictionary[i].dict_leftson >= dictsize || ++ (unsigned) p->dictionary[i].dict_rightson >= dictsize) { ++ lsx_fail_errno(ft, SOX_EHDR, "Invalid dictionary"); ++ return SOX_EOF; ++ } + } + rc = lsx_skipbytes(ft, (size_t) 1); /* skip pad byte */ + if (rc) diff --git a/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb b/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb index c8a7a1829d..b1cf516f62 100644 --- a/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb +++ b/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb @@ -31,6 +31,7 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/sox/sox-${PV}.tar.gz \ file://0001-remove-the-error-line-and-live-without-file-type-det.patch \ file://0001-Update-exported-symbol-list.patch \ file://CVE-2017-11332.patch \ + file://CVE-2017-11358.patch \ " SRC_URI[md5sum] = "d04fba2d9245e661f245de0577f48a33" SRC_URI[sha256sum] = "b45f598643ffbd8e363ff24d61166ccec4836fea6d3888881b8df53e3bb55f6c" From patchwork Mon Feb 9 11:38:50 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 80763 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 59BCBE7E0DA for ; Mon, 9 Feb 2026 11:39:18 +0000 (UTC) Received: from mail-wm1-f51.google.com (mail-wm1-f51.google.com [209.85.128.51]) by mx.groups.io with SMTP id smtpd.msgproc01-g2.45786.1770637148591142305 for ; Mon, 09 Feb 2026 03:39:08 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=OfMZT+eh; spf=pass (domain: gmail.com, ip: 209.85.128.51, mailfrom: skandigraun@gmail.com) Received: by mail-wm1-f51.google.com with SMTP id 5b1f17b1804b1-47ee937ecf2so40863825e9.0 for ; Mon, 09 Feb 2026 03:39:08 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1770637147; x=1771241947; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=ri3xMkVZ5+RXOYSczPgOjovSZ3nm4B9iyvrlnD4kiDo=; b=OfMZT+eh8QsVaK/kvalSXymPeULzOzQuDR8avuOGwjl23ZS+JtIeKQZh03oeD9xocP +4LkyLn8TuTJvtlDisBTQR2lqcstRHywfpa/vZdT+Xm7XV+Qh78kgmZaXeCgpnSItI7W zEwI/oadBEcakaOWRCDv5CDaaDa4vAwBnnnLMPGIjl37xZuOAr+/BIfQZHFV+1w1jfYV Ez30tq37MLrEPKPUEAWLwETBvLZi9K+LK0z/nJgIGrT2enniUkkZTpHUZPfGtrLHmmeZ yhe1SuJvFgtMLaqRZt2RVk9segG47Z/siEOchu9PJKVBosjKdY2HXsM6yMfwSl7R2MOS Heww== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1770637147; x=1771241947; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=ri3xMkVZ5+RXOYSczPgOjovSZ3nm4B9iyvrlnD4kiDo=; b=kAveuSgQ/ghPuAn7GiBrqGRXZ/orM+aD5umakVJRXADiNEcTPdNbdhK5GPRpkgDJW3 jyypmOfPF1uf+RyVj6Khc8EX3uEe/zi+M+Pl5dJhXoSjy74xg7JyzXhMrbO/8nOmvlwg h691i2sAJseO4jc/kpjpGBXU8ikarQSlHVvNpwPRxDWXS5I9EPuxN6PGSAihu8iU+dFX 4CUP6EjLQrEPx9zwRuaoTaFodsLw8kicyDSiPKFisxp6UuL32ZQD2oGm8GELb911weK6 fMsILqWSIxTUI6VMg7VMkYzU0ys88pFuOYPb2D+PyUfREIyI9p8j6u+CUfJ5leLBZCQK FACg== X-Gm-Message-State: AOJu0YzmLXzhWBNmEfT6RJV9epdwu0Aqn+OsEPpUryvX3pl0ZqhsnRWU zYCT1CENdtStnxPRBc9K7fqQO1f0BpwDR331fPLHITvGrOxGUYKWp0zYi0A0Mw== X-Gm-Gg: AZuq6aJlTMLwiDzH0e88Zdr/FD6GnLyWs4RupRqCZYy1qGNUPqkrYviRiN3XxO+4cpS SyGoTZQMjd0dNxt2R6kJTKYSjvO+VVT3n5VuSMxnqu71Dpe+cZXtZjhZpCM27hPmSZw8UKiSlup m97BYtqeSCKGwu7mrwkZJVNV695uV6xvFqUclWMfZbPIthAmXRd57qy7oOuSHtvHKBT2ibfznYI IkUjqci9oRtE7Jt8agOFk9QbRcBikYT3u6F2hR2nSnPx+wZszC3UWafGtMU9ERw6GC5LEvUJ2R2 Pcon952cWItPocjef6ULdTYOGW5/Oizp80LWVYwq0jqyFmqI1S6S5WHiOPdjUAA8iF4/fB3SXMJ 8mOgNQqhQOoCQ9cCvEouoK0Op27qHxYk8VQZkqlFXFV6lpTKK/QVbpYZToVn7ASS33Jqg26sje7 Aj5T8tNh7W X-Received: by 2002:a05:600c:c84:b0:475:ddad:c3a9 with SMTP id 5b1f17b1804b1-483203d54ffmr165043675e9.13.1770637146766; Mon, 09 Feb 2026 03:39:06 -0800 (PST) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-4834304232bsm56030375e9.2.2026.02.09.03.39.06 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 09 Feb 2026 03:39:06 -0800 (PST) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-multimedia][kirkstone][PATCH 03/16] sox: patch CVE-2017-11359 Date: Mon, 9 Feb 2026 12:38:50 +0100 Message-ID: <20260209113904.3442496-3-skandigraun@gmail.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260209113904.3442496-1-skandigraun@gmail.com> References: <20260209113904.3442496-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 09 Feb 2026 11:39:18 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/124298 Details: https://nvd.nist.gov/vuln/detail/CVE-2017-11359 Pick the patch that was identified by Debian[1] as the solution. [1]: https://security-tracker.debian.org/tracker/CVE-2017-11359 Signed-off-by: Gyorgy Sarvari --- .../sox/sox/CVE-2017-11359.patch | 30 +++++++++++++++++++ .../recipes-multimedia/sox/sox_14.4.2.bb | 1 + 2 files changed, 31 insertions(+) create mode 100644 meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-11359.patch diff --git a/meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-11359.patch b/meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-11359.patch new file mode 100644 index 0000000000..fcd3e4af50 --- /dev/null +++ b/meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-11359.patch @@ -0,0 +1,30 @@ +From bcdbdbecea8fae984e895fb5f9b20fedb3602945 Mon Sep 17 00:00:00 2001 +From: Mans Rullgard +Date: Sun, 5 Nov 2017 17:02:11 +0000 +Subject: [PATCH] wav: fix crash writing header when channel count >64k + (CVE-2017-11359) + +CVE: CVE-2017-11359 +Upstream-Status: Backport [https://github.com/mansr/sox/commit/8b590b3a52f4ccc4eea3f41b4a067c38b3565b60] +Signed-off-by: Gyorgy Sarvari +--- + src/wav.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/src/wav.c b/src/wav.c +index 71fd52a..eca1cde 100644 +--- a/src/wav.c ++++ b/src/wav.c +@@ -1379,6 +1379,12 @@ static int wavwritehdr(sox_format_t * ft, int second_header) + long blocksWritten = 0; + sox_bool isExtensible = sox_false; /* WAVE_FORMAT_EXTENSIBLE? */ + ++ if (ft->signal.channels > UINT16_MAX) { ++ lsx_fail_errno(ft, SOX_EOF, "Too many channels (%u)", ++ ft->signal.channels); ++ return SOX_EOF; ++ } ++ + dwSamplesPerSecond = ft->signal.rate; + wChannels = ft->signal.channels; + wBitsPerSample = ft->encoding.bits_per_sample; diff --git a/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb b/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb index b1cf516f62..205b11b506 100644 --- a/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb +++ b/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb @@ -32,6 +32,7 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/sox/sox-${PV}.tar.gz \ file://0001-Update-exported-symbol-list.patch \ file://CVE-2017-11332.patch \ file://CVE-2017-11358.patch \ + file://CVE-2017-11359.patch \ " SRC_URI[md5sum] = "d04fba2d9245e661f245de0577f48a33" SRC_URI[sha256sum] = "b45f598643ffbd8e363ff24d61166ccec4836fea6d3888881b8df53e3bb55f6c" From patchwork Mon Feb 9 11:38:51 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 80771 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 888C9E81BA1 for ; Mon, 9 Feb 2026 11:39:18 +0000 (UTC) Received: from mail-wm1-f45.google.com (mail-wm1-f45.google.com [209.85.128.45]) by mx.groups.io with SMTP id smtpd.msgproc01-g2.45787.1770637149167237408 for ; Mon, 09 Feb 2026 03:39:09 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=gCs/5XUU; spf=pass (domain: gmail.com, ip: 209.85.128.45, mailfrom: skandigraun@gmail.com) Received: by mail-wm1-f45.google.com with SMTP id 5b1f17b1804b1-4806e0f6b69so32976565e9.3 for ; Mon, 09 Feb 2026 03:39:08 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1770637147; x=1771241947; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=gQdeeDbHbV4ttVEoCkPRGDYNmC58CYBExzwU7eS7XJw=; b=gCs/5XUUJziQWc29YuhZrR2z5d5uJdjnBGpv0PgJeZo5VwyAUtmFV4VL6XDD6yvHLt idnBkEZOYNFG+oiaokb24yJJziMERlZiFume7O1x8CdQhNXvcEIZ8TGTvnsu9ZA9tGnT kEyMwLQoAtOqMfy6uxpseVBmL8L/P+ytJKQIxnmN1jNCr9bJhcm94ig4aFF79ExQwqGS 0d9TTMoNs/g/pg0poGmmwZq7yfG8b879YOk3iqxan0SUBQqJ0lNrKyHtLqlNorL6bWZd RgkCFbh+cp6iHw6cu/RJKuRUTVx+9ZQzGGpeRmR2qeCSMGphuOBk5PD9uT2XUObxlie2 2r8g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1770637147; x=1771241947; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=gQdeeDbHbV4ttVEoCkPRGDYNmC58CYBExzwU7eS7XJw=; b=riffyYzARkMO4wZ4BHRo+e2Fl0NFIktWP/fJy/I49B1LBYnzlDNDObVicK0YrHj4vM TLLw1dmsMgrTY7c3a7zaeawgzRp17iyRm8plj7SFuSzIR9e1ahsCZyMVs6vJQYTU7sFF Ijeg311ygQ+e6dq2z9db71MQGC8+JoKSK0NyKHj3fYn8l2+b4o2sUdnStAP7OuipTzmC LmLb/LOSQ8T59VLQMxD+tM/0xhjJHogSJGozGjZnQbSFAOIE0nvVbvzmCscXfLKSdoe1 uN2h1uqz71ZsdgkW1oce4G0KlRvce6mnYHsa7qFCiMBrdVaWcSYdIcEjmx7pFAnSVPux jAsQ== X-Gm-Message-State: AOJu0YxnZgZRgDteHRpC+1F5KfpT75ELX36F833ycmK2UKmkXPvBIFyQ ijr1bgd+/jtSfJdYYuL9WwRn5OORK0w0PF5Vc2O8/V0b2/sIlrxUYeORyvOazA== X-Gm-Gg: AZuq6aLpk8xDfY4iYUIsmbSpXD0O69xYz6nZ1GM8NFoQRbRIJy3IYL504VuDTeO75w8 1LpmrtOKra5g1kgcvcGpILEkjVzGCYCGpyht+UyjAq8BuThzFJG5bnIk8sFmgGkQk6OO9TM7x7Z xvYnlrbsHpSeobrf+NglmpT4Q0NlStn2vXA0optowFI0BWcYrVEeomTqPVUzEY7XNez3m8TP7Ti hMH4A9NOF/jFehwUcCX/hPgr0eE/uw08K6Pw0a6TnKVStGX0olNTM6zg3hw6g/Umayw3mh8dQ+l MRj59/iHogk+tQ/qmIXV0w9w9xFL5f+ZgpeOGuNIQ3K7Y6VyYi4EM+DkDOwpyvqy+3Uo7WfIPry qqba1OV0YysmOnWXOtJKiuwGTrJ4XfjMZd6CH1u6cjvCEECGDpW5waOTXTHAmPJYImJCbSq8wKY IQei/AppQyjQcxLc22o3o= X-Received: by 2002:a05:600c:4750:b0:475:da1a:53f9 with SMTP id 5b1f17b1804b1-483201dd2f4mr146166195e9.14.1770637147403; Mon, 09 Feb 2026 03:39:07 -0800 (PST) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-4834304232bsm56030375e9.2.2026.02.09.03.39.06 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 09 Feb 2026 03:39:07 -0800 (PST) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-multimedia][kirkstone][PATCH 04/16] sox: patch CVE-2017-15370 Date: Mon, 9 Feb 2026 12:38:51 +0100 Message-ID: <20260209113904.3442496-4-skandigraun@gmail.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260209113904.3442496-1-skandigraun@gmail.com> References: <20260209113904.3442496-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 09 Feb 2026 11:39:18 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/124299 Details: https://nvd.nist.gov/vuln/detail/CVE-2017-15370 Pick the patch that was identified by Debian[1] as the solution. [1]: https://security-tracker.debian.org/tracker/CVE-2017-15370 Signed-off-by: Gyorgy Sarvari --- .../sox/sox/CVE-2017-15370.patch | 29 +++++++++++++++++++ .../recipes-multimedia/sox/sox_14.4.2.bb | 1 + 2 files changed, 30 insertions(+) create mode 100644 meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-15370.patch diff --git a/meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-15370.patch b/meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-15370.patch new file mode 100644 index 0000000000..39a18ebd9a --- /dev/null +++ b/meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-15370.patch @@ -0,0 +1,29 @@ +From cd7a008958d208345de04c7b6306c79a8a933f32 Mon Sep 17 00:00:00 2001 +From: Mans Rullgard +Date: Sun, 5 Nov 2017 16:21:23 +0000 +Subject: [PATCH] wav: ima_adpcm: fix buffer overflow on corrupt input + (CVE-2017-15370) + +Add the same check bad block size as was done for MS adpcm in commit +f39c574b ("More checks for invalid MS ADPCM blocks"). + +CVE: CVE-2017-15370 +Upstream-Status: Backport [https://github.com/mansr/sox/commit/ef3d8be0f80cbb650e4766b545d61e10d7a24c9e] +Signed-off-by: Gyorgy Sarvari +--- + src/wav.