diff -Nru aom-1.0.0.errata1/debian/changelog aom-1.0.0.errata1/debian/changelog --- aom-1.0.0.errata1/debian/changelog 2020-02-08 10:55:57.000000000 +0000 +++ aom-1.0.0.errata1/debian/changelog 2023-10-19 15:03:29.000000000 +0000 @@ -1,8 +1,20 @@ -aom (1.0.0.errata1-3build1) focal; urgency=medium +aom (1.0.0.errata1-3+deb11u1build0.20.04.1) focal-security; urgency=medium - * No-change rebuild with fixed binutils on arm64. + * fake sync from Debian - -- Matthias Klose Sat, 08 Feb 2020 10:55:57 +0000 + -- Amir Naseredini Thu, 19 Oct 2023 16:03:29 +0100 + +aom (1.0.0.errata1-3+deb11u1) bullseye-security; urgency=high + + * Non-maintainer upload. + * Fix CVE-2020-36130, CVE-2020-36131, CVE-2020-36133, CVE-2020-36135, + CVE-2021-30473, CVE-2021-30474 and CVE-2021-30475. + Multiple security vulnerabilities have been discovered in aom, the AV1 + Video Codec Library. Buffer overflows, use-after-free and NULL pointer + dereferences may cause a denial of service or other unspecified impact if a + malformed multimedia file is processed. + + -- Markus Koschany Tue, 05 Sep 2023 23:10:00 +0200 aom (1.0.0.errata1-3) unstable; urgency=medium diff -Nru aom-1.0.0.errata1/debian/patches/CVE-2020-36130.patch aom-1.0.0.errata1/debian/patches/CVE-2020-36130.patch --- aom-1.0.0.errata1/debian/patches/CVE-2020-36130.patch 1970-01-01 00:00:00.000000000 +0000 +++ aom-1.0.0.errata1/debian/patches/CVE-2020-36130.patch 2023-09-05 21:10:00.000000000 +0000 @@ -0,0 +1,52 @@ +From: Markus Koschany +Date: Sat, 2 Sep 2023 12:51:36 +0200 +Subject: CVE-2020-36130 + +Origin: https://aomedia.googlesource.com/aom/+/be4ee75fd762d361d0679cc892e4c74af8140093%5E%21/#F0 +--- + av1/av1_dx_iface.c | 24 ++++++++++++++++-------- + 1 file changed, 16 insertions(+), 8 deletions(-) + +diff --git a/av1/av1_dx_iface.c b/av1/av1_dx_iface.c +index 54525f9..a061a94 100644 +--- a/av1/av1_dx_iface.c ++++ b/av1/av1_dx_iface.c +@@ -882,6 +882,7 @@ static aom_codec_err_t ctrl_get_last_quantizer(aom_codec_alg_priv_t *ctx, + va_list args) { + int *const arg = va_arg(args, int *); + if (arg == NULL) return AOM_CODEC_INVALID_PARAM; ++ if (ctx->frame_workers == NULL) return AOM_CODEC_ERROR; + *arg = + ((FrameWorkerData *)ctx->frame_workers[0].data1)->pbi->common.base_qindex; + return AOM_CODEC_OK; +@@ -1170,15 +1171,22 @@ static aom_codec_err_t ctrl_get_accounting(aom_codec_alg_priv_t *ctx, + (void)args; + return AOM_CODEC_INCAPABLE; + #else +- if (ctx->frame_workers) { +- AVxWorker *const worker = ctx->frame_workers; +- FrameWorkerData *const frame_worker_data = (FrameWorkerData *)worker->data1; +- AV1Decoder *pbi = frame_worker_data->pbi; +- Accounting **acct = va_arg(args, Accounting **); +- *acct = &pbi->accounting; +- return AOM_CODEC_OK; ++ Accounting **acct = va_arg(args, Accounting **); ++ ++ if (acct) { ++ if (ctx->frame_workers) { ++ AVxWorker *const worker = ctx->frame_workers; ++ FrameWorkerData *const frame_worker_data = ++ (FrameWorkerData *)worker->data1; ++ AV1Decoder *pbi = frame_worker_data->pbi; ++ *acct = &pbi->accounting; ++ return AOM_CODEC_OK; ++ } else { ++ return AOM_CODEC_ERROR; ++ } + } +- return AOM_CODEC_ERROR; ++ ++ return AOM_CODEC_INVALID_PARAM; + #endif + } + static aom_codec_err_t ctrl_set_decode_tile_row(aom_codec_alg_priv_t *ctx, diff -Nru aom-1.0.0.errata1/debian/patches/CVE-2020-36131.patch aom-1.0.0.errata1/debian/patches/CVE-2020-36131.patch --- aom-1.0.0.errata1/debian/patches/CVE-2020-36131.patch 1970-01-01 00:00:00.000000000 +0000 +++ aom-1.0.0.errata1/debian/patches/CVE-2020-36131.patch 2023-09-05 21:10:00.000000000 +0000 @@ -0,0 +1,39 @@ +From: Markus Koschany +Date: Tue, 29 Aug 2023 22:19:18 +0200 +Subject: CVE-2020-36131 + +This is also the fix for CVE-2020-36135. +--- + apps/aomenc.c | 11 ++++------- + 1 file changed, 4 insertions(+), 7 deletions(-) + +diff --git a/apps/aomenc.c b/apps/aomenc.c +index db09102..044c5d9 100644 +--- a/apps/aomenc.c ++++ b/apps/aomenc.c +@@ -1878,6 +1878,7 @@ int main(int argc, const char **argv_) { + int profile_updated = 0; + + memset(&input, 0, sizeof(input)); ++ memset(&raw, 0, sizeof(raw)); + exec_name = argv_[0]; + + /* Setup default input stream settings */ +@@ -2108,14 +2109,10 @@ int main(int argc, const char **argv_) { + } + + if (pass == (global.pass ? global.pass - 1 : 0)) { +- if (input.file_type == FILE_TYPE_Y4M) +- /*The Y4M reader does its own allocation. +- Just initialize this here to avoid problems if we never read any +- frames.*/ +- memset(&raw, 0, sizeof(raw)); +- else ++ // The Y4M reader does its own allocation. ++ if (input.file_type != FILE_TYPE_Y4M) { + aom_img_alloc(&raw, input.fmt, input.width, input.height, 32); +- ++ } + FOREACH_STREAM(stream, streams) { + stream->rate_hist = + init_rate_histogram(&stream->config.cfg, &global.framerate); diff -Nru aom-1.0.0.errata1/debian/patches/CVE-2020-36133.patch aom-1.0.0.errata1/debian/patches/CVE-2020-36133.patch --- aom-1.0.0.errata1/debian/patches/CVE-2020-36133.patch 1970-01-01 00:00:00.000000000 +0000 +++ aom-1.0.0.errata1/debian/patches/CVE-2020-36133.patch 2023-09-05 21:10:00.000000000 +0000 @@ -0,0 +1,73 @@ +From: Markus Koschany +Date: Tue, 29 Aug 2023 22:25:51 +0200 +Subject: CVE-2020-36133 + +Origin: https://aomedia.googlesource.com/aom/+/5c9bc4181071684d157fc47c736acf6c69a85d85 +--- + apps/aomenc.c | 39 +++++++++++++++++++++++++++++++++++++-- + 1 file changed, 37 insertions(+), 2 deletions(-) + +diff --git a/apps/aomenc.c b/apps/aomenc.c +index 044c5d9..64c0405 100644 +--- a/apps/aomenc.c ++++ b/apps/aomenc.c +@@ -1566,6 +1566,33 @@ static void initialize_encoder(struct stream_state *stream, + #endif + } + ++// Convert the input image 'img' to a monochrome image. The Y plane of the ++// output image is a shallow copy of the Y plane of the input image, therefore ++// the input image must remain valid for the lifetime of the output image. The