[Buildroot] [git commit branch/2020.11.x] package/vlc: security bump version to 3.0.12

Peter Korsgaard peter at korsgaard.com
Fri Jan 22 08:39:25 UTC 2021


commit: https://git.buildroot.net/buildroot/commit/?id=17c1e129e6e65f956b85f83b511763a24a10befb
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/2020.11.x

Removed patch which was applied upstream, removed md5 hash.

Security Bulletin: https://www.videolan.org/security/sb-vlc3012.html
Fixes CVE-2020-26664: https://nvd.nist.gov/vuln/detail/CVE-2020-26664

Added CPE_ID, cpe:2.3:a:videolan:vlc_media_player is a valid CPE
identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&orderBy=2.3&keyword=cpe%3A2.3%3Aa%3Avideolan%3Avlc_media_player&status=FINAL

Signed-off-by: Bernd Kuhls <bernd.kuhls at t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni at bootlin.com>
(cherry picked from commit de128d9ad62a96b8497992f439b5eeab4da9efc9)
Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
---
 ...issing-header-when-compiling-with-Qt-5.15.patch | 56 ----------------------
 package/vlc/vlc.hash                               | 10 ++--
 package/vlc/vlc.mk                                 |  4 +-
 3 files changed, 7 insertions(+), 63 deletions(-)

diff --git a/package/vlc/0011-qt-fix-missing-header-when-compiling-with-Qt-5.15.patch b/package/vlc/0011-qt-fix-missing-header-when-compiling-with-Qt-5.15.patch
deleted file mode 100644
index 1693511937..0000000000
--- a/package/vlc/0011-qt-fix-missing-header-when-compiling-with-Qt-5.15.patch
+++ /dev/null
@@ -1,56 +0,0 @@
-From a44d2f3aa6075fb6e63da75f84a257294d21d161 Mon Sep 17 00:00:00 2001
-From: Pierre Lamot <pierre at videolabs.io>
-Date: Wed, 27 May 2020 11:05:53 +0200
-Subject: [PATCH] qt: fix missing header when compiling with Qt 5.15
-
-Upstream bug report: https://trac.videolan.org/vlc/ticket/24882
-
-Signed-off-by: Bernd Kuhls <bernd.kuhls at t-online.de>
-[backported upstream commit for modules/gui/qt/dialogs/plugins.cpp
- http://git.videolan.org/?p=vlc.git;a=patch;h=0e88143ed2fe8eedfa4d3afdafcd0df901644c1d
- the other two patches were proposed on the upstream bugtracker]
----
- modules/gui/qt/components/playlist/views.cpp | 1 +
- modules/gui/qt/dialogs/plugins.cpp           | 1 +
- modules/gui/qt/util/timetooltip.hpp          | 1 +
- 3 files changed, 3 insertions(+)
-
-diff --git a/modules/gui/qt/components/playlist/views.cpp b/modules/gui/qt/components/playlist/views.cpp
-index ecc6b9918d..d3fd76da1a 100644
---- a/modules/gui/qt/components/playlist/views.cpp
-+++ b/modules/gui/qt/components/playlist/views.cpp
-@@ -35,6 +35,7 @@
- #include <QMetaType>
- #include <QHeaderView>
- #include <QSvgRenderer>
-+#include <QPainterPath>
- 
- #include <assert.h>
- 
-diff --git a/modules/gui/qt/dialogs/plugins.cpp b/modules/gui/qt/dialogs/plugins.cpp
-index 93c92b9fa6..e05ec0594a 100644
---- a/modules/gui/qt/dialogs/plugins.cpp
-+++ b/modules/gui/qt/dialogs/plugins.cpp
-@@ -66,6 +66,7 @@
- #include <QSplitter>
- #include <QToolButton>
- #include <QStackedWidget>
-+#include <QPainterPath>
- 
- //match the image source (width/height)
- #define SCORE_ICON_WIDTH_SCALE 4
-diff --git a/modules/gui/qt/util/timetooltip.hpp b/modules/gui/qt/util/timetooltip.hpp
-index b6d7c646c9..f213eac459 100644
---- a/modules/gui/qt/util/timetooltip.hpp
-+++ b/modules/gui/qt/util/timetooltip.hpp
-@@ -25,6 +25,7 @@
- #include "qt.hpp"
- 
- #include <QWidget>
-+#include <QPainterPath>
- 
- class TimeTooltip : public QWidget
- {
--- 
-2.27.0
-
diff --git a/package/vlc/vlc.hash b/package/vlc/vlc.hash
index 7775e449f4..f404cbf335 100644
--- a/package/vlc/vlc.hash
+++ b/package/vlc/vlc.hash
@@ -1,9 +1,7 @@
-# From https://get.videolan.org/vlc/3.0.11/vlc-3.0.11.tar.xz.sha256
-sha256  3e94a1acf33445e9da15d528aa48657aa26b912eaa2656b403d43860a8834919  vlc-3.0.11.tar.xz
-# From https://get.videolan.org/vlc/3.0.11/vlc-3.0.11.tar.xz.sha1
-sha1  66d377a2f24b6b865d5c56530e10d84b8262b46c  vlc-3.0.11.tar.xz
-# From https://get.videolan.org/vlc/3.0.11/vlc-3.0.11.tar.xz.md5
-md5  7e68f9e2d307eb7cc16e7345cda9e978  vlc-3.0.11.tar.xz
+# From https://get.videolan.org/vlc/3.0.12/vlc-3.0.12.tar.xz.sha256
+sha256  eff458f38a92126094f44f2263c2bf2c7cdef271b48192d0fe7b1726388cf879  vlc-3.0.12.tar.xz
+# From https://get.videolan.org/vlc/3.0.12/vlc-3.0.12.tar.xz.sha1
+sha1  39ef414a07202ec6569acda4c5d91e8576d453bf  vlc-3.0.12.tar.xz
 # Locally computed
 sha256  8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643  COPYING
 sha256  dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551  COPYING.LIB
diff --git a/package/vlc/vlc.mk b/package/vlc/vlc.mk
index 23dcc5d46f..6ee80fd45a 100644
--- a/package/vlc/vlc.mk
+++ b/package/vlc/vlc.mk
@@ -4,11 +4,13 @@
 #
 ################################################################################
 
-VLC_VERSION = 3.0.11
+VLC_VERSION = 3.0.12
 VLC_SITE = https://get.videolan.org/vlc/$(VLC_VERSION)
 VLC_SOURCE = vlc-$(VLC_VERSION).tar.xz
 VLC_LICENSE = GPL-2.0+, LGPL-2.1+
 VLC_LICENSE_FILES = COPYING COPYING.LIB
+VLC_CPE_ID_VENDOR = videolan
+VLC_CPE_ID_NAME = vlc_media_player
 VLC_DEPENDENCIES = host-pkgconf
 VLC_AUTORECONF = YES
 


More information about the buildroot mailing list