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/wav.c b/src/wav.c +index eca1cde..fad334c 100644 +--- a/src/wav.c ++++ b/src/wav.c +@@ -127,7 +127,7 @@ static unsigned short ImaAdpcmReadBlock(sox_format_t * ft) + /* work with partial blocks. Specs say it should be null */ + /* padded but I guess this is better than trailing quiet. */ + samplesThisBlock = lsx_ima_samples_in((size_t)0, (size_t)ft->signal.channels, bytesRead, (size_t) 0); +- if (samplesThisBlock == 0) ++ if (samplesThisBlock == 0 || samplesThisBlock > wav->samplesPerBlock) + { + lsx_warn("Premature EOF on .wav input file"); + return 0; diff --git a/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb b/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb index 205b11b506..43b09a8ff0 100644 --- a/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb +++ b/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb @@ -33,6 +33,7 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/sox/sox-${PV}.tar.gz \ file://CVE-2017-11332.patch \ file://CVE-2017-11358.patch \ file://CVE-2017-11359.patch \ + file://CVE-2017-15370.patch \ " SRC_URI[md5sum] = "d04fba2d9245e661f245de0577f48a33" SRC_URI[sha256sum] = "b45f598643ffbd8e363ff24d61166ccec4836fea6d3888881b8df53e3bb55f6c" From patchwork Mon Feb 9 11:38:52 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 80767 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 791C4EE6B6F for ; Mon, 9 Feb 2026 11:39:18 +0000 (UTC) Received: from mail-wm1-f52.google.com (mail-wm1-f52.google.com [209.85.128.52]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.45583.1770637150061192646 for ; Mon, 09 Feb 2026 03:39:10 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=m241x9Cm; spf=pass (domain: gmail.com, ip: 209.85.128.52, mailfrom: skandigraun@gmail.com) Received: by mail-wm1-f52.google.com with SMTP id 5b1f17b1804b1-47ee76e8656so66653865e9.0 for ; Mon, 09 Feb 2026 03:39:09 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1770637148; x=1771241948; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=RsiM/TiJmp6a5AO/U2I7vFO/mCa1r9PmnNrKPHKEaJw=; b=m241x9Cmxe/5y/mBDRZICVk5ChiPLr+rIXR7wUKX9dEBtdHpLSNc7OQvhIJ5kUdcgI pB0vxgIeo+k8k1PkR7qsV15NM+3nCY7QC+g/KSOc51zc8ot2sgfGZtnzJfbnRlZkaYZu UaFO3MSeo8bkQLyuZZDVaNe0FcwhiEgp1S1VaEp3JIYsR6SB85TlWudmwHTppb/3I5YR mDHQ4Rjwab0v+XhE69JJDxcTzF7EqouhIm1kmHiA75iYC/tld7hPTwvFhiiuMrWZ79mf iNkqKQePRJc1z2xiVf0XbxQ4k2g7PccT31cp1lsMqddgShGueTG9VhDO50HYC71gBN0K ePYA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1770637148; x=1771241948; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=RsiM/TiJmp6a5AO/U2I7vFO/mCa1r9PmnNrKPHKEaJw=; b=TXaX11CvhJ0bfxZk0J4NTd8oBKly/uzPsQSNEBJEmQxmCRhqxHltTQCmVfgCgPuATZ lJaljilDI1M/1RDtbZu3jF45noFT0k5IHucH+YJ/3ipSI/bkGAyPjTpaU6B5Fe8CbXf+ UEiabGUWi+bFKTr6OxwvS4vqSj6UG2KKvWBDNuNptVnm7T16ygT2kmYdz5FMFb/9X2xF J1TeOeihNzOQGETdbKMNCLPROG3NtyWIvriHAfkgZEII+dFXVlxzTiCtzOuwjXV5OMnG Sgir/xD1sBueKe4Dp6ENic/ssig6bmWENEBjZb28rtx9Rw/YaULV7iEylZ2i2w3VCLsA GbKA== X-Gm-Message-State: AOJu0Yxn06qjSb8U8/du9EMzC/F8yf933FcWuADgY6rHoC9yaLQ7aohG i2BWs3+iPsTxxOeMmBuBTjxO0Szy0P1AyfkDXImMP4m03VF1ty5DxDusLJjXKw== X-Gm-Gg: AZuq6aJLHTdU3bNxfTagLNtRcuGNsX9K2UxdBeYOdygqafoDawI5Hd7M9Nt0aua0IRv WgTqb2fPI3Q8Cbo7iQY7LS7tdXaK3OHOrYqlK3HHSV/i+7Y6eo9cAp2R2TmFTMgezzCGxK5NW/M PcemLNE1aN+oqWu99x3PpF2qdAClvZ3tXDh4y5L8tAY1ZlOVHZkA+fBnJ0A39301zkiuUH8OMdQ /wu3fR9BpMPjYTd6Od/q48jvr2gyAzLYc6rQd8jW+dNUXnp4/4ty3czYKYGtX2rGEorYuSU2BCw QRMpnKjaANMfKJ6d+efl6WdALCzqdtvX/ZD1tYW4YwlaJ3ueIEUt3Rdw+hi5m5XXEKJT1vG6k/0 V2xj8+m3QNUJ6loPiyZMDmjyX3wsmktIc8BEoAuKS+ugz6ta/1VjcDb4fZ4iyi+/ZXMlHZ4hSxx 5XfGSOqpSl X-Received: by 2002:a05:600c:5290:b0:477:6d96:b3e5 with SMTP id 5b1f17b1804b1-4832020023cmr157313495e9.7.1770637148265; Mon, 09 Feb 2026 03:39:08 -0800 (PST) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-4834304232bsm56030375e9.2.2026.02.09.03.39.07 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 09 Feb 2026 03:39:07 -0800 (PST) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-multimedia][kirkstone][PATCH 05/16] sox: patch CVE-2017-15371 Date: Mon, 9 Feb 2026 12:38:52 +0100 Message-ID: <20260209113904.3442496-5-skandigraun@gmail.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260209113904.3442496-1-skandigraun@gmail.com> References: <20260209113904.3442496-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 09 Feb 2026 11:39:18 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/124300 Details: https://nvd.nist.gov/vuln/detail/CVE-2017-15371 Pick the patch that was identified by Debian[1] to fix the solution. [1]: https://security-tracker.debian.org/tracker/CVE-2017-15371 Signed-off-by: Gyorgy Sarvari --- .../sox/sox/CVE-2017-15371.patch | 40 +++++++++++++++++++ .../recipes-multimedia/sox/sox_14.4.2.bb | 1 + 2 files changed, 41 insertions(+) create mode 100644 meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-15371.patch diff --git a/meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-15371.patch b/meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-15371.patch new file mode 100644 index 0000000000..f0aa8d39e7 --- /dev/null +++ b/meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-15371.patch @@ -0,0 +1,40 @@ +From 83bf78913ee813c2c767854eb16acd9e6fb779cb Mon Sep 17 00:00:00 2001 +From: Mans Rullgard +Date: Sun, 5 Nov 2017 15:57:48 +0000 +Subject: [PATCH] flac: fix crash on corrupt metadata (CVE-2017-15371) + +CVE: CVE-2017-15371 +Upstream-Status: Backport [https://github.com/mansr/sox/commit/818bdd0ccc1e5b6cae742c740c17fd414935cf39] +Signed-off-by: Gyorgy Sarvari +--- + src/flac.c | 8 +++++--- + 1 file changed, 5 insertions(+), 3 deletions(-) + +diff --git a/src/flac.c b/src/flac.c +index 0d7829e..07f45c1 100644 +--- a/src/flac.c ++++ b/src/flac.c +@@ -119,9 +119,10 @@ static void decoder_metadata_callback(FLAC__StreamDecoder const * const flac, FL + p->total_samples = metadata->data.stream_info.total_samples; + } + else if (metadata->type == FLAC__METADATA_TYPE_VORBIS_COMMENT) { ++ const FLAC__StreamMetadata_VorbisComment *vc = &metadata->data.vorbis_comment; + size_t i; + +- if (metadata->data.vorbis_comment.num_comments == 0) ++ if (vc->num_comments == 0) + return; + + if (ft->oob.comments != NULL) { +@@ -129,8 +130,9 @@ static void decoder_metadata_callback(FLAC__StreamDecoder const * const flac, FL + return; + } + +- for (i = 0; i < metadata->data.vorbis_comment.num_comments; ++i) +- sox_append_comment(&ft->oob.comments, (char const *) metadata->data.vorbis_comment.comments[i].entry); ++ for (i = 0; i < vc->num_comments; ++i) ++ if (vc->comments[i].entry) ++ sox_append_comment(&ft->oob.comments, (char const *) vc->comments[i].entry); + } + } + diff --git a/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb b/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb index 43b09a8ff0..a03b346211 100644 --- a/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb +++ b/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb @@ -34,6 +34,7 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/sox/sox-${PV}.tar.gz \ file://CVE-2017-11358.patch \ file://CVE-2017-11359.patch \ file://CVE-2017-15370.patch \ + file://CVE-2017-15371.patch \ " SRC_URI[md5sum] = "d04fba2d9245e661f245de0577f48a33" SRC_URI[sha256sum] = "b45f598643ffbd8e363ff24d61166ccec4836fea6d3888881b8df53e3bb55f6c" From patchwork Mon Feb 9 11:38:53 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 80769 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 79407EE6B75 for ; Mon, 9 Feb 2026 11:39:18 +0000 (UTC) Received: from mail-wm1-f51.google.com (mail-wm1-f51.google.com [209.85.128.51]) by mx.groups.io with SMTP id smtpd.msgproc01-g2.45789.1770637150782971353 for ; Mon, 09 Feb 2026 03:39:11 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=iZYE1WgD; spf=pass (domain: gmail.com, ip: 209.85.128.51, mailfrom: skandigraun@gmail.com) Received: by mail-wm1-f51.google.com with SMTP id 5b1f17b1804b1-47ff94b46afso41308445e9.1 for ; Mon, 09 Feb 2026 03:39:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1770637149; x=1771241949; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=3quIq54SWlsHcRze8iVgWm29nZx60j4FIFT9PZv3RXo=; b=iZYE1WgD+TzV1+gDpw1YNMWRLE59qm8rJUW7u3jeVxYhxJH9WQZRFvoS1GJyXDOc9t EOzh0e0NvbWjxkbr1ONJmZkadVCxZcXxzHcnsNLhURQMOriTqEqK03BbEMjOAoP+MLIv iJ0+O8gguN8lzINhGeSsTIyL2Bu/wgzTypC1gymIGH5FM9W/yJV4cs/Id/7ju8r7xstU s7ooGzx81CYu9BsQF4BSoOZ0TstiMgQ1wSwgCqh+0fuqac8ld5/usqPzTxpIjngW386P VLXJeMKug0kxAzI1HSTrI2gxDdSNtTBY6b0rv3YzsI9e0KpEr70n/oqmGuFL07vgppub gFKg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1770637149; x=1771241949; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=3quIq54SWlsHcRze8iVgWm29nZx60j4FIFT9PZv3RXo=; b=gGD5dX1gQxbXNSKRey1I5WeFt4IUl2yDRaLopvvWq8gdziOQ4/9BSLPDJjaDq0RD1B W2LPSCdXtShKvmvAwx8+Ui7ryEndIVZn9Ikc7C9qNZqrSVUpg/bpNv4OxT2k91r/m003 TjFpEdnlcIu+CdB3TGz6ivDijbczMWorRYHGSTgjWzW0ri4je8rrV78gUNAdDl/6ZfuL M+iJM2WN7ELvwJphkAGYMFPcP7rltAPGFsNulHHscI/ly/dERDJdQsSDH/SvcqkmVxDi Vsj456MJeyDOxJ4/x8wtd54L1yYLIhYFQTROpBg5Y6VhRJRVL+s7gVTDK3ODDm2kuzUu wmFw== X-Gm-Message-State: AOJu0YxLXoOaYtV+jDhrFdkuOtn0Cm6AWXUpjbr40swaMJNbTE52ctnh 0JO5rFWg97rxlDUJcBp0yyfeXKpdOWFMYkP+jQZcobMBYJezi4mH1K67zR29ng== X-Gm-Gg: AZuq6aKYaLabxeAeuT06m322nulmM87jn/xgXwAcvNAuZ7xHYAUn/UaBd3oXhYo/EwQ PaAmzQYIRtXaF7Mr9qh/AXcuMlcggwSKsGvVoCxusN68uYaOh5OHygsrKXjBRzI5G6+AqInv4Py FEWMg536nlXd2Gvs+rSMxmYUSvteNsTFDIGgze8mYM/QUm0ym5AqBkTD2kRPTp1hgW1r9Kp47OO tczBmLOO+243SCvZAaKCJVNhvI3Ue9/zggaqEowePfC90cOGFAkkcPhitg7Awj55Xty1HjlzLC5 EPWOKLcup6bUYm9i0o9i9vJ3wRt50m7JEY/BbP5ejre5MomGwKH7OXEv62v2U9z1k2LkM/KNv5s sagnRsAfmdhD7fFyyzAFaVSACHc1Lyx+C6wqsw8CtBxVI2RM+IZFDAiakZUqFMII2W5eeGvdfQh Z0xAxWGC14 X-Received: by 2002:a7b:c3d5:0:b0:47e:e38b:a83 with SMTP id 5b1f17b1804b1-483178ebf8emr137320715e9.7.1770637148972; Mon, 09 Feb 2026 03:39:08 -0800 (PST) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-4834304232bsm56030375e9.2.2026.02.09.03.39.08 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 09 Feb 2026 03:39:08 -0800 (PST) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-multimedia][kirkstone][PATCH 06/16] sox: patch CVE-2017-15372 Date: Mon, 9 Feb 2026 12:38:53 +0100 Message-ID: <20260209113904.3442496-6-skandigraun@gmail.