U ++// and V planes of the output image are set to null pointers. The output image ++// format is AOM_IMG_FMT_I420 because libaom does not have AOM_IMG_FMT_I400. ++static void convert_image_to_monochrome(const struct aom_image *img, ++ struct aom_image *monochrome_img) { ++ *monochrome_img = *img; ++ monochrome_img->fmt = AOM_IMG_FMT_I420; ++ if (img->fmt & AOM_IMG_FMT_HIGHBITDEPTH) { ++ monochrome_img->fmt |= AOM_IMG_FMT_HIGHBITDEPTH; ++ } ++ monochrome_img->monochrome = 1; ++ monochrome_img->csp = AOM_CSP_UNKNOWN; ++ monochrome_img->x_chroma_shift = 1; ++ monochrome_img->y_chroma_shift = 1; ++ monochrome_img->planes[AOM_PLANE_U] = NULL; ++ monochrome_img->planes[AOM_PLANE_V] = NULL; ++ monochrome_img->stride[AOM_PLANE_U] = 0; ++ monochrome_img->stride[AOM_PLANE_V] = 0; ++ monochrome_img->sz = 0; ++ monochrome_img->bps = (img->fmt & AOM_IMG_FMT_HIGHBITDEPTH) ? 16 : 8; ++ monochrome_img->img_data = NULL; ++ monochrome_img->img_data_owner = 0; ++ monochrome_img->self_allocd = 0; ++} ++ + static void encode_frame(struct stream_state *stream, + struct AvxEncoderConfig *global, struct aom_image *img, + unsigned int frames_in) { +@@ -1645,6 +1672,12 @@ static void encode_frame(struct stream_state *stream, + #endif + } + ++ struct aom_image monochrome_img; ++ if (img && cfg->monochrome) { ++ convert_image_to_monochrome(img, &monochrome_img); ++ img = &monochrome_img; ++ } ++ + aom_usec_timer_start(&timer); + aom_codec_encode(&stream->encoder, img, frame_start, + (uint32_t)(next_frame_start - frame_start), 0); +@@ -2001,8 +2034,10 @@ int main(int argc, const char **argv_) { + stream->config.cfg.g_profile = 1; + profile_updated = 1; + } +- } else if (input.bit_depth == 12 || input.fmt == AOM_IMG_FMT_I422 || +- input.fmt == AOM_IMG_FMT_I42216) { ++ } else if (input.bit_depth == 12 || ++ ((input.fmt == AOM_IMG_FMT_I422 || ++ input.fmt == AOM_IMG_FMT_I42216) && ++ !stream->config.cfg.monochrome)) { + stream->config.cfg.g_profile = 2; + profile_updated = 1; + } diff -Nru aom-1.0.0.errata1/debian/patches/CVE-2021-30473.patch aom-1.0.0.errata1/debian/patches/CVE-2021-30473.patch --- aom-1.0.0.errata1/debian/patches/CVE-2021-30473.patch 1970-01-01 00:00:00.000000000 +0000 +++ aom-1.0.0.errata1/debian/patches/CVE-2021-30473.patch 2023-09-05 21:10:00.000000000 +0000 @@ -0,0 +1,31 @@ +From: Markus Koschany +Date: Mon, 28 Aug 2023 01:17:27 +0200 +Subject: CVE-2021-30473 + +Origin: https://aomedia.googlesource.com/aom/+/d0cac70b542c38accd916f8afd13592d34c48963%5E%21/ +--- + aom/src/aom_image.