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260209113904.3442496-1-skandigraun@gmail.com> References: <20260209113904.3442496-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 09 Feb 2026 11:39:18 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/124301 Details: https://nvd.nist.gov/vuln/detail/CVE-2017-15372 Pick the patch that was indeitified by Debian[1] as the solution. [1]: https://security-tracker.debian.org/tracker/CVE-2017-15372 Signed-off-by: Gyorgy Sarvari --- .../sox/sox/CVE-2017-15372.patch | 100 ++++++++++++++++++ .../recipes-multimedia/sox/sox_14.4.2.bb | 1 + 2 files changed, 101 insertions(+) create mode 100644 meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-15372.patch diff --git a/meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-15372.patch b/meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-15372.patch new file mode 100644 index 0000000000..168fded39f --- /dev/null +++ b/meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-15372.patch @@ -0,0 +1,100 @@ +From 13086aa971f5a0a5a644323456a90a9fa96e03c3 Mon Sep 17 00:00:00 2001 +From: Mans Rullgard +Date: Wed, 8 Nov 2017 00:27:46 +0000 +Subject: [PATCH] adpcm: fix stack overflow with >4 channels (CVE-2017-15372) + +CVE: CVE-2017-15372 +Upstream-Status: Backport [https://github.com/mansr/sox/commit/001c337552912d286ba68086ac378f6fdc1e8b50] +Signed-off-by: Gyorgy Sarvari +--- + src/adpcm.c | 8 +++++++- + src/adpcm.h | 3 +++ + src/wav.c | 5 ++++- + 3 files changed, 14 insertions(+), 2 deletions(-) + +diff --git a/src/adpcm.c b/src/adpcm.c +index 2e13867..f64b7d5 100644 +--- a/src/adpcm.c ++++ b/src/adpcm.c +@@ -71,6 +71,11 @@ const short lsx_ms_adpcm_i_coef[7][2] = { + { 392,-232} + }; + ++extern void *lsx_ms_adpcm_alloc(unsigned chans) ++{ ++ return lsx_malloc(chans * sizeof(MsState_t)); ++} ++ + static inline sox_sample_t AdpcmDecode(sox_sample_t c, MsState_t *state, + sox_sample_t sample1, sox_sample_t sample2) + { +@@ -102,6 +107,7 @@ static inline sox_sample_t AdpcmDecode(sox_sample_t c, MsState_t *state, + + /* lsx_ms_adpcm_block_expand_i() outputs interleaved samples into one output buffer */ + const char *lsx_ms_adpcm_block_expand_i( ++ void *priv, + unsigned chans, /* total channels */ + int nCoef, + const short *coef, +@@ -113,7 +119,7 @@ const char *lsx_ms_adpcm_block_expand_i( + const unsigned char *ip; + unsigned ch; + const char *errmsg = NULL; +- MsState_t state[4]; /* One decompressor state for each channel */ ++ MsState_t *state = priv; /* One decompressor state for each channel */ + + /* Read the four-byte header for each channel */ + ip = ibuff; +diff --git a/src/adpcm.h b/src/adpcm.h +index af4d6f0..db5cc61 100644 +--- a/src/adpcm.h ++++ b/src/adpcm.h +@@ -29,8 +29,11 @@ + /* default coef sets */ + extern const short lsx_ms_adpcm_i_coef[7][2]; + ++extern void *lsx_ms_adpcm_alloc(unsigned chans); ++ + /* lsx_ms_adpcm_block_expand_i() outputs interleaved samples into one output buffer */ + extern const char *lsx_ms_adpcm_block_expand_i( ++ void *priv, + unsigned chans, /* total channels */ + int nCoef, + const short *coef, +diff --git a/src/wav.c b/src/wav.c +index fad334c..066be6d 100644 +--- a/src/wav.c ++++ b/src/wav.c +@@ -82,6 +82,7 @@ typedef struct { + /* following used by *ADPCM wav files */ + unsigned short nCoefs; /* ADPCM: number of coef sets */ + short *lsx_ms_adpcm_i_coefs; /* ADPCM: coef sets */ ++ void *ms_adpcm_data; /* Private data of adpcm decoder */ + unsigned char *packet; /* Temporary buffer for packets */ + short *samples; /* interleaved samples buffer */ + short *samplePtr; /* Pointer to current sample */ +@@ -175,7 +176,7 @@ static unsigned short AdpcmReadBlock(sox_format_t * ft) + } + } + +- errmsg = lsx_ms_adpcm_block_expand_i(ft->signal.channels, wav->nCoefs, wav->lsx_ms_adpcm_i_coefs, wav->packet, wav->samples, samplesThisBlock); ++ errmsg = lsx_ms_adpcm_block_expand_i(wav->ms_adpcm_data, ft->signal.channels, wav->nCoefs, wav->lsx_ms_adpcm_i_coefs, wav->packet, wav->samples, samplesThisBlock); + + if (errmsg) + lsx_warn("%s", errmsg); +@@ -791,6 +792,7 @@ static int startread(sox_format_t * ft) + + /* nCoefs, lsx_ms_adpcm_i_coefs used by adpcm.c */ + wav->lsx_ms_adpcm_i_coefs = lsx_malloc(wav->nCoefs * 2 * sizeof(short)); ++ wav->ms_adpcm_data = lsx_ms_adpcm_alloc(wChannels); + { + int i, errct=0; + for (i=0; len>=2 && i < 2*wav->nCoefs; i++) { +@@ -1216,6 +1218,7 @@ static int stopread(sox_format_t * ft) + free(wav->packet); + free(wav->samples); + free(wav->lsx_ms_adpcm_i_coefs); ++ free(wav->ms_adpcm_data); + free(wav->comment); + wav->comment = NULL; + diff --git a/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb b/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb index a03b346211..b721d84332 100644 --- a/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb +++ b/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb @@ -35,6 +35,7 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/sox/sox-${PV}.tar.gz \ file://CVE-2017-11359.patch \ file://CVE-2017-15370.patch \ file://CVE-2017-15371.patch \ + file://CVE-2017-15372.patch \ " SRC_URI[md5sum] = "d04fba2d9245e661f245de0577f48a33" SRC_URI[sha256sum] = "b45f598643ffbd8e363ff24d61166ccec4836fea6d3888881b8df53e3bb55f6c" From patchwork Mon Feb 9 11:38:54 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 80765 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 614C8E7E0DF for ; Mon, 9 Feb 2026 11:39:18 +0000 (UTC) Received: from mail-wm1-f46.google.com (mail-wm1-f46.google.com [209.85.128.46]) by mx.groups.io with SMTP id smtpd.msgproc01-g2.45790.1770637152760368639 for ; Mon, 09 Feb 2026 03:39:13 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=PMCJd6XJ; spf=pass (domain: gmail.com, ip: 209.85.128.46, mailfrom: skandigraun@gmail.com) Received: by mail-wm1-f46.google.com with SMTP id 5b1f17b1804b1-47ee937ecf2so40864155e9.0 for ; Mon, 09 Feb 2026 03:39:12 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1770637151; x=1771241951; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=H1UIdVEJyRcSD9cbibL1/EUhyYds/omvGlCTuGenQuc=; b=PMCJd6XJy+e7UhlhZtncGkHmjye0/1TuyW1D1nhn8juOJYYEmjFOng4TF+DaPrd5nl tSjjvPTvI88AsJnX4GSItBeRxQyl51xij8YNEW7qRIvi3qJhUOmQsAlyzxYRiXIyqCAg vYhSVV4q0b/hAQ9HAyf+4brOI91CBQvvlVC9qsbJRUjo31d4Fr6ArKbwgAGsPtEZ+zDR 1OqVUvmLniByS3GN1liNgGhYGHrd8DNvidbpiYoQj0+OliS2t6bizzlWAL8AU3xyH1jt YaMR3lGAVbiYSVGyF6RSHl6C4rXCg2D75IXbNI6MefZz0dKiU7Zlv2sXLTeahwIph/ZW cP6g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1770637151; x=1771241951; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=H1UIdVEJyRcSD9cbibL1/EUhyYds/omvGlCTuGenQuc=; b=tkfoqg2kw5r9rB+GdxzF5FeGmO8G4aRozk6Ghi80oOEwDwNpcW3tyEZ1t2w3lhUOfo m29JpMarL2wY9BxTPqac3KJnswp+OEO8tTf5DMGwZiENgagrA+lUg8MwoISwcVksizud Uw623B6Wcejl+sFqIKKqdPICYidSDNVQhZ/nvLLOWS1dK+u9eivPTleZXyAEUosnBE16 fZsY2NQzNdFprphoVJkW0cEBmx3idXm0VBiAfke+iHzbVFDFEH1WtraxWVzmL3JAWyIL /nhLC3MR+vKsxCoKeyVv2MtlVV/LX3822AatWspb3iVH+ltov50Ip3iC/N0InVd8iu0F MahQ== X-Gm-Message-State: AOJu0Yya9HyPGALsCFmRBTHchmrsg8HXUDrrg9TdvcMD6q12Di8r5AcW dPdicPAnp3R7uXpVyd5bCclJF/br80k4BJUWD9m20eoMfWg2n7QMM+2aa3WA4w== X-Gm-Gg: AZuq6aKdN0lQBs1vk33WNWHLVte/781Cr2oP4WmR0Fr7GW+mNTS8vtc9RX04gmW12PP Mk44V70/3kJGUGd72V1fl7JUt8/Oi12S+s7I/wAhy8egGVNW6tGriu9o8ZFtlguYMKORL1ZBxAB XHv8QnPLGlYsG7nbEseOTBUnNlJ63vP6EVHpoEz1Tq5jr9Zpr58LaQWeBfYBHjpVvEw5YQA7baf kIcoiz9Pt9Z0gP7X6UPWHbc8l4HIiSpTcCC84H1dLwpjqG5mzkmagkQji+H3NdKE2eBxt90T3u2 mV4bRXPk+JFMXBI06UbvIA/Kl42yedelcfViODrrYNlq5+yFPUTfQZskV+N6jStVKQma1+Xf70i 3iupAUHjxagyaoym5x16lAztiFbHbycn/NlGURfDYaRTpUL/HbpfHGM41aO5fsqPcE2rKE5N73w KLIyAxOVJ1 X-Received: by 2002:a05:600c:698d:b0:47e:e7de:7c41 with SMTP id 5b1f17b1804b1-483179218ebmr201777525e9.16.1770637149796; Mon, 09 Feb 2026 03:39:09 -0800 (PST) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-4834304232bsm56030375e9.2.2026.02.09.03.39.09 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 09 Feb 2026 03:39:09 -0800 (PST) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-multimedia][kirkstone][PATCH 07/16] sox: patch CVE-2017-15642 Date: Mon, 9 Feb 2026 12:38:54 +0100 Message-ID: <20260209113904.3442496-7-skandigraun@gmail.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260209113904.3442496-1-skandigraun@gmail.com> References: <20260209113904.3442496-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 09 Feb 2026 11:39:18 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/124303 Details: https://nvd.nist.gov/vuln/detail/CVE-2017-15642 Pick the patch that was identified by Debian[1] as the solution. [1]: https://security-tracker.debian.org/tracker/CVE-2017-15642 Signed-off-by: Gyorgy Sarvari --- .../sox/sox/CVE-2017-15642.patch | 35 +++++++++++++++++++ .../recipes-multimedia/sox/sox_14.4.2.bb | 1 + 2 files changed, 36 insertions(+) create mode 100644 meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-15642.patch diff --git a/meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-15642.patch b/meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-15642.patch new file mode 100644 index 0000000000..c505919edf --- /dev/null +++ b/meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-15642.patch @@ -0,0 +1,35 @@ +From eb9b33dd01ae7b3cf50894e7d5044fc2db183529 Mon Sep 17 00:00:00 2001 +From: Mans Rullgard +Date: Mon, 20 Nov 2017 11:03:15 +0000 +Subject: [PATCH] aiff: fix crash on empty comment chunk (CVE-2017-15642) + +This fixes a use after free and double free if an empty comment +chunk follows a non-empty one. + +CVE: CVE-2017-15642 +Upstream-Status: Backport [https://github.com/mansr/sox/commit/0be259eaa9ce3f3fa587a3ef0cf2c0b9c73167a2] +Signed-off-by: Gyorgy Sarvari +--- + src/aiff.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/aiff.c b/src/aiff.c +index 240d2e1..11ddb54 100644 +--- a/src/aiff.c ++++ b/src/aiff.c +@@ -62,7 +62,6 @@ int lsx_aiffstartread(sox_format_t * ft) + size_t ssndsize = 0; + char *annotation; + char *author; +- char *comment = NULL; + char *copyright; + char *nametext; + +@@ -270,6 +269,7 @@ int lsx_aiffstartread(sox_format_t * ft) + free(annotation); + } + else if (strncmp(buf, "COMT", (size_t)4) == 0) { ++ char *comment = NULL; + rc = commentChunk(&comment, "Comment:", ft); + if (rc) { + /* Fail already called in function */ diff --git a/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb b/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb index b721d84332..68441b2534 100644 --- a/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb +++ b/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb @@ -36,6 +36,7 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/sox/sox-${PV}.tar.gz \ file://CVE-2017-15370.patch \ file://CVE-2017-15371.patch \ file://CVE-2017-15372.patch \ + file://CVE-2017-15642.patch \ " SRC_URI[md5sum] = "d04fba2d9245e661f245de0577f48a33" SRC_URI[sha256sum] = "b45f598643ffbd8e363ff24d61166ccec4836fea6d3888881b8df53e3bb55f6c" From patchwork Mon Feb 9 11:38:55 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 80766 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6B2C8E78D74 for ; Mon, 9 Feb 2026 11:39:18 +0000 (UTC) Received: from mail-wm1-f43.google.com (mail-wm1-f43.google.com [209.85.128.43]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.45585.1770637152247413386 for ; Mon, 09 Feb 2026 03:39:12 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=Agp0GzVE; spf=pass (domain: gmail.com, ip: 209.85.128.43, mailfrom: skandigraun@gmail.com) Received: by mail-wm1-f43.google.com with SMTP id 5b1f17b1804b1-4805ef35864so36899295e9.0 for ; Mon, 09 Feb 2026 03:39:12 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1770637151; x=1771241951; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=ZIJtaoRYOiNXhSe6VdutqzDFVm/hCgb6dtBJzTxH9MA=; b=Agp0GzVEpHSDJmDxUU98PIDa63s2opbF6CR3j8qQgV/ms5tq4OnKo2aaKsAamt8ezz s4yVJA5ObLmNvQ2DEm6+FDUdcUYKrP7wq+1jockoksdKTGxkVNaW59A6Obu2SrEVWkKB lpxqkQWtbX8ReriGfhzAUWDx6+uABJm/gCXfyt/uJnUhKWqQpb+qlEdgvRLc5ie5/gA8 IfhBPl495SqQ2xXOpbFHdgd/F6qHOIz86SpEzo4x02cuoEzvQWSgMV/3Q/PXIyH6CD1+ Er2ELFpD4UuzMhBOy+nrgcXRd43BzRuAAEvQD6wHHWmJ1RupwZgU0tBoKhXS/NwL3if+ /SKw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1770637151; x=1771241951; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=ZIJtaoRYOiNXhSe6VdutqzDFVm/hCgb6dtBJzTxH9MA=; b=AVNwcZ9qxepPiJhBu1jCavvrtIvHuHOqDchLguxoru/frbH0GlXmMSsZ9AebOSvWQX laodmFwMiW7O2egmspRafio6PwU6AVjXw7dOSfM9lAAwu7mW89S3qWb+ZRtOVHlj74hv t+/MOALwXJPGDt1Dl4lVwBCNpx3/A1Go4wEl2CLCSSTivG00y3qU3bXUj+cN1uswDcyb vfBqxRLQTxc2IBWWwVS83NW7ZPVAD6D6OYAocNTqU+nt7gpy+Dc6w+1nvseRDHN2N3RC CQMCdoGFIyvKju5HKRuIsPKuJSpjscNBHA79fs6YmVTa4w1ggRrAYndyH83htxfR7tW3 l+IA== X-Gm-Message-State: AOJu0Yzr1EPeC0TkFG0csDLtoucrQGOZt1UrB6xzPvHBPYANADu8CWZ4 PpZoBCZf0QxdkuFiRi77elgnzuLy/badHgZ4+EMmzUQ8kjBiMaZTsf04HK7x1A== X-Gm-Gg: AZuq6aK40+YgL8uz1Kf1cnIbYbeh3GpuZKjPXGedPXDZchjRhFW3AEvwXMKA3FC8ShC jI8PHMRrWi0JpwlrzDmp0oW5+8BHaKqemsAXyXKHCueptxkG29eQzhw/xYu1v/7HlOgUiJTMc6l 17UVLTA4w1wTbBmchiZ/SfQpjeRjbLfga4+yEeYTGhqwO7uKUqMwJE9wop8kuUhR5mJF6cHQ3oF 1brrej+/ky3THuYjTK3Eyls/gqskOH7IqsKlshHwG4umTrJbJS4m5T5kapECKRCBeqLGz+9H4gh Wfxgd/6Y/jsAMMWUINjtbid3UvREkQ4y6IwGIRrnhwsb53UJsHi5TmwvFrlfQENRy6XDIbljqT7 AhDasKd8KLprcQmcyqVpphmLCo/qannnKs5BXosms62ERsh8Ise1qrf3GuKf2xw/OagUpeuXEmI r+QTaPWB1p X-Received: by 2002:a05:600c:528b:b0:477:9cdb:e337 with SMTP id 5b1f17b1804b1-483201d61c7mr159784495e9.7.1770637150490; Mon, 09 Feb 2026 03:39:10 -0800 (PST) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-4834304232bsm56030375e9.2.2026.02.09.03.39.09 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 09 Feb 2026 03:39:10 -0800 (PST) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-multimedia][kirkstone][PATCH 08/16] sox: patch CVE-2017-18189 Date: Mon, 9 Feb 2026 12:38:55 +0100 Message-ID: <20260209113904.3442496-8-skandigraun@gmail.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260209113904.3442496-1-skandigraun@gmail.com> References: <20260209113904.3442496-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 09 Feb 2026 11:39:18 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/124302 Details: https://nvd.nist.gov/vuln/detail/CVE-2017-18189 Pick the patch that was identified by Debian[1] as the solution. [1]: https://security-tracker.debian.org/tracker/CVE-2017-18189 Signed-off-by: Gyorgy Sarvari --- .../sox/sox/CVE-2017-18189.patch | 34 +++++++++++++++++++ .../recipes-multimedia/sox/sox_14.4.2.bb | 1 + 2 files changed, 35 insertions(+) create mode 100644 meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-18189.patch diff --git a/meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-18189.patch b/meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-18189.patch new file mode 100644 index 0000000000..3ca829b230 --- /dev/null +++ b/meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-18189.patch @@ -0,0 +1,34 @@ +From c9e266bc77952c873a28ae320dac2eae5cbc9934 Mon Sep 17 00:00:00 2001 +From: Mans Rullgard +Date: Thu, 9 Nov 2017 11:45:10 +0000 +Subject: [PATCH] xa: validate channel count + +A corrupt header specifying zero channels would send read_channels() +into an infinite loop. Prevent this by sanity checking the channel +count in open_read(). Also add an upper bound to prevent overflow +in multiplication. + +CVE: CVE-2017-18189 +Upstream-Status: Backport [https://github.com/mansr/sox/commit/7a8ceb86212b28243bbb6d0de636f0dfbe833e53] +Signed-off-by: Gyorgy Sarvari +--- + src/xa.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/src/xa.c b/src/xa.c +index 81a7677..9fc086e 100644 +--- a/src/xa.c ++++ b/src/xa.c +@@ -143,6 +143,12 @@ static int startread(sox_format_t * ft) + lsx_report("User options overriding rate read in .xa header"); + } + ++ if (ft->signal.channels == 0 || ft->signal.channels > UINT16_MAX) { ++ lsx_fail_errno(ft, SOX_EFMT, "invalid channel count %d", ++ ft->signal.channels); ++ return SOX_EOF; ++ } ++ + /* Check for supported formats */ + if (ft->encoding.bits_per_sample != 16) { + lsx_fail_errno(ft, SOX_EFMT, "%d-bit sample resolution not supported.", diff --git a/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb b/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb index 68441b2534..917d1db1f7 100644 --- a/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb +++ b/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb @@ -37,6 +37,7 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/sox/sox-${PV}.tar.gz \ file://CVE-2017-15371.patch \ file://CVE-2017-15372.patch \ file://CVE-2017-15642.patch \ + file://CVE-2017-18189.patch \ " SRC_URI[md5sum] = "d04fba2d9245e661f245de0577f48a33" SRC_URI[sha256sum] = "b45f598643ffbd8e363ff24d61166ccec4836fea6d3888881b8df53e3bb55f6c" From patchwork Mon Feb 9 11:38:56 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 80770 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 94407E81BA5 for ; Mon, 9 Feb 2026 11:39:18 +0000 (UTC) Received: from mail-wm1-f52.google.com (mail-wm1-f52.google.com [209.85.128.52]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.45587.1770637153007132490 for ; Mon, 09 Feb 2026 03:39:13 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=FAgaBZhl; spf=pass (domain: gmail.com, ip: 209.85.128.52, mailfrom: skandigraun@gmail.com) Received: by mail-wm1-f52.google.com with SMTP id 5b1f17b1804b1-48334ee0aeaso11860605e9.1 for ; Mon, 09 Feb 2026 03:39:12 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1770637151; x=1771241951; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=BintwLvDcCtgAT+7KCneustgdv8UVv2m1G6ImUELGYU=; b=FAgaBZhl1uK1y9lfA/awbU2MVR7kahlgtTzHGqVtSCGWM71pbowm0+esT6PEmo0JG7 VCO4kNO7c7mpFbtRCMDGZQaG59DfN+F6t2HTyFU4hL8a+N9bKWIWW8wzmCGLGOd96rI+ ele9NIKGT2q88dddUuihqiYgFtg+ytmX4wYk7o2ks4+3LCXbH9pdGzL++5KDfho5+Oac CayCFWSwA0HvznJqgNak9PWaiHUDio3alYbOhhqwg58kChQ9B0TArLkNNIvITyA/4tHM 8xkUQIHv0gCS02MArxkEkR4L7NJglMa6nk5P4CIis6/di4ck3/X/wPtnc01ebcIVPeJF 1DeQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1770637151; x=1771241951; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=BintwLvDcCtgAT+7KCneustgdv8UVv2m1G6ImUELGYU=; b=kdmTe7SzDGNKJOt121XgKVZKv71D2yg1eIXqo7v9+9X46pWOiJyAZtX2AGNj+4fcWB 3Z8yH2Q3ZIn4eig0bl2AkbRizwtG/Vwrf31/S2o8IM5nnbBaPqUYAqRDL7v1BuVU7p60 KlBfnn7LoTDI2FpBQ7CtLynzMgRuHHO9x2UI1aQ3BNac0CpI4VQClsFD06NmoLnS6oFR otfhCoDgGdkc2XGfpVTqrmY6QGShzDr4OAY6mhM/f1zviPhN9y73skR91pOyDloOy8Rv EMCkmGwnFu9J3sBhamSMQs/E617FAqsL+2tsFTVyrkkaNdEd9BO3yytQ9ZaZzrimdolQ 13yQ== X-Gm-Message-State: AOJu0YwV+9dEv2J9zKPdGWZQbHkCI1lvwyof3qTLDHbIoo7xGCZZwHSX D8gPRqarLKO0bppKGt6e1fzww4mIvchFgd0dNAKtpxR9RUOeq0yjbtcSGabkAw== X-Gm-Gg: AZuq6aImdSUoyGhFKDCf/qmkGzMI/JbpeEM8SSBT7mo7hQWNbKWXk7LaXdIxWuwFIrP FD4KjSYPhyDEUGP+vzEtq2qEnBuTmnGJ2QqHnvan9Qu6iOPN5gWrY+tDW510BT5knw7k4ZHTU1C OQ/dSvU8WndrtJujr11fz55klEapTb/OcBbVIyVbZwflov3acXgGp0HRIwicu3XjxIFkrPOyxBy ZTxVhfTBVZ4ERNfpojjlUhimZwx9t7MDNQ6b85Vwl6fRdaE+M0QZNPogDy/YTiYA+4dZIkx4zSy c5zGDGg3Pqladwu1CYzc+6ZpNHK3Ck5Yt34Ff2+aR7CJ/B2pi+R7fzt4m6rPfu3TGAybE/OkbUb u+24HvMnyQvrgdtdrJrhhmI0HVScIbWWI5i3Jt+V5W/49zdXja/f9d50C//A2e3LLh5Jdx37rOe WRNuWzrVYxti4J7qB1Y/E= X-Received: by 2002:a05:600c:348a:b0:47a:7fd0:9eea with SMTP id 5b1f17b1804b1-48337ae7016mr63572145e9.3.1770637151148; Mon, 09 Feb 2026 03:39:11 -0800 (PST) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-4834304232bsm56030375e9.2.2026.02.09.03.39.10 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 09 Feb 2026 03:39:10 -0800 (PST) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-multimedia][kirkstone][PATCH 09/16] sox: mark CVE-2019-1010004 as patched Date: Mon, 9 Feb 2026 12:38:56 +0100 Message-ID: <20260209113904.3442496-9-skandigraun@gmail.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260209113904.3442496-1-skandigraun@gmail.com> References: <20260209113904.3442496-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 09 Feb 2026 11:39:18 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/124304 Details: https://nvd.nist.gov/vuln/detail/CVE-2019-1010004 The description mentions that this vulnerability overlaps with CVE-2017-18189, and Debian's investigation[1] confirms that it is solved by the same commit. Add the ID to the CVE tag of CVE-2017-18189.patch. [1]: https://security-tracker.debian.org/tracker/CVE-2019-1010004 Signed-off-by: Gyorgy Sarvari --- meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-18189.patch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-18189.patch b/meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-18189.patch index 3ca829b230..20af7cdada 100644 --- a/meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-18189.patch +++ b/meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-18189.patch @@ -8,7 +8,7 @@ into an infinite loop. Prevent this by sanity checking the channel count in open_read(). Also add an upper bound to prevent overflow in multiplication. -CVE: CVE-2017-18189 +CVE: CVE-2017-18189 CVE-2019-1010004 Upstream-Status: Backport [https://github.com/mansr/sox/commit/7a8ceb86212b28243bbb6d0de636f0dfbe833e53] Signed-off-by: Gyorgy Sarvari --- From patchwork Mon Feb 9 11:38:57 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 80762 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4EB7BE7E0DB for ; Mon, 9 Feb 2026 11:39:18 +0000 (UTC) Received: from mail-wm1-f52.google.com (mail-wm1-f52.google.com [209.85.128.52]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.45588.1770637153572232370 for ; Mon, 09 Feb 2026 03:39:13 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=SxYFXVMS; spf=pass (domain: gmail.com, ip: 209.85.128.52, mailfrom: skandigraun@gmail.com) Received: by mail-wm1-f52.google.com with SMTP id 5b1f17b1804b1-4834826e5a0so2346575e9.2 for ; Mon, 09 Feb 2026 03:39:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1770637152; x=1771241952; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=Zy7Y6Zoiiq0QQYuG4tVvFjrMBUXRigrLYL5AD3hOtb8=; b=SxYFXVMSDVDLHMPB87RVpTfr1R+a/Vcud2l1Nr5shAF6+Kkcesr9Tuxorx7V80PGaQ LYoGy0GCSgND7M6/s55sDJ15uqlhCYKQFqkkHQeMD/dieSikuWxn/AOK94gfH4BTPhRR uJTGS+RTiWT8hjlXUxFMyt9SeXFzw0EE0VKDkMsR+zTCLbGg24juIN7NZ3HogfOJXari