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/aom/src/aom_image.c b/aom/src/aom_image.c +index 4c52e51..e3f862b 100644 +--- a/aom/src/aom_image.c ++++ b/aom/src/aom_image.c +@@ -33,6 +33,8 @@ static aom_image_t *img_alloc_helper( + unsigned int h, w, s, xcs, ycs, bps; + unsigned int stride_in_bytes; + ++ if (img != NULL) memset(img, 0, sizeof(aom_image_t)); ++ + /* Treat align==0 like align==1 */ + if (!buf_align) buf_align = 1; + +@@ -101,8 +103,6 @@ static aom_image_t *img_alloc_helper( + if (!img) goto fail; + + img->self_allocd = 1; +- } else { +- memset(img, 0, sizeof(aom_image_t)); + } + + img->img_data = img_data; diff -Nru aom-1.0.0.errata1/debian/patches/CVE-2021-30474.patch aom-1.0.0.errata1/debian/patches/CVE-2021-30474.patch --- aom-1.0.0.errata1/debian/patches/CVE-2021-30474.patch 1970-01-01 00:00:00.000000000 +0000 +++ aom-1.0.0.errata1/debian/patches/CVE-2021-30474.patch 2023-09-05 21:10:00.000000000 +0000 @@ -0,0 +1,48 @@ +From: Markus Koschany +Date: Tue, 29 Aug 2023 22:05:16 +0200 +Subject: CVE-2021-30474 + +Origin: https://aomedia.googlesource.com/aom/+/6e31957b6dc62dbc7d1bb70cd84902dd14c4bf2e%5E%21/ +--- + aom_dsp/grain_table.c | 2 +- + test/film_grain_table_test.cc | 14 ++++++++++++++ + 2 files changed, 15 insertions(+), 1 deletion(-) + +diff --git a/aom_dsp/grain_table.c b/aom_dsp/grain_table.c +index 0d6a73f..04be550 100644 +--- a/aom_dsp/grain_table.c ++++ b/aom_dsp/grain_table.c +@@ -243,7 +243,7 @@ int aom_film_grain_table_lookup(aom_film_grain_table_t *t, int64_t time_stamp, + // If segments aren't aligned, delete from the beggining of subsequent + // segments + if (end_time > entry_end_time) { +- aom_film_grain_table_lookup(t, entry->end_time, end_time, 1, 0); ++ aom_film_grain_table_lookup(t, entry_end_time, end_time, 1, 0); + } + return 1; + } +diff --git a/test/film_grain_table_test.cc b/test/film_grain_table_test.cc +index 0688146..2968989 100644 +--- a/test/film_grain_table_test.cc ++++ b/test/film_grain_table_test.cc +@@ -90,6 +90,20 @@ TEST(FilmGrainTableTest, AddAndLookupSingleSegment) { + aom_film_grain_table_free(&table); + } + ++TEST(FilmGrainTableTest, AddSingleSegmentRemoveBiggerSegment) { ++ aom_film_grain_table_t table; ++ aom_film_grain_t grain; ++ ++ memset(&table, 0, sizeof(table)); ++ ++ aom_film_grain_table_append(&table, 0, 1000, film_grain_test_vectors + 0); ++ EXPECT_TRUE(aom_film_grain_table_lookup(&table, 0, 1100, true, &grain)); ++ ++ EXPECT_EQ(0, table.head); ++ EXPECT_EQ(0, table.tail); ++ aom_film_grain_table_free(&table); ++} ++ + TEST(FilmGrainTableTest, SplitSingleSegment) { + aom_film_grain_table_t table; + aom_film_grain_t grain; diff -Nru aom-1.0.0.errata1/debian/patches/CVE-2021-30475.patch aom-1.0.0.errata1/debian/patches/CVE-2021-30475.patch --- aom-1.0.0.errata1/debian/patches/CVE-2021-30475.patch 1970-01-01 00:00:00.000000000 +0000 +++ aom-1.0.0.errata1/debian/patches/CVE-2021-30475.patch 2023-09-05 21:10:00.000000000 +0000 @@ -0,0 +1,70 @@ +From: Markus Koschany +Date: Tue, 29 Aug 2023 22:11:58 +0200 +Subject: CVE-2021-30475 + +Origin: https://aomedia.googlesource.com/aom/+/12adc723acf02633595a4d8da8345742729f46c0%5E%21/ +--- + aom_dsp/noise_model.c | 25 +++++++++++++++++++------ + test/noise_model_test.cc | 6 ++++++ + 2 files changed, 25 insertions(+), 6 deletions(-) + +diff --git