ODtvLQHvGwBbZUsiI545qerKknH2qZ4fn3cE/utWBV+GgiC1TltoEbBsFa0gEMssODwb gSKv4Iav9gPgowhiGARazpr2xRAAUvFqjBMB9VpZ49g80zeUyMVL+keDAEGrY4yXkp5s Vf2A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1770637152; x=1771241952; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=Zy7Y6Zoiiq0QQYuG4tVvFjrMBUXRigrLYL5AD3hOtb8=; b=TseDxOABWwZOw9RjSiwu5rlQgYolBH6NDvOmJ1yhgU3a4m2fY2ShHtWaGthbfwMCqw WKVAHxYh3El9t6NqfRkCDHnWXp2knmwsRZKsmHiB7j8kT0hGIlYVD7EdNB1kW0DwGRcI rPnq6sFlLzSv1ZWjDxRaV/uWxJsEqrkQRPzcE4KDWcDc2vlGBwtTGtjeXGuOngqN4qpX tEMUfjgndOILTz8oK4Y82TfzbODgTZdtQ837s4IlTm5CtyGNpNj0Hxuq19nSGwc5hqlu vrxBpjSETcRerX/LwUjVm1WywIGmWzyQuBL+be+WLHs8JYoTfE79oRu5sO35n7st7vnU NCsg== X-Gm-Message-State: AOJu0YzNkDLiLD41QCbH5v7uHBCd5LNfdJxmzl9TTlm9umSEY7GEmpTw cA4XM2mJJU1PzTl499enHz7zTE5uB2ByfL6l1QsRMp7zrNVSE8QU4IluZIFAoQ== X-Gm-Gg: AZuq6aL5n2IRBLCfMUvzTax6oIjv1bf1rLvq+iIGcj63ct7GIe+6YMnsnCy8DS/xYuH IDDzqgxQUN9jOHD31Q3159jsEx1z5P4znCelgkXPwf+FJpE0GGIByGYGsr+MpXU0STW05DaRS7y Q6kvsWS/U35FLA4m/dKWEvXD/KL4g7JOw9mYt2HpiDR/qbmeHqJ96TMmiQfc2BvZ23peXTs+HFN TwG6IRWZj36wQvq0/K+g2qILk16TruRLpXo5LU210xF+iCXgyp7mYOfKR4mo9oaN/LqwLagSmDE b0lVYZtaRuG22MfYWTvmBSZVOqvjc56Onu1UkRbUWSHqQh93SnW/yHmgn/87HmBSSd+oVa0bxxF YFld/8l23Ocal2p0gisxUCCLCMvvrHu2UkWYlS4zQzvVNrwuc4dFlelZXB1r871awrYJVWbu/Ap iXxPqlzVjq X-Received: by 2002:a05:600c:4f8a:b0:477:58:7cf4 with SMTP id 5b1f17b1804b1-483201dd051mr157322495e9.4.1770637151821; Mon, 09 Feb 2026 03:39:11 -0800 (PST) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-4834304232bsm56030375e9.2.2026.02.09.03.39.11 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 09 Feb 2026 03:39:11 -0800 (PST) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-multimedia][kirkstone][PATCH 10/16] sox: patch CVE-2019-13590 Date: Mon, 9 Feb 2026 12:38:57 +0100 Message-ID: <20260209113904.3442496-10-skandigraun@gmail.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260209113904.3442496-1-skandigraun@gmail.com> References: <20260209113904.3442496-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 09 Feb 2026 11:39:18 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/124305 Details: https://nvd.nist.gov/vuln/detail/CVE-2019-13590 Pick the patch that was identified by Debian[1] as the solution. [1]: https://security-tracker.debian.org/tracker/CVE-2019-13590 Signed-off-by: Gyorgy Sarvari --- .../sox/sox/CVE-2019-13590.patch | 34 +++++++++++++++++++ .../recipes-multimedia/sox/sox_14.4.2.bb | 1 + 2 files changed, 35 insertions(+) create mode 100644 meta-multimedia/recipes-multimedia/sox/sox/CVE-2019-13590.patch diff --git a/meta-multimedia/recipes-multimedia/sox/sox/CVE-2019-13590.patch b/meta-multimedia/recipes-multimedia/sox/sox/CVE-2019-13590.patch new file mode 100644 index 0000000000..4877ba8b53 --- /dev/null +++ b/meta-multimedia/recipes-multimedia/sox/sox/CVE-2019-13590.patch @@ -0,0 +1,34 @@ +From aa8f02729962a0ee5e9864de90871fa821f262be Mon Sep 17 00:00:00 2001 +From: Mans Rullgard +Date: Tue, 4 Feb 2020 12:55:18 +0000 +Subject: [PATCH] sox-fmt: validate comments_bytes before use (CVE-2019-13590) + [bug #325] + +Cap the comments size to 1 GB to avoid overflows in subsequent +arithmetic. + +The missing null check mentioned in the bug report is bogus since +lsx_calloc() returns a valid pointer or aborts. + +CVE: CVE-2019-13590 +Upstream-Status: Backport [https://github.com/mansr/sox/commit/7b6a889217d62ed7e28188621403cc7542fd1f7e] +Signed-off-by: Gyorgy Sarvari +--- + src/sox-fmt.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/src/sox-fmt.c b/src/sox-fmt.c +index aad965c..11c8877 100644 +--- a/src/sox-fmt.c ++++ b/src/sox-fmt.c +@@ -46,7 +46,9 @@ static int startread(sox_format_t * ft) + lsx_readdw(ft, &comments_bytes)) + return SOX_EOF; + +- if (((headers_bytes + 4) & 7) || headers_bytes < FIXED_HDR + comments_bytes || ++ if (((headers_bytes + 4) & 7) || ++ comments_bytes > 0x40000000 || /* max 1 GB */ ++ headers_bytes < FIXED_HDR + comments_bytes || + (num_channels > 65535)) /* Reserve top 16 bits */ { + lsx_fail_errno(ft, SOX_EHDR, "invalid sox file format header"); + return SOX_EOF; diff --git a/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb b/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb index 917d1db1f7..2eb3adbf97 100644 --- a/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb +++ b/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb @@ -38,6 +38,7 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/sox/sox-${PV}.tar.gz \ file://CVE-2017-15372.patch \ file://CVE-2017-15642.patch \ file://CVE-2017-18189.patch \ + file://CVE-2019-13590.patch \ " SRC_URI[md5sum] = "d04fba2d9245e661f245de0577f48a33" SRC_URI[sha256sum] = "b45f598643ffbd8e363ff24d61166ccec4836fea6d3888881b8df53e3bb55f6c" From patchwork Mon Feb 9 11:38:58 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 80761 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3BB49E7E0D5 for ; Mon, 9 Feb 2026 11:39:18 +0000 (UTC) Received: from mail-wm1-f46.google.com (mail-wm1-f46.google.com [209.85.128.46]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.45589.1770637154221490205 for ; Mon, 09 Feb 2026 03:39:14 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=U3NseKsJ; spf=pass (domain: gmail.com, ip: 209.85.128.46, mailfrom: skandigraun@gmail.com) Received: by mail-wm1-f46.google.com with SMTP id 5b1f17b1804b1-47ee3a63300so48799065e9.2 for ; Mon, 09 Feb 2026 03:39:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1770637152; x=1771241952; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=hPp7FEq9X1pWomhWvNsnlWP0TwYxk8plMYwCC+2L7/M=; b=U3NseKsJB0Fni0GKZRWiaiK/OrTZ0jeiSHW/lOLIbD2+yMPgccIFLFdNBEztb0OSIy Fzy7HLaEH7wk+Ar9sEKN68fiM0d7pfv8EOD3VDpzvKhvXtjBoStrejd9gn50M2rKTyZo r6EAWqZzixdTA009jkUd9meSIVx0rr1jWhxFJYA8Erg7ftJizgBo2ZY8/1PZzfd+XmoV owOMM5/m/QxrIaPCoWEbYx9s3jN6nUHRGfrsGci5odi3lCdXnrPnV4i36HtNf7lkJGWA XGg5CcH+y6SVGgNzdq0JENw0Q0msbEdN8mHvxe3OrclhDVt9ls8ujuf824Uc8QHWI0oy RCgQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1770637152; x=1771241952; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=hPp7FEq9X1pWomhWvNsnlWP0TwYxk8plMYwCC+2L7/M=; b=ov+nt9L7ZVpXOwHcSdTk/M8koyr3+/5iruCPGGJBkDoXjmMgofV0hQHjh2ZEcpOKRG rlFEuqS+h3c0IQmGhfmdh4YsfaClO9R0O+1/hMJ5Chz2OW97H4cMmXdoi15BH0xqMKIU IIK/xiBLFgh54fWOkm3y5jBQ8t3n0lu0GbtCRslGBHrtPpleG7qLI7XiNSrWO0Z4g6dF ctxzg9vti5msGUxl34LFWzV2MU8dFHk3tb5zpHynbP72blH0+o3XyItCa6xaLLM5vsEQ SHeNfarsaMlBZEJmhL7Bf7h5q5y851QS5M7DE0Vr8oLuos+fyrSy396zVDcrK4l/hLzR 3VCQ== X-Gm-Message-State: AOJu0Ywqx/eTpwQHe6hPXfSHTeHrC7PyXYJIfjPJB8TK+7ZFgodfd+Ql QAVGW4S9lPk5fezXE0fxjFIXJgOUYtqiT3wVIEq+KBiCgX/VAwzy69hkHrKxJw== X-Gm-Gg: AZuq6aINun0v0kAK/2Eiec3lvL835YZjQTuvE0JK971WpSUAGDoNJV2M03vfyWWOxdb zGfCTNR6VdGJiqiGxHSV8mr8LeYNU8XCHEVmeocbEfjtz+tvZF7wySqLUPuTGO3GgPjs3cMaUAG CPTjNLtI7K+eDwRxrJWi/pycK5bnZnNo7xFbVe0ggN9DYWsGLY3vwsEQ73yvvczXgOlz+BwmoSD /O7HmG1H2UqhrXTBOWcOELvJ+q4mmXxccVbTAlsgkUoBSJOClNzWX/VyFfq1jAxRtWmaLPGaexk V9rOtGMAiVnw/cprXsPc74tZXH76q2nrDbuhw84WYC5XUx01J7BXqjjMtkDNt/n5uIMQ4fx4rf1 vpQBbMejRR6EuULnzLVVxFfi6Glat83Lk8UCbaSI6b772h6p2eJditI3/tMkwmD3Z160qE7EVLr 3j7Dg3RLnG X-Received: by 2002:a05:600c:64c6:b0:477:a36f:1a57 with SMTP id 5b1f17b1804b1-483201fffeamr150281935e9.3.1770637152462; Mon, 09 Feb 2026 03:39:12 -0800 (PST) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-4834304232bsm56030375e9.2.2026.02.09.03.39.11 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 09 Feb 2026 03:39:12 -0800 (PST) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-multimedia][kirkstone][PATCH 11/16] sox: patch CVE-2019-8354 Date: Mon, 9 Feb 2026 12:38:58 +0100 Message-ID: <20260209113904.3442496-11-skandigraun@gmail.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260209113904.3442496-1-skandigraun@gmail.com> References: <20260209113904.3442496-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 09 Feb 2026 11:39:18 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/124306 Details: https://nvd.nist.gov/vuln/detail/CVE-2019-8354 Pick the patch that was identified by Debian[1] as the solution. [1]: https://security-tracker.debian.org/tracker/CVE-2019-8354 Signed-off-by: Gyorgy Sarvari --- .../sox/sox/CVE-2019-8354.patch | 29 +++++++++++++++++++ .../recipes-multimedia/sox/sox_14.4.2.bb | 1 + 2 files changed, 30 insertions(+) create mode 100644 meta-multimedia/recipes-multimedia/sox/sox/CVE-2019-8354.patch diff --git a/meta-multimedia/recipes-multimedia/sox/sox/CVE-2019-8354.patch b/meta-multimedia/recipes-multimedia/sox/sox/CVE-2019-8354.patch new file mode 100644 index 0000000000..c45917c1c9 --- /dev/null +++ b/meta-multimedia/recipes-multimedia/sox/sox/CVE-2019-8354.patch @@ -0,0 +1,29 @@ +From 5066f093b08b4033f59ea6d99001f059e919239b Mon Sep 17 00:00:00 2001 +From: Mans Rullgard +Date: Wed, 24 Apr 2019 14:57:34 +0100 +Subject: [PATCH] fix possible buffer size overflow in lsx_make_lpf() + (CVE-2019-8354) + +The multiplication in the size argument malloc() might overflow, +resulting in a small buffer being allocated. Use calloc() instead. + +CVE: CVE-2019-8354 +Upstream-Status: Backport [https://github.com/mansr/sox/commit/f70911261a84333b077c29908e1242f69d7439eb] +Signed-off-by: Gyorgy Sarvari +--- + src/effects_i_dsp.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/effects_i_dsp.c b/src/effects_i_dsp.c +index a979b50..e32dfa0 100644 +--- a/src/effects_i_dsp.c ++++ b/src/effects_i_dsp.c +@@ -357,7 +357,7 @@ double * lsx_make_lpf(int num_taps, double Fc, double beta, double rho, + double scale, sox_bool dc_norm) + { + int i, m = num_taps - 1; +- double * h = malloc(num_taps * sizeof(*h)), sum = 0; ++ double * h = calloc(num_taps, sizeof(*h)), sum = 0; + double mult = scale / lsx_bessel_I_0(beta), mult1 = 1 / (.5 * m + rho); + assert(Fc >= 0 && Fc <= 1); + lsx_debug("make_lpf(n=%i Fc=%.7g β=%g ρ=%g dc-norm=%i scale=%g)", num_taps, Fc, beta, rho, dc_norm, scale); diff --git a/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb b/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb index 2eb3adbf97..b2b2542cd5 100644 --- a/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb +++ b/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb @@ -39,6 +39,7 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/sox/sox-${PV}.tar.gz \ file://CVE-2017-15642.patch \ file://CVE-2017-18189.patch \ file://CVE-2019-13590.patch \ + file://CVE-2019-8354.patch \ " SRC_URI[md5sum] = "d04fba2d9245e661f245de0577f48a33" SRC_URI[sha256sum] = "b45f598643ffbd8e363ff24d61166ccec4836fea6d3888881b8df53e3bb55f6c" From patchwork Mon Feb 9 11:38:59 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 80764 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3ED26E7E0D9 for ; Mon, 9 Feb 2026 11:39:18 +0000 (UTC) Received: from mail-wm1-f43.google.com (mail-wm1-f43.google.com [209.85.128.43]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.45591.1770637155275419551 