a/aom_dsp/noise_model.c b/aom_dsp/noise_model.c +index a1287f7..786dbf8 100644 +--- a/aom_dsp/noise_model.c ++++ b/aom_dsp/noise_model.c +@@ -214,6 +214,7 @@ static void set_chroma_coefficient_fallback_soln(aom_equation_system_t *eqns) { + + int aom_noise_strength_lut_init(aom_noise_strength_lut_t *lut, int num_points) { + if (!lut) return 0; ++ if (num_points <= 0) return 0; + lut->points = (double(*)[2])aom_malloc(num_points * sizeof(*lut->points)); + if (!lut->points) return 0; + lut->num_points = num_points; +@@ -1144,12 +1145,24 @@ int aom_noise_model_get_grain_parameters(aom_noise_model_t *const noise_model, + + // Convert the scaling functions to 8 bit values + aom_noise_strength_lut_t scaling_points[3]; +- aom_noise_strength_solver_fit_piecewise( +- &noise_model->combined_state[0].strength_solver, 14, scaling_points + 0); +- aom_noise_strength_solver_fit_piecewise( +- &noise_model->combined_state[1].strength_solver, 10, scaling_points + 1); +- aom_noise_strength_solver_fit_piecewise( +- &noise_model->combined_state[2].strength_solver, 10, scaling_points + 2); ++ if (!aom_noise_strength_solver_fit_piecewise( ++ &noise_model->combined_state[0].strength_solver, 14, ++ scaling_points + 0)) { ++ return 0; ++ } ++ if (!aom_noise_strength_solver_fit_piecewise( ++ &noise_model->combined_state[1].strength_solver, 10, ++ scaling_points + 1)) { ++ aom_noise_strength_lut_free(scaling_points + 0); ++ return 0; ++ } ++ if (!aom_noise_strength_solver_fit_piecewise( ++ &noise_model->combined_state[2].strength_solver, 10, ++ scaling_points + 2)) { ++ aom_noise_strength_lut_free(scaling_points + 0); ++ aom_noise_strength_lut_free(scaling_points + 1); ++ return 0; ++ } + + // Both the domain and the range of the scaling functions in the film_grain + // are normalized to 8-bit (e.g., they are implicitly scaled during grain +diff --git a/test/noise_model_test.cc b/test/noise_model_test.cc +index 9b7fff8..be5167c 100644 +--- a/test/noise_model_test.cc ++++ b/test/noise_model_test.cc +@@ -201,6 +201,12 @@ TEST(NoiseStrengthSolver, SimplifiesCurve) { + aom_noise_strength_solver_free(&solver); + } + ++TEST(NoiseStrengthLut, LutInitNegativeOrZeroSize) { ++ aom_noise_strength_lut_t lut; ++ ASSERT_FALSE(aom_noise_strength_lut_init(&lut, -1)); ++ ASSERT_FALSE(aom_noise_strength_lut_init(&lut, 0)); ++} ++ + TEST(NoiseStrengthLut, LutEvalSinglePoint) { + aom_noise_strength_lut_t lut; + ASSERT_TRUE(aom_noise_strength_lut_init(&lut, 1)); diff -Nru aom-1.0.0.errata1/debian/patches/debian-changes aom-1.0.0.errata1/debian/patches/debian-changes --- aom-1.0.0.errata1/debian/patches/debian-changes 2020-02-08 10:55:57.000000000 +0000 +++ aom-1.0.0.errata1/debian/patches/debian-changes 2023-09-05 21:10:00.000000000 +0000 @@ -1,3 +1,7 @@ +From: Debian Multimedia Maintainers +Date: Sun, 27 Aug 2023 00:32:41 +0200 +Subject: debian-changes + The Debian packaging of aom is maintained in git, using the merging workflow described in dgit-maint-merge(7). There isn't a patch queue that can be represented as a quilt series. @@ -15,8 +19,27 @@ clone`.) A single combined diff, containing all the changes, follows. ---- aom-1.0.0.errata1.orig/CHANGELOG -+++ aom-1.0.0.errata1/CHANGELOG +--- + CHANGELOG | 630 +-------------------------- + CMakeLists.txt | 4 +- + aom/exports_com | 1 + + aom/exports_dec | 2 + + aom/exports_enc | 11 + + av1/av1.cmake | 4 +- + av1/common/ppc/cfl_ppc.c | 85 ++-- + av1/exports_com | 1 + + av1/exports_dec | 1 + + build/cmake/aom_optimization.cmake | 24 +- + build/cmake/exports_sources.cmake | 12 +- + build/cmake/generate_exports.cmake | 6 +- + build/cmake/toolchains/armv7-linux-gcc.cmake | 9 +- + 13 files changed, 92 insertions(+), 698 deletions(-) + create mode 100644 av1/exports_com + +diff --git a/CHANGELOG b/CHANGELOG +index 7510dc6..d84aa02 100644 +--- a/CHANGELOG ++++ b/CHANGELOG @@ -1,631 +1,5 @@ -Next Release - - Incompatible changes: @@ -651,8 +674,10 @@ -2010-05-18 v0.9.0 - - Initial open source release. Welcome to WebM and VP8! - ---- aom-1.0.0.errata1.orig/CMakeLists.txt -+++ aom-1.0.0.errata1/CMakeLists.txt +diff --git a/CMakeLists.txt b/CMakeLists.txt +index e3c8591..975053c 100644 +--- a/CMakeLists.txt ++++ b/CMakeLists.txt @@ -565,9 +565,7 @@ endif() if(HAVE_PTHREAD_H AND CONFIG_MULTITHREAD) @@ -664,8 +689,10 @@ endif() if(XCODE) ---- aom-1.0.0.errata1.orig/aom/exports_com -+++ aom-1.0.0.errata1/aom/exports_com +diff --git a/aom/exports_com b/aom/exports_com +index a87a453..4d06b76 100644 +--- a/aom/exports_com ++++ b/aom/exports_com @@ -17,6 +17,7 @@ text aom_img_plane_height text aom_img_set_rect text aom_img_wrap @@ -674,16 +701,20 @@ text aom_uleb_decode text aom_uleb_encode text aom_uleb_encode_fixed_size ---- aom-1.0.0.errata1.orig/aom/exports_dec -+++ aom-1.0.0.errata1/aom/exports_dec +diff --git a/aom/exports_dec b/aom/exports_dec +index de8fe44..d7d1c4f 100644 +--- a/aom/exports_dec ++++ b/aom/exports_dec @@ -6,3 +6,5 @@ text aom_codec_peek_stream_info text aom_codec_register_put_frame_cb text aom_codec_register_put_slice_cb text aom_codec_set_frame_buffer_functions +text aom_obu_type_to_string +text aom_read_obu_header ---- aom-1.0.0.errata1.orig/aom/exports_enc -+++ aom-1.0.0.errata1/aom/exports_enc +diff --git a/aom/exports_enc b/aom/exports_enc +index 0dcca7d..1fa872d 100644 +--- a/aom/exports_enc ++++ b/aom/exports_enc @@ -7,3 +7,14 @@ text aom_codec_get_cx_data text aom_codec_get_global_headers text aom_codec_get_preview_frame @@ -699,8 +730,10 @@ +text aom_noise_model_update +text aom_wb_write_literal +text aom_wb_write_unsigned_literal ---- aom-1.0.0.errata1.orig/av1/av1.cmake -+++ aom-1.0.0.errata1/av1/av1.cmake +diff --git a/av1/av1.cmake b/av1/av1.cmake +index 1c7f937..b36c828 100644 +--- a/av1/av1.cmake ++++ b/av1/av1.cmake @@ -421,13 +421,13 @@ function(setup_av1_targets) if(HAVE_NEON) @@ -717,8 +750,10 @@ "aom_av1_encoder" "AOM_AV1_ENCODER_INTRIN_NEON" "aom") endif() ---- aom-1.0.0.errata1.orig/av1/common/ppc/cfl_ppc.c -+++ aom-1.0.0.errata1/av1/common/ppc/cfl_ppc.c +diff --git a/av1/common/ppc/cfl_ppc.c b/av1/common/ppc/cfl_ppc.c +index 58933a7..026a078 100644 +--- a/av1/common/ppc/cfl_ppc.c ++++ b/av1/common/ppc/cfl_ppc.c @@ -24,19 +24,21 @@ #define CFL_LINE_2 128 #define CFL_LINE_3 192 @@ -752,7 +787,7 @@ const uint32x4_t div_shift = vec_splats((uint32_t)num_pel_log2); const uint8x16_t mask_64 = { 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 }; -@@ -71,43 +73,40 @@ static INLINE void subtract_average_vsx( +@@ -71,43 +73,40 @@ static INLINE void subtract_average_vsx(int16_t *pred_buf, int width, const int32x4_t avg = vec_sr(sum_32x4, div_shift); const int16x8_t vec_avg = vec_pack(avg, avg); do { @@ -796,7 +831,14 @@ - OFF_2 + CFL_LINE_2, pred_buf); - vec_vsx_st(vec_sub(vec_vsx_ld(OFF_2 + CFL_LINE_3, pred_buf), vec_avg), - OFF_2 + CFL_LINE_3, pred_buf); -- ++ vec_vsx_st(vec_sub(vec_vsx_ld(OFF_2, dst), vec_avg), OFF_2, dst); ++ vec_vsx_st(vec_sub(vec_vsx_ld(OFF_2 + CFL_LINE_1, dst), vec_avg), ++ OFF_2 + CFL_LINE_1, dst); ++ vec_vsx_st(vec_sub(vec_vsx_ld(OFF_2 + CFL_LINE_2, dst), vec_avg), ++ OFF_2 + CFL_LINE_2, dst); ++ vec_vsx_st(vec_sub(vec_vsx_ld(OFF_2 + CFL_LINE_3, dst), vec_avg), ++ OFF_2 + CFL_LINE_3, dst); + - vec_vsx_st(vec_sub(vec_vsx_ld(OFF_3, pred_buf), vec_avg), OFF_3, - pred_buf); - vec_vsx_st(vec_sub(vec_vsx_ld(OFF_3 + CFL_LINE_1, pred_buf), vec_avg), @@ -805,14 +847,6 @@ - OFF_3 + CFL_LINE_2, pred_buf); - vec_vsx_st(vec_sub(vec_vsx_ld(OFF_3 + CFL_LINE_3, pred_buf), vec_avg), - OFF_3 + CFL_LINE_3, pred_buf); -+ vec_vsx_st(vec_sub(vec_vsx_ld(OFF_2, dst), vec_avg), OFF_2, dst); -+ vec_vsx_st(vec_sub(vec_vsx_ld(OFF_2 + CFL_LINE_1, dst), vec_avg), -+ OFF_2 + CFL_LINE_1, dst); -+ vec_vsx_st(vec_sub(vec_vsx_ld(OFF_2 + CFL_LINE_2, dst), vec_avg), -+ OFF_2 + CFL_LINE_2, dst); -+ vec_vsx_st(vec_sub(vec_vsx_ld(OFF_2 + CFL_LINE_3, dst), vec_avg), -+ OFF_2 + CFL_LINE_3, dst); -+ + vec_vsx_st(vec_sub(vec_vsx_ld(OFF_3, dst), vec_avg), OFF_3, dst); + vec_vsx_st(vec_sub(vec_vsx_ld(OFF_3 + CFL_LINE_1, dst), vec_avg), + OFF_3 + CFL_LINE_1, dst); @@ -826,18 +860,25 @@ } // Declare wrappers for VSX sizes +diff --git a/av1/exports_com b/av1/exports_com +new file mode 100644 +index 0000000..4816472 --- /dev/null -+++ aom-1.0.0.errata1/av1/exports_com ++++ b/av1/exports_com @@ -0,0 +1 @@ +text av1_resize_frame420 ---- aom-1.0.0.errata1.orig/av1/exports_dec -+++ aom-1.0.0.errata1/av1/exports_dec +diff --git a/av1/exports_dec b/av1/exports_dec +index 05860e8..daabf67 100644 +--- a/av1/exports_dec ++++ b/av1/exports_dec @@ -1,2 +1,3 @@ data aom_codec_av1_dx_algo text aom_codec_av1_dx +text av1_add_film_grain ---- aom-1.0.0.errata1.orig/build/cmake/aom_optimization.cmake -+++ aom-1.0.0.errata1/build/cmake/aom_optimization.cmake +diff --git a/build/cmake/aom_optimization.cmake