for ; Mon, 09 Feb 2026 03:39:15 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=FOo86fMq; spf=pass (domain: gmail.com, ip: 209.85.128.43, mailfrom: skandigraun@gmail.com) Received: by mail-wm1-f43.google.com with SMTP id 5b1f17b1804b1-48329eb96a7so11408415e9.3 for ; Mon, 09 Feb 2026 03:39:15 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1770637154; x=1771241954; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=hBsQXfmehcwzh3K0vD9GTGtb2RlzvqyXl1UmFsGQyXo=; b=FOo86fMq0+5KaRz//XDAgGfAoi/xsJUie7vd0eZpOCLRMnWstsINe2dIZM8PjT+VXY tu9/uDBD+5R7x4HjGRoO1gvBjnNxpwj/sHQgPKAgwanfKTcRMWSXlDqCOBvaZrWaBE1X nnc3REekbDmUcpiFEqQ54XI0cLVRb/axqM38YgHcKezbSR9qdLl5ckILFs3r5U+Esvos dei0gUloojDgwiXHRxuCE/ArOSAICnxjfW8Ivrs27e1L9JHz2gwnh6Ub9AqyZfq5kl7u a3MO8SEIJqqKv4iIfAXLvb4Lc6taj7sgOpy+XcIFVeX2J+0A1t4FIgwzNuOLDHYHOj43 TNbA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1770637154; x=1771241954; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=hBsQXfmehcwzh3K0vD9GTGtb2RlzvqyXl1UmFsGQyXo=; b=L998K8nGwl95zIUI/gOkaMRaBjKE43yA3L9gopo5BcHnz+0RaSQ7STZnfm0GeEhB6s zJ399EsJLuQZI8gOz6xnHYNWDrmpzJt4OmNruvcLP7eR1vACnBXdBjXDgxcXmHGtP6sw 4X5e+/vw86zaIocnsKFJQk8cKtnoycLcNJYsQ2O+ijZ9KLT6braPX5+snhCal37ZRUvw g+59y7zMd4AuLFaHNJn7QWfJNvTV/3GDatgU772aAjGRhWCugTZ4o5AzrpGNC0QhTHUx fVDgJZ/1xLpVspB/Gh6h/eqo0W+VSnfrKloE01BBubeNQ1ixoIx5wbRC4/xPaISPho9A RZKw== X-Gm-Message-State: AOJu0YxCuCBiaP0/neZFh2i/K+g3NNnjE0+JiT+8x1tI9iaHgddgsse4 jsGgeH1byO8sr8fsm/ShOBmuMk+qSDorG6kVN4aTT3XZ9AKabnKFGFQcfnuZiA== X-Gm-Gg: AZuq6aKoRfcSJHnAAA+Z544dFt3VcefLkrE2nkJoEEUMIJ7dVTWptLgPHpCOw1UkKby xATIfJaupfZ13W3+4tWe3lqWpty4J3AO+aUNdGiAFRxJsZdJV0pWTUjvYx4DIZuit3HoAuQBmUu jc5+LrbX0jD4Y1dMtkgml7EHiGFWTLpTEj6/OD6dGzijYldU52gDxl6YWYy3x02IQA2WcqSysn3 Wx78LXBheOArRMt1ikxXq5OQFgbRGLJweJe42KzrpShCXt13lR4wGCHJlLR0wp8+RCbW4uFsf/o c6KaBDzTqayM4S0+UuMEGXxJQ6ubZx+rtuPi/2zxc+smo+WCbz4Dzr5L7BjHkOzOmdFaKQT3vVC WKtIzQ3QvGu1As6BacgZCw3NCAHRikQTXKo8vdQrShpVV6SXZoX2P5U8o3dG5wxudIBI9Ntqtn/ oE+yfU8Iyv X-Received: by 2002:a05:600c:1548:b0:480:1e9e:f9c with SMTP id 5b1f17b1804b1-48320933613mr147022045e9.10.1770637153471; Mon, 09 Feb 2026 03:39:13 -0800 (PST) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-4834304232bsm56030375e9.2.2026.02.09.03.39.12 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 09 Feb 2026 03:39:12 -0800 (PST) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-oe][kirkstone][PATCH 12/16] tigervnc: sync xserver component with oe-core Date: Mon, 9 Feb 2026 12:38:59 +0100 Message-ID: <20260209113904.3442496-12-skandigraun@gmail.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260209113904.3442496-1-skandigraun@gmail.com> References: <20260209113904.3442496-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 09 Feb 2026 11:39:18 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/124307 oe-core has a newer version of xserver than this recipe used to compile TigerVNC with. This recipe updates xserver to the same version, 21.1.18. TigerVNC only started to support this xserver version 2 versions later, with 1.13. Due to this 3 commits were backported that add the missing changes. Signed-off-by: Gyorgy Sarvari --- ...ncrease-supported-Xorg-version-to-1..patch | 29 ++++++ ...server21.1.1.patch-Add-Xorg-21-patch.patch | 95 +++++++++++++++++++ .../files/0001-xvnc-adapt-for-1.21.patch | 46 +++++++++ .../tigervnc/tigervnc_1.11.0.bb | 33 ++----- 4 files changed, 180 insertions(+), 23 deletions(-) create mode 100644 meta-oe/recipes-graphics/tigervnc/files/0001-xorg-version.h-Increase-supported-Xorg-version-to-1..patch create mode 100644 meta-oe/recipes-graphics/tigervnc/files/0001-xserver21.1.1.patch-Add-Xorg-21-patch.patch create mode 100644 meta-oe/recipes-graphics/tigervnc/files/0001-xvnc-adapt-for-1.21.patch diff --git a/meta-oe/recipes-graphics/tigervnc/files/0001-xorg-version.h-Increase-supported-Xorg-version-to-1..patch b/meta-oe/recipes-graphics/tigervnc/files/0001-xorg-version.h-Increase-supported-Xorg-version-to-1..patch new file mode 100644 index 0000000000..fd2871976a --- /dev/null +++ b/meta-oe/recipes-graphics/tigervnc/files/0001-xorg-version.h-Increase-supported-Xorg-version-to-1..patch @@ -0,0 +1,29 @@ +From 59f302c28cc15f2d7749840a311c2085c75d5833 Mon Sep 17 00:00:00 2001 +From: Gyorgy Sarvari +Date: Wed, 24 Nov 2021 21:09:36 +0100 +Subject: [PATCH] xorg-version.h: Increase supported Xorg version to 1.21 + +From: Joakim Tjernlund + +Upstream-Status: Backport [https://github.com/TigerVNC/tigervnc/commit/736b50d04e1ba965696cd15d456dc2b7fc123150] +Signed-off-by: Gyorgy Sarvari +--- + unix/xserver/hw/vnc/xorg-version.h | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/unix/xserver/hw/vnc/xorg-version.h b/unix/xserver/hw/vnc/xorg-version.h +index 5effe7e9..2449980d 100644 +--- a/unix/xserver/hw/vnc/xorg-version.h ++++ b/unix/xserver/hw/vnc/xorg-version.h +@@ -36,8 +36,10 @@ + #define XORG 119 + #elif XORG_VERSION_CURRENT < ((1 * 10000000) + (20 * 100000) + (99 * 1000)) + #define XORG 120 ++#elif XORG_VERSION_CURRENT < ((1 * 10000000) + (21 * 100000) + (99 * 1000)) ++#define XORG 121 + #else +-#error "X.Org newer than 1.20 is not supported" ++#error "X.Org newer than 1.21 is not supported" + #endif + + #endif diff --git a/meta-oe/recipes-graphics/tigervnc/files/0001-xserver21.1.1.patch-Add-Xorg-21-patch.patch b/meta-oe/recipes-graphics/tigervnc/files/0001-xserver21.1.1.patch-Add-Xorg-21-patch.patch new file mode 100644 index 0000000000..deb326e7a9 --- /dev/null +++ b/meta-oe/recipes-graphics/tigervnc/files/0001-xserver21.1.1.patch-Add-Xorg-21-patch.patch @@ -0,0 +1,95 @@ +From 4af7be2ac0d6e39a23ab4a9df964a2888659051a Mon Sep 17 00:00:00 2001 +From: Gyorgy Sarvari +Date: Fri, 26 Nov 2021 11:15:21 +0100 +Subject: [PATCH] xserver21.1.1.patch: Add Xorg 21 patch + +From: Joakim Tjernlund + +Upstream-Status: Backport [https://github.com/TigerVNC/tigervnc/commit/0c5a2b2e7759c2829c07186cfce4d24aa9b5274e] +Signed-off-by: Gyorgy Sarvari +--- + unix/xserver21.patch | 75 ++++++++++++++++++++++++++++++++++++++++ + 1 file changed, 75 insertions(+) + create mode 100644 unix/xserver21.patch + +diff --git a/unix/xserver21.patch b/unix/xserver21.patch +new file mode 100644 +index 00000000..a349af75 +--- /dev/null ++++ b/unix/xserver21.patch +@@ -0,0 +1,75 @@ ++diff -urpN xorg-server-1.20.0/configure.ac xorg-server-1.20.0/configure.ac ++--- xorg-server-1.20.0/configure.ac 2018-05-10 09:32:34.000000000 -0700 +++++ xorg-server-1.20.0/configure.ac 2018-06-13 19:04:47.536413626 -0700 ++@@ -74,6 +74,7 @@ dnl forcing an entire recompile.x ++ AC_CONFIG_HEADERS(include/version-config.h) ++ ++ AM_PROG_AS +++AC_PROG_CXX ++ AC_PROG_LN_S ++ LT_PREREQ([2.2]) ++ LT_INIT([disable-static win32-dll]) ++@@ -1777,6 +1778,10 @@ if test "x$XVFB" = xyes; then ++ AC_SUBST([XVFB_SYS_LIBS]) ++ fi ++ +++dnl Xvnc DDX +++AC_SUBST([XVNC_CPPFLAGS], ["-DHAVE_DIX_CONFIG_H $XSERVER_CFLAGS"]) +++AC_SUBST([XVNC_LIBS], ["$FB_LIB $FIXES_LIB $XEXT_LIB $CONFIG_LIB $DBE_LIB $RECORD_LIB $GLX_LIBS $RANDR_LIB $RENDER_LIB $DAMAGE_LIB $DRI3_LIB $PRESENT_LIB $MIEXT_SYNC_LIB $MIEXT_DAMAGE_LIB $MIEXT_SHADOW_LIB $XI_LIB $XKB_LIB $XKB_STUB_LIB $COMPOSITE_LIB $MAIN_LIB"]) +++AC_SUBST([XVNC_SYS_LIBS], ["$GLX_SYS_LIBS"]) ++ ++ dnl Xnest DDX ++ ++@@ -1812,6 +1817,8 @@ if test "x$XORG" = xauto; then ++ fi ++ AC_MSG_RESULT([$XORG]) ++ +++AC_DEFINE_UNQUOTED(XORG_VERSION_CURRENT, [$VENDOR_RELEASE], [Current Xorg version]) +++ ++ if test "x$XORG" = xyes; then ++ XORG_DDXINCS='-I$(top_srcdir)/hw/xfree86 -I$(top_srcdir)/hw/xfree86/include -I$(top_srcdir)/hw/xfree86/common' ++ XORG_OSINCS='-I$(top_srcdir)/hw/xfree86/os-support -I$(top_srcdir)/hw/xfree86/os-support/bus -I$(top_srcdir)/os' ++@@ -2029,7 +2036,6 @@ if test "x$XORG" = xyes; then ++ AC_DEFINE(XORG_SERVER, 1, [Building Xorg server]) ++ AC_DEFINE(XORGSERVER, 1, [Building Xorg server]) ++ AC_DEFINE(XFree86Server, 1, [Building XFree86 server]) ++- AC_DEFINE_UNQUOTED(XORG_VERSION_CURRENT, [$VENDOR_RELEASE], [Current Xorg version]) ++ AC_DEFINE(NEED_XF86_TYPES, 1, [Need XFree86 typedefs]) ++ AC_DEFINE(NEED_XF86_PROTOTYPES, 1, [Need XFree86 helper functions]) ++ AC_DEFINE(__XSERVERNAME__, "Xorg", [Name of X server]) ++@@ -2565,6 +2571,7 @@ hw/dmx/Makefile ++ hw/dmx/man/Makefile ++ hw/vfb/Makefile ++ hw/vfb/man/Makefile +++hw/vnc/Makefile ++ hw/xnest/Makefile ++ hw/xnest/man/Makefile ++ hw/xwin/Makefile ++diff -urpN xorg-server-1.20.0/hw/Makefile.am xorg-server-1.20.0/hw/Makefile.am ++--- xorg-server-1.20.0/hw/Makefile.am 2018-05-10 09:32:34.000000000 -0700 +++++ xorg-server-1.20.0/hw/Makefile.am 2018-06-13 19:04:47.536413626 -0700 ++@@ -44,3 +44,5 @@ ++ ++ relink: ++ $(AM_V_at)for i in $(SUBDIRS) ; do $(MAKE) -C $$i relink || exit 1 ; done +++ +++SUBDIRS += vnc ++diff -urpN xorg-server-1.20.0/mi/miinitext.c xorg-server-1.20.0/mi/miinitext.c ++--- xorg-server-1.20.0/mi/miinitext.c 2018-05-10 09:32:37.000000000 -0700 +++++ xorg-server-1.20.0/mi/miinitext.c 2018-06-13 19:05:14.742200675 -0700 ++@@ -107,8 +107,15 @@ SOFTWARE. ++ #include "os.h" ++ #include "globals.h" ++ +++#ifdef TIGERVNC +++extern void vncExtensionInit(void); +++#endif +++ ++ /* List of built-in (statically linked) extensions */ ++ static const ExtensionModule staticExtensions[] = { +++#ifdef TIGERVNC +++ {vncExtensionInit, "VNC-EXTENSION", NULL}, +++#endif ++ {GEExtensionInit, "Generic Event Extension", &noGEExtension}, ++ {ShapeExtensionInit, "SHAPE", NULL}, ++ #ifdef MITSHM diff --git a/meta-oe/recipes-graphics/tigervnc/files/0001-xvnc-adapt-for-1.21.patch b/meta-oe/recipes-graphics/tigervnc/files/0001-xvnc-adapt-for-1.21.patch new file mode 100644 index 0000000000..4f47e11ac4 --- /dev/null +++ b/meta-oe/recipes-graphics/tigervnc/files/0001-xvnc-adapt-for-1.21.patch @@ -0,0 +1,46 @@ +From 7d18a77dfbef8ffe2b17b31098c75316b13f1597 Mon Sep 17 00:00:00 2001 +From: Gyorgy Sarvari +Date: Wed, 24 Nov 2021 21:10:56 +0100 +Subject: [PATCH] xvnc: adapt for 1.21 + +From: Joakim Tjernlund + +VENDOR_STRING is gone as is DEFAULT_LOG_VERBOSITY +site.h has been removed and is not needed. + +Upstream-Status: Backport [https://github.com/TigerVNC/tigervnc/commit/f2577107f7f55382c524d8c738a777e5cdd80f60] +Signed-off-by: Gyorgy Sarvari +--- + unix/xserver/hw/vnc/xvnc.c | 6 ++---- + 1 file changed, 2 insertions(+), 4 deletions(-) + +diff --git a/unix/xserver/hw/vnc/xvnc.c b/unix/xserver/hw/vnc/xvnc.c +index fda6205f..d16a4355 100644 +--- a/unix/xserver/hw/vnc/xvnc.c ++++ b/unix/xserver/hw/vnc/xvnc.c +@@ -80,7 +80,6 @@ from the X Consortium. + #undef VENDOR_RELEASE + #undef VENDOR_STRING + #include "version-config.h" +-#include "site.h" + + #define XVNCVERSION "TigerVNC 1.11.0" + #define XVNCCOPYRIGHT ("Copyright (C) 1999-2020 TigerVNC Team and many others (see README.rst)\n" \ +@@ -148,15 +147,14 @@ static Bool Render = TRUE; + static Bool displaySpecified = FALSE; + static char displayNumStr[16]; + +-static int vncVerbose = DEFAULT_LOG_VERBOSITY; ++static int vncVerbose = 0; + + + static void + vncPrintBanner(void) + { + ErrorF("\nXvnc %s - built %s\n%s", XVNCVERSION, buildtime, XVNCCOPYRIGHT); +- ErrorF("Underlying X server release %d, %s\n\n", VENDOR_RELEASE, +- VENDOR_STRING); ++ ErrorF("Underlying X server release %d\n\n", VENDOR_RELEASE); + } + + static void diff --git a/meta-oe/recipes-graphics/tigervnc/tigervnc_1.11.0.bb b/meta-oe/recipes-graphics/tigervnc/tigervnc_1.11.0.bb index 699c0ed74f..f995c1ef08 100644 --- a/meta-oe/recipes-graphics/tigervnc/tigervnc_1.11.0.bb +++ b/meta-oe/recipes-graphics/tigervnc/tigervnc_1.11.0.bb @@ -21,15 +21,18 @@ SRC_URI = "git://github.com/TigerVNC/tigervnc.git;branch=1.11-branch;protocol=ht file://0002-do-not-build-tests-sub-directory.patch \ file://0003-add-missing-dynamic-library-to-FLTK_LIBRARIES.patch \ file://0004-tigervnc-add-fPIC-option-to-COMPILE_FLAGS.patch \ + file://0001-xserver21.1.1.patch-Add-Xorg-21-patch.patch \ + file://0001-xorg-version.h-Increase-supported-Xorg-version-to-1..patch \ + file://0001-xvnc-adapt-for-1.21.patch \ " # Keep sync with xorg-server in oe-core XORG_PN ?= "xorg-server" -XORG_PV ?= "1.20.6" -SRC_URI += "${XORG_MIRROR}/individual/xserver/${XORG_PN}-${XORG_PV}.tar.bz2;name=xorg" +XORG_PV ?= "21.1.18" +SRC_URI += "${XORG_MIRROR}/individual/xserver/${XORG_PN}-${XORG_PV}.tar.xz;name=xorg" XORG_S = "${WORKDIR}/${XORG_PN}-${XORG_PV}" -SRC_URI[xorg.md5sum] = "a98170084f2c8fed480d2ff601f8a14b" -SRC_URI[xorg.sha256sum] = "6316146304e6e8a36d5904987ae2917b5d5b195dc9fc63d67f7aca137e5a51d1" +SRC_URI[xorg.md5sum] = "43225ddc1fd8d7ae7671c25ab6d1f927" +SRC_URI[xorg.sha256sum] = "c878d1930d87725d4a5bf498c24f4be8130d5b2646a9fd0f2994deff90116352" # It is the directory containing the Xorg source for the # machine on which you are building TigerVNC. @@ -37,27 +40,11 @@ XSERVER_SOURCE_DIR="${S}/unix/xserver" do_patch[postfuncs] += "do_patch_xserver" do_patch_xserver () { - for subdir in Xext xkb GL hw/xquartz/bundle hw/xfree86/common; do - install -d ${XSERVER_SOURCE_DIR}/$subdir - done - - for subdir in hw/dmx/doc man doc hw/dmx/doxygen; do - install -d ${XSERVER_SOURCE_DIR}/$subdir - done - - sources="hw/xquartz/bundle/cpprules.in man/Xserver.man doc/smartsched \ - hw/dmx/doxygen/doxygen.conf.in xserver.ent.in xkb/README.compiled \ - hw/xfree86/xorgconf.cpp hw/xfree86/Xorg.sh.in" - for i in ${sources}; do - install -m 0644 ${XORG_S}/$i ${XSERVER_SOURCE_DIR}/$i; - done - - cd ${XORG_S} - find . -type f | egrep '.*\.(c|h|am|ac|inc|m4|h.in|pc.in|man.pre|pl|txt)$' | \ - xargs tar cf - | (cd ${XSERVER_SOURCE_DIR} && tar xf -) + # Put the xserver source in the right place in the tigervnc source tree + cp -rfl ${XORG_S}/* ${XSERVER_SOURCE_DIR} cd ${XSERVER_SOURCE_DIR} - xserverpatch="${S}/unix/xserver120.patch" + xserverpatch="${S}/unix/xserver21.patch" echo "Apply $xserverpatch" patch -p1 -b --suffix .vnc < $xserverpatch } From patchwork Mon Feb 9 11:39:00 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 80760 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 28CDDE7E0D3 for ; Mon, 9 Feb 2026 11:39:18 +0000 (UTC) Received: from mail-wm1-f52.google.com (mail-wm1-f52.google.com [209.85.128.52]) by mx.groups.io with SMTP id smtpd.msgproc01-g2.45792.1770637156032523230 for ; Mon, 09 Feb 2026 03:39:16 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=cieHUYN9; spf=pass (domain: gmail.com, ip: 209.85.128.52, mailfrom: skandigraun@gmail.com) Received: by mail-wm1-f52.google.com with SMTP id 5b1f17b1804b1-48329eb96a7so11408425e9.3 for ; Mon, 09 Feb 2026 03:39:15 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1770637154; x=1771241954; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=8KniZGCwMCBhyjWz7aYWTEPQ2NHfOebtBjtmslglI9k=; b=cieHUYN9+TOLpL/cfuuaC8mVvEP6Kh9zmdUE5EUBfTEbOwf3V29nRvF3oN8X1sJtrS P7cgGCfqswMz5zsFMWutKef0kK4OmjhP18mIwGXJYewU4YsYYRcX2J2PSXTObTNf3whX Y4aRkSiVWBZBQIMeriGo0u1KBMm/ot010J94YXNgB04YidqoQlcOCHbb6+59Y4NiwDVV D6IjZb/cd6Cb0FOuEOZpTjPOgkQCcD0LwYueNO2Paqk6+Ret6fempIHFXUMjTdpfH/Hd bb5545g5PiwI8WEQBXbDuqt8iviqwZj+llvb5ZQ0ogSDPbON80zt8usRhu++4gE7PVhG yayw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1770637154; x=1771241954; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=8KniZGCwMCBhyjWz7aYWTEPQ2NHfOebtBjtmslglI9k=; b=GN1XuUkDuMuLjL0OWA6nIKXPFJd6eB2omyyDUpXVj2uU8FdICmUWEaxr3aVmTnw1ig e73u/e+83I/IpgYUM22hARiyjhf+n+VuX/K4jRIxH/jRFi+pyMKy2+lzRMV0KjE/CBxZ ttDwbRtOyjFBLZTGRqAa00uN3roUUo5oC3oU1zfa42ZbHwBqFGijEM4am3e/8NeYDxE9 dZCphAsBxcc9/sCj7aw2CH+zcKtQ+Xzy336Qq0GdZ72oeMGdfe0j09hZtxulvZO8Ntb9 EPTqzeRfClXN9ELZaFx7JtGftMx8/2Cg/b8JXxeklzFgKRIsFcysepqjvivW8xDZJ+ex t0Xg== X-Gm-Message-State: AOJu0YxiuACa7Csa54PfhittQYfUxDEbQ0WaqFAnBbz4F8rw4zRO/dWi yMHRBjDHwn/QugtjC/FERDEaaiJJCKYezXJdr/X5TLF7wON5LX2iB3Ydmi+G/w== X-Gm-Gg: AZuq6aJSbVpXOTe7gPJkONhpz9r8jT26HtC/nMzBXckyMN12h9FPtBEc/qtHQzaOMMe l+vdUsRlouZhR60wTPD89jFtxpWNvPuKoyNyGgELD4CdGt55U+265lMGc3CjlqBkjwlnXzcHgxN bAQSufqLBgzS3GXzvmdxHENDvmZBAKiZMhcL/qHMk0ygqw269R82PHdFn1QbMmegQIGmhutMhs9 rOfjvFySJlrT/JzBCpggHZTnrqvfETXBoDegrAtHtIlhOSWhRiD71zWL7ZM2rw0Lr0orTOwJyI5 1B/f7IwnaWKWDOpRe2b8bGUoAfekKB5K7bU01b9dtiOXodnst+A9Rz64MY3P/j0imcWga3E3wZb /+Wi6YDNOICKAaI5+rNqM0rDj4h61IarAOJl3zenTNnKoDzvqp96DpLrvpx/tyZr84Nhd72E35H aJIS0HGJTJEQ7GBLw0O+ZB X-Received: by 2002:a05:600c:5307:b0:480:4a4f:c36f with SMTP id 5b1f17b1804b1-4832096671dmr167229855e9.21.1770637154207; Mon, 09 Feb 2026 03:39:14 -0800 (PST) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-4834304232bsm56030375e9.2.2026.02.09.03.39.13 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 09 Feb 2026 03:39:13 -0800 (PST) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-oe][kirkstone][PATCH 13/16] tigervnc: ignore CVE-2023-6377 Date: Mon, 9 Feb 2026 12:39:00 +0100 Message-ID: <20260209113904.3442496-13-skandigraun@gmail.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260209113904.3442496-1-skandigraun@gmail.com> References: <20260209113904.3442496-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 09 Feb 2026 11:39:18 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/124308 Details: https://nvd.nist.gov/vuln/detail/CVE-2023-6377 TigerVNC compiles its own xserver, this is why this CVE is associated with it - despite the vulnerability being in xserver. The vulnerability was fixed by [1] (from the nvd report), which has been backported[2] to the xserver version used by the recipe - so ignore the CVE, since it's patched already. [1]: https://gitlab.freedesktop.org/xorg/xserver/-/commit/0c1a93d319558fe3ab2d94f51d174b4f93810afd [2]: https://gitlab.freedesktop.org/xorg/xserver/-/commit/a7bda3080d2b44eae668cdcec7a93095385b9652 Signed-off-by: Gyorgy Sarvari Signed-off-by: Khem Raj (cherry picked from commit f691f2178b15eec22f09a1c17b9945fad4e330e6) Signed-off-by: Gyorgy Sarvari --- meta-oe/recipes-graphics/tigervnc/tigervnc_1.11.0.bb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta-oe/recipes-graphics/tigervnc/tigervnc_1.11.0.bb b/meta-oe/recipes-graphics/tigervnc/tigervnc_1.11.0.bb index f995c1ef08..9e4d05186f 100644 --- a/meta-oe/recipes-graphics/tigervnc/tigervnc_1.11.0.bb +++ b/meta-oe/recipes-graphics/tigervnc/tigervnc_1.11.0.bb @@ -121,3 +121,6 @@ FILES:${PN}-dbg += "${libdir}/xorg/modules/extensions/.debug" # fixed-version: The vulnerable code is not present in the used version (1.11.0) CVE_CHECK_IGNORE += "CVE-2014-8241" + +# fixed-version: The vulnerable code is not present in the used xserver version (21.1.18) +CVE_CHECK_IGNORE += "CVE-2023-6377" From patchwork Mon Feb 9 11:39:01 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 80758 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 15411E7E0D2 for ; Mon, 9 Feb 2026 11:39:18 +0000 (UTC) Received: from mail-wm1-f49.google.com (mail-wm1-f49.google.com [209.85.128.49]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.45592.1770637157062453034 for ; Mon, 09 Feb 2026 03:39:17 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=eRwINMes; spf=pass (domain: gmail.com, ip: 209.85.128.49, mailfrom: skandigraun@gmail.com) Received: by mail-wm1-f49.google.com with SMTP id 5b1f17b1804b1-483487335c2so2005185e9.2 for ; Mon, 09 Feb 2026 03:39:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1770637155; x=1771241955; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=1MT5NRjeHBxN2fbWKBJMx9Qy1U6c7sQEsoyn5FdtMiQ=; b=eRwINMesKdRrRzCY5jAsxn4EroAoWCE0JYt4sS4YBEnNgeNez3W+wXesXGBWKF4Tqc ufMDEIf7YT5+h4wg7UjIeH59Qapq58UZx9EQaupI5HaLldYrmJ48/rpzVacymPIL8eHa vquCRhpev7IdVVbPPaCiJmmNd4fw+y4FGwLXujcUO1/9JcvaRcnRy9CEOexpK8neZ87t ckRubP9JNcrkdqQ6t2E49yBVAjtxERpJbpj7Ko5yNywxOvQ4jnhWPTJSVjtOCCRJDbcG x92cPfrAdshWE1Bgeb3CMFaGcoyr2muS06RyFVntgHD20Za8tjMwxJnUs5A+CQOE8LSm BNSw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1770637155; x=1771241955; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=1MT5NRjeHBxN2fbWKBJMx9Qy1U6c7sQEsoyn5FdtMiQ=; b=YaCVo/dfgtEepNYeKWf9qj6uhPPbV7BgDV/LAcJNULdFKIeNRrpv4AW/1CeIKQYpz8 vNPicDwcgXWT+sO/Ll5rEOvLDnOnBC5Sod6foLkznL7T00fL2ZqmD0dek6xJZM5Y4Lva YGLHaWLAIhnnAHQMUSHkdNv9DDBJUxpaETCmX+CCsk/1bD0QRiTxdxfuIxvRpqrMw2KL WG6DtIREO2zanXDityln4jkul1DFfh0osXY1uwgmOwJvMEsQ8cwrTblnRSOPzEu0K7Xv sY02EANcJKoMY+No/e4Vp5cSrWDOTt/hpX3h3MAeDtrSOtH9IevVPh2Ky7ZsQpqJ48Yq NR3Q== X-Gm-Message-State: AOJu0YwIRb8LXtUUw2yDy4KUK+/m+0Vj2eo73B1vWbhkm4RxR4zma2BN fcC1TLO+EiyaJA7KqkMpzat59XtWyw6V1IN/GIqhu1KvVtUJfP9r76flY45KiA== X-Gm-Gg: AZuq6aI3Lok/sPFWhcO/fBFR9VlkDbKtOApkn8BZsGAuJ3y22Y4q6Dq5/RfHbiLE05w 9zE5Ge7BitpRJTQnQ+tgmA3J0FB09H66nfQnxrcsl7HYgK0ylmRnYPqFxOZXGEOKqAJdhgn56bn NUwlf8L8V/LNJbetvOVuNCkQaZ2FCmq9ZHQmRba50sAAjysmgcbmNKKZDwVnxVdJ1t+XfFcojOI JSf4DFySFLXwSsAMiwzNNFR8KOwhMgNg4Y0xIVkIz6gM6ACZ7VDtVqbepHeIpyPbtPQySTFt+vs kNhi+M2xm4ebLfooMy1h3aF0FlFBfZr1KEBEG3Br5yYW0o9FTVFZmhXeRp2QJJtRVFwmLSnQFJY Ozb1Cn3Cj+0zV3xl87rwQp+MmTgGkUia0DhnhHdhmpu3DuWBR6R6B33hBXdnRzJO2yhoLvsUFXY npPxpesiJT X-Received: by 2002:a05:600c:3b87:b0:477:df7:b020 with SMTP id 5b1f17b1804b1-48320966a0cmr164359105e9.18.1770637155213; Mon, 09 Feb 2026 03:39:15 -0800 (PST) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-4834304232bsm56030375e9.2.2026.02.09.03.39.14 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 09 Feb 2026 03:39:14 -0800 (PST) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-oe][kirkstone][PATCH 14/16] tigervnc: ignore CVE-2023-6478 Date: Mon, 9 Feb 2026 12:39:01 +0100 Message-ID: <20260209113904.3442496-14-skandigraun@gmail.