b/build/cmake/aom_optimization.cmake +index 069ea1b..39d4eb8 100644 +--- a/build/cmake/aom_optimization.cmake ++++ b/build/cmake/aom_optimization.cmake @@ -83,24 +83,20 @@ function(get_asm_obj_format out_format) if("${AOM_TARGET_CPU}" STREQUAL "x86_64") if("${AOM_TARGET_SYSTEM}" STREQUAL "Darwin") @@ -895,9 +936,11 @@ if(NOT "${nasm_helptext}" MATCHES "elf64") message(FATAL_ERROR "Unsupported nasm: elf64 object format not supported.") ---- aom-1.0.0.errata1.orig/build/cmake/exports_sources.cmake -+++ aom-1.0.0.errata1/build/cmake/exports_sources.cmake -@@ -13,14 +13,16 @@ if(AOM_BUILD_CMAKE_EXPORTS_SOURCES_CMAKE +diff --git a/build/cmake/exports_sources.cmake b/build/cmake/exports_sources.cmake +index 48790db..3bc56cb 100644 +--- a/build/cmake/exports_sources.cmake ++++ b/build/cmake/exports_sources.cmake +@@ -13,14 +13,16 @@ if(AOM_BUILD_CMAKE_EXPORTS_SOURCES_CMAKE_) endif() # AOM_BUILD_CMAKE_EXPORTS_SOURCES_CMAKE_ set(AOM_BUILD_CMAKE_EXPORTS_SOURCES_CMAKE_ 1) @@ -919,9 +962,11 @@ + "${AOM_ROOT}/av1/exports_enc") endif() + ---- aom-1.0.0.errata1.orig/build/cmake/generate_exports.cmake -+++ aom-1.0.0.errata1/build/cmake/generate_exports.cmake -@@ -39,7 +39,7 @@ elseif("${AOM_TARGET_SYSTEM}" MATCHES "W +diff --git a/build/cmake/generate_exports.cmake b/build/cmake/generate_exports.cmake +index 4dce3a6..6b706d0 100644 +--- a/build/cmake/generate_exports.cmake ++++ b/build/cmake/generate_exports.cmake +@@ -39,7 +39,7 @@ elseif("${AOM_TARGET_SYSTEM}" MATCHES "Windows\|MSYS") file(WRITE "${aom_sym_file}" "LIBRARY libaom INITINSTANCE TERMINSTANCE\n" "DATA MULTIPLE NONSHARED\n" "EXPORTS\n") else() @@ -943,8 +988,10 @@ - file(APPEND "${aom_sym_file}" " };") + file(APPEND "${aom_sym_file}" " \nlocal:\n *;\n};") endif() ---- aom-1.0.0.errata1.orig/build/cmake/toolchains/armv7-linux-gcc.cmake -+++ aom-1.0.0.errata1/build/cmake/toolchains/armv7-linux-gcc.cmake +diff --git a/build/cmake/toolchains/armv7-linux-gcc.cmake b/build/cmake/toolchains/armv7-linux-gcc.cmake +index 7d3d630..6cbc2a8 100644 +--- a/build/cmake/toolchains/armv7-linux-gcc.cmake ++++ b/build/cmake/toolchains/armv7-linux-gcc.cmake @@ -28,16 +28,13 @@ endif() set(CMAKE_C_COMPILER ${CROSS}gcc) set(CMAKE_CXX_COMPILER ${CROSS}g++) diff -Nru aom-1.0.0.errata1/debian/patches/series aom-1.0.0.errata1/debian/patches/series --- aom-1.0.0.errata1/debian/patches/series 2020-01-02 19:26:18.000000000 +0000 +++ aom-1.0.0.errata1/debian/patches/series 2023-09-05 21:10:00.000000000 +0000 @@ -1 +1,7 @@ debian-changes +CVE-2021-30473.patch +CVE-2021-30474.patch +CVE-2021-30475.patch +CVE-2020-36131.patch +CVE-2020-36133.patch +CVE-2020-36130.patch diff -Nru aom-1.0.0.errata1/debian/source/options aom-1.0.0.errata1/debian/source/options --- aom-1.0.0.errata1/debian/source/options 2020-01-02 19:26:18.000000000 +0000 +++ aom-1.0.0.errata1/debian/source/options 1970-01-01 00:00:00.000000000 +0000 @@ -1,2 +0,0 @@ -single-debian-patch -auto-commit