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260209113904.3442496-1-skandigraun@gmail.com> References: <20260209113904.3442496-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 09 Feb 2026 11:39:18 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/124309 Details: https://nvd.nist.gov/vuln/detail/CVE-2023-6478 TigerVNC compiles its own xserver, this is why this CVE is associated with it - despite the vulnerability being in xserver. The vulnerability was fixed by [1] (from the nvd report), which has been backported[2] to the xserver version used by the recipe - so ignore the CVE, since it's patched already. [1]: https://gitlab.freedesktop.org/xorg/xserver/-/commit/14f480010a93ff962fef66a16412fafff81ad632 [2]: https://gitlab.freedesktop.org/xorg/xserver/-/commit/58e83c683950ac9e253ab05dd7a13a8368b70a3c Signed-off-by: Gyorgy Sarvari Signed-off-by: Khem Raj (cherry picked from commit 62a78f8ba7c8bd229cc82cf81bcc6a6d8116ebca) Signed-off-by: Gyorgy Sarvari --- meta-oe/recipes-graphics/tigervnc/tigervnc_1.11.0.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-oe/recipes-graphics/tigervnc/tigervnc_1.11.0.bb b/meta-oe/recipes-graphics/tigervnc/tigervnc_1.11.0.bb index 9e4d05186f..4f9b9f7267 100644 --- a/meta-oe/recipes-graphics/tigervnc/tigervnc_1.11.0.bb +++ b/meta-oe/recipes-graphics/tigervnc/tigervnc_1.11.0.bb @@ -123,4 +123,4 @@ FILES:${PN}-dbg += "${libdir}/xorg/modules/extensions/.debug" CVE_CHECK_IGNORE += "CVE-2014-8241" # fixed-version: The vulnerable code is not present in the used xserver version (21.1.18) -CVE_CHECK_IGNORE += "CVE-2023-6377" +CVE_CHECK_IGNORE += "CVE-2023-6377 CVE-2023-6478" From patchwork Mon Feb 9 11:39:02 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 80768 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 942A2E81BA4 for ; Mon, 9 Feb 2026 11:39:18 +0000 (UTC) Received: from mail-wm1-f52.google.com (mail-wm1-f52.google.com [209.85.128.52]) by mx.groups.io with SMTP id smtpd.msgproc01-g2.45793.1770637157715369420 for ; Mon, 09 Feb 2026 03:39:18 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=lZcCgW5n; spf=pass (domain: gmail.com, ip: 209.85.128.52, mailfrom: skandigraun@gmail.com) Received: by mail-wm1-f52.google.com with SMTP id 5b1f17b1804b1-4801d7c72a5so24572525e9.0 for ; Mon, 09 Feb 2026 03:39:17 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1770637156; x=1771241956; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=KLco60jHYu4uv1ONY8evyh1w4dlV5t0QSl1wssbr/YE=; b=lZcCgW5np8V9pGIzVXRLkFX9VtxBWZ7MV0FMMcDJ3aA/YClO/t9EPJQt4WHW4hyant eA/4iH+eFuQUjmxKZ0EvYJgFPxyFyd/HYRttPJ5SRexmRUsK2atE7QSu+sKsQzRxAcrm IzOVwdameNZLgVcLZlX7ZCtGv9JU7yQjC1ohwZnicOD2lHDRJRE7M43QKPZ0PNBgeG5S ABiqGCdSDRYh1WJovuMCCzyZtymH8ePlYWX19+wUgYmAs1rZwOSzyjvrwZuIGKwV+K1Z nk0w9F6iNP5rShv+96LyKVvo1p8esmxijd9MEIGjTug2mZxBMNH4AOHH6PUAAqVfUgmV jwmw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1770637156; x=1771241956; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=KLco60jHYu4uv1ONY8evyh1w4dlV5t0QSl1wssbr/YE=; b=V2hHYf5GsYV+VDqYIOW9ZJkSx4/B9TvJOxoiSYMxLC1v+ClO+xGwpP33sltvQZNyPw QYcCs76rurBge9MGaKbcygz6Y0uxO6KiRvqBc1rZynYufdIeCOIcUhsejXOr0HSxj5Zd /VQDWsQAu+bCG7O8+b8uNLHyg1z6ocO7j6HsuVOLJ+AJVJnBtGatLIOmFBX/IbS1PyHF JjV0o9J8Nd364GiTaIzLLJNS8FHYED3FmRfXNUJ8Ffw5A5sus+bD97Kzvk9E31BelG5Y oQ8y8QKPss1gUnglWWzJvzYuUL2Qw6R/RsbiViSP5UFakNi69+n2CozNHNSFd0upMPW4 gkKQ== X-Gm-Message-State: AOJu0YytvSRJ819q0tKz5N7UIT4/MovWCdVWIxxqfsW/RwaAcpFX3khW fLKakkAreYWVlW3zWN+qBzm0nBMQLYrxyRrSib7VXIKZx7VdeJLZJjNYoN9Uww== X-Gm-Gg: AZuq6aJtDrkMoJwCB6yqG+AHsxaFqPc81KOZ+pSB23VcJYyJTznMK2ZvB5LfO1cMVSX f4jYIXzmOMUoZH2wMfG3AQdodqnj3FLlnYJO1zBQfvwheaq5yORHrUzjTLAkQwS7MT5LaWWuZi8 Hjf1Os5DBpPVIX9BSyKvXiKatA+Im6VYp7GEPAnNubIJ/AJWdJ31p4hh5c2TFuD9CGcvjdIJ5yB GogrP0/5W3CgzRE9614b+0HEf8HU2oLuKgPKeEwdrQLTP9vKnco8TuHfueUi/81yQgJXzATbmKO zSLISPTaV771/IfYey0DLB8xhi55nbVBJNZxnU2IKylU7o1EuX8ibZ2ny+gCEQZVMlkOkkpqoOY yU4DANOs55+a/PUWvaTU70aaRyF0p3pwk+9dF/7Yzt9x89ZEQ9+9p79TFC4X2eskJX16x1A9sAl zkH+ekyRrG X-Received: by 2002:a05:600c:458c:b0:477:b734:8c41 with SMTP id 5b1f17b1804b1-483201da2e1mr152976535e9.1.1770637155963; Mon, 09 Feb 2026 03:39:15 -0800 (PST) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-4834304232bsm56030375e9.2.2026.02.09.03.39.15 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 09 Feb 2026 03:39:15 -0800 (PST) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-oe][kirkstone][PATCH 15/16] tigervnc: ignore CVE-2025-26594...26601 Date: Mon, 9 Feb 2026 12:39:02 +0100 Message-ID: <20260209113904.3442496-15-skandigraun@gmail.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260209113904.3442496-1-skandigraun@gmail.com> References: <20260209113904.3442496-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 09 Feb 2026 11:39:18 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/124310 Ignore the following CVEs: CVE-2025-26594, CVE-2025-26595, CVE-2025-26596, CVE-2025-26597, CVE-2025-26598, CVE-2025-26599, CVE-2025-26600, CVE-2025-26601 Details: https://nvd.nist.gov/vuln/detail/CVE-2025-26594 https://nvd.nist.gov/vuln/detail/CVE-2025-26595 https://nvd.nist.gov/vuln/detail/CVE-2025-26596 https://nvd.nist.gov/vuln/detail/CVE-2025-26597 https://nvd.nist.gov/vuln/detail/CVE-2025-26598 https://nvd.nist.gov/vuln/detail/CVE-2025-26599 https://nvd.nist.gov/vuln/detail/CVE-2025-26600 https://nvd.nist.gov/vuln/detail/CVE-2025-26601 TigerVNC compiles its own xserver, this is why these CVEs are associated with it - despite the vulnerabilities being in xserver. All of these vulnerabilities were fixed by the same PR[1], which has been part of xserver since version 21.1.16 (the currently used xserver version in TigerVNC is 21.1.18). Due to this, ignore these vulnerabilities, and just mark them as patched. [1]: https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1830 Signed-off-by: Gyorgy Sarvari Signed-off-by: Khem Raj (cherry picked from commit 4924e89bb77fe5486063229c50039a458d60f8ea) Signed-off-by: Gyorgy Sarvari --- meta-oe/recipes-graphics/tigervnc/tigervnc_1.11.0.bb | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/meta-oe/recipes-graphics/tigervnc/tigervnc_1.11.0.bb b/meta-oe/recipes-graphics/tigervnc/tigervnc_1.11.0.bb index 4f9b9f7267..8abcc873f3 100644 --- a/meta-oe/recipes-graphics/tigervnc/tigervnc_1.11.0.bb +++ b/meta-oe/recipes-graphics/tigervnc/tigervnc_1.11.0.bb @@ -123,4 +123,6 @@ FILES:${PN}-dbg += "${libdir}/xorg/modules/extensions/.debug" CVE_CHECK_IGNORE += "CVE-2014-8241" # fixed-version: The vulnerable code is not present in the used xserver version (21.1.18) -CVE_CHECK_IGNORE += "CVE-2023-6377 CVE-2023-6478" +CVE_CHECK_IGNORE += "CVE-2023-6377 CVE-2023-6478 CVE-2025-26594 CVE-2025-26595 \ +CVE-2025-26596 CVE-2025-26597 CVE-2025-26598 CVE-2025-26599 CVE-2025-26600 \ +CVE-2025-26601" From patchwork Mon Feb 9 11:39:03 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 80772 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9B0BDE81BA4 for ; Mon, 9 Feb 2026 11:39:28 +0000 (UTC) Received: from mail-wm1-f53.google.com (mail-wm1-f53.google.com [209.85.128.53]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.45593.1770637158395511963 for ; Mon, 09 Feb 2026 03:39:18 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=inAneIpn; spf=pass (domain: gmail.com, ip: 209.85.128.53, mailfrom: skandigraun@gmail.com) Received: by mail-wm1-f53.google.com with SMTP id 5b1f17b1804b1-4806f3fc50bso32683445e9.0 for ; Mon, 09 Feb 2026 03:39:18 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1770637157; x=1771241957; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=eM30tq9JDFYVcffCbl0L2RugcjljYynZRcrqCwMl6Zc=; b=inAneIpnqur/BAVeTJHH0PZAQNdkAxvkM4qiT2Tzo+kvP1YieUf12hU3spPwIxiHP8 AIsFSfhe2zpiURJQaKkTfmI88p/BLYmRtlT/LADvGqKVO9Ov3h5FJokKxHPaU4Zg/4ho tEgJL1o7T8D9wtDm2MRzA5nmSjj5GNP7FzK76CuFgSKwUdgu1pNcRqwx0G9BoRkSpWBf xtWQgjlyMfv2QexUY5iOHAV/WP+tsdtSm28AiWi89Aj1PPRrM4cNxrIIKDkKQk0kx38U sCH/H7f3OPMGEFttfXU8lNstLjte+GPUpyHLmrDR3pw+FTusRJahxb+ejlcJGRo6cFfC f/Qw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1770637157; x=1771241957; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=eM30tq9JDFYVcffCbl0L2RugcjljYynZRcrqCwMl6Zc=; b=inEpW0t4J5A42JNJuCVuKrUvCy/Bu8o4WT1c93rtXDcbZ1GSYEmVwG+t3cg74SjqSM zPNeVjfpjH9CpdgTMMR4XkxreA5qEcrI4U6t8sJfCy/QZY4y39/OmoxYoz2AMP2iVRsu 5nC/F/Y4wz80OcXnMpmclc84L3sTiZuZKQ93gKCu8UFpepVkYjSSbnUk17Bz9t3ff4CL w03yAk9PSwVGeh2unDiytQpHB1X6YJbK9CMvxQOnLs+sqxYuGkTE+vDrZWeIVOGbPCok rjtH8ZNO9hw95d7+/WJa+7PT7gP4QW9GZjXhJJstnyXhrNAq4GG8WAGKDECHcs3GERwC F4SQ== X-Gm-Message-State: AOJu0Yz2K7wl8T1g+dieAjE3RoaBwiUIGiptzBDFoQsdHSGm3LUMPbgk gwGJQsIEaAnXCnx4yB4Fba0kgxcVm2X/kB6MxkU5oSnU72kpl7Sc6zWO4214GA== X-Gm-Gg: AZuq6aJBbEBAWSTrsFrZR8camXEqbat+A5U6ROo5cYVoUkxh870bd+l6j294t8W5+AD MC3ETX3nM4Qwu9Aer3cE2wVdlXHI0rpB2+iCsj8ZTWf+RNvNoRyWc41hSNg1p6AbIZrMNz2JbMt xbU5rFytTOAUtIVpnP9UIO7VEYfHUSQIS6ZrkUd1fR7zTTU3je0G5r/dy/ao0Ofl/qA0GInHJcL YpJIMXhtSQtEkvTmsKKPEDrVXa1gI1QCtZO8NA2GRDfQo9KYfjUQG4HDJMDDSdPW/BFQOAOa5A1 zZhAA/IukkSFT1zrUZCnbmLAqquzUfjF57Bz7Fmp5nzjwIvm3bRkW/bQLvCHfPjYp6kwtDTC6gJ U8AmLsT3ZcR3PVWlcBVEjjvmasYrmUNAy6GC7AWSvR18U2RrAxQyvcoE5yjkX8K8jfYYYIgsK0m N0xJ4JlxoC X-Received: by 2002:a05:600c:a15:b0:47d:264e:b35a with SMTP id 5b1f17b1804b1-483201e482emr164041015e9.13.1770637156665; Mon, 09 Feb 2026 03:39:16 -0800 (PST) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-4834304232bsm56030375e9.2.2026.02.09.03.39.16 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 09 Feb 2026 03:39:16 -0800 (PST) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-oe][kirkstone][PATCH 16/16] tigervnc: mark CVE-2024-0408 and CVE-2024-0409 patched Date: Mon, 9 Feb 2026 12:39:03 +0100 Message-ID: <20260209113904.3442496-16-skandigraun@gmail.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260209113904.3442496-1-skandigraun@gmail.com> References: <20260209113904.3442496-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 09 Feb 2026 11:39:28 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/124311 Details: https://nvd.nist.gov/vuln/detail/CVE-2024-0408 https://nvd.nist.gov/vuln/detail/CVE-2024-0409 Both of these vulnerabilities were fixed[1][2] in xserver 21.1.11, just mark them patched. [1]: https://gitlab.freedesktop.org/xorg/xserver/-/commit/8d825f72da71d6c38cbb02cf2ee2dd9e0e0f50f2 [2]: https://gitlab.freedesktop.org/xorg/xserver/-/commit/a4f0e9466f3bc7073a8f0c28a581211c2d7adf0e Signed-off-by: Gyorgy Sarvari --- meta-oe/recipes-graphics/tigervnc/tigervnc_1.11.0.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-oe/recipes-graphics/tigervnc/tigervnc_1.11.0.bb b/meta-oe/recipes-graphics/tigervnc/tigervnc_1.11.0.bb index 8abcc873f3..053e8237f4 100644 --- a/meta-oe/recipes-graphics/tigervnc/tigervnc_1.11.0.bb +++ b/meta-oe/recipes-graphics/tigervnc/tigervnc_1.11.0.bb @@ -125,4 +125,4 @@ CVE_CHECK_IGNORE += "CVE-2014-8241" # fixed-version: The vulnerable code is not present in the used xserver version (21.1.18) CVE_CHECK_IGNORE += "CVE-2023-6377 CVE-2023-6478 CVE-2025-26594 CVE-2025-26595 \ CVE-2025-26596 CVE-2025-26597 CVE-2025-26598 CVE-2025-26599 CVE-2025-26600 \ -CVE-2025-26601" +CVE-2025-26601 CVE-2024-0408 CVE-2024-0409"