From patchwork Wed Sep 18 01:43:08 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Z572 <zhengjunjie@iscas.ac.cn>
X-Patchwork-Id: 68052
Return-Path: <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>
X-Original-To: patchwork@mira.cbaines.net
Delivered-To: patchwork@mira.cbaines.net
Received: by mira.cbaines.net (Postfix, from userid 113)
	id 6303A27BBEB; Wed, 18 Sep 2024 02:47:26 +0100 (BST)
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on mira.cbaines.net
X-Spam-Level: 
X-Spam-Status: No, score=-7.6 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
	DKIM_SIGNED,DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_VALIDITY_CERTIFIED,
	RCVD_IN_VALIDITY_RPBL,RCVD_IN_VALIDITY_SAFE,SPF_HELO_PASS,
	URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	by mira.cbaines.net (Postfix) with ESMTPS id C3BF927BBE9
	for <patchwork@mira.cbaines.net>; Wed, 18 Sep 2024 02:47:25 +0100 (BST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <guix-patches-bounces@gnu.org>)
	id 1sqjmT-0004os-Tz; Tue, 17 Sep 2024 21:46:57 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1sqjmN-0004hc-HR
 for guix-patches@gnu.org; Tue, 17 Sep 2024 21:46:51 -0400
Received: from debbugs.gnu.org ([2001:470:142:5::43])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1sqjmN-0008L7-19
 for guix-patches@gnu.org; Tue, 17 Sep 2024 21:46:51 -0400
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
 d=debbugs.gnu.org; s=debbugs-gnu-org;
 h=MIME-Version:References:In-Reply-To:Date:From:To:Subject;
 bh=yiDGg1dk02YK1X8vbJ8v0f4vT6EshbLsWIQluKV5Jrs=;
 b=rBdyQG4sQUnQuoLJRunhWHE4xzihMptxPcyzwvKFa1PnM3nzFbqSN8lsk3O20YKapSjIUmI8G63OTlrwsRs04CPrgTNgutI6x0aiD7dsfKb0EJy5mx8tZbdbSuxx/D/z5ejn8Q2G3NM/mS8TFIfCY9Jfggdor2r0NRr/gCNB0ZIEGcVoOC/RrJvoFyV+bdZKPT2FEO9rs2P+xp/5IxKm+xUw0C8V2luJxjLr87s1LSxNhsEVdD2L6O7R0hc++KI+USzmOYbWSrT1wv+yNOonuD4W19Y6zFRZtSOoSrTajea9M7FKO5gPMevcznAwb84UU7lJBdbfvgEdZjAGdFocPw==;
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1sqjmc-0004F7-DI
 for guix-patches@gnu.org; Tue, 17 Sep 2024 21:47:06 -0400
X-Loop: help-debbugs@gnu.org
Subject: [bug#72835] [PATCH qt-team v2 26/74] gnu: libvpx: Update to 1.14.1.
Resent-From: Zheng Junjie <zhengjunjie@iscas.ac.cn>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: guix-patches@gnu.org
Resent-Date: Wed, 18 Sep 2024 01:47:06 +0000
Resent-Message-ID: <handler.72835.B72835.172662401516186@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 72835
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: 72835@debbugs.gnu.org
Received: via spool by 72835-submit@debbugs.gnu.org id=B72835.172662401516186
 (code B ref 72835); Wed, 18 Sep 2024 01:47:06 +0000
Received: (at 72835) by debbugs.gnu.org; 18 Sep 2024 01:46:55 +0000
Received: from localhost ([127.0.0.1]:56413 helo=debbugs.gnu.org)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
 id 1sqjmQ-0004Cu-GG
 for submit@debbugs.gnu.org; Tue, 17 Sep 2024 21:46:55 -0400
Received: from smtp81.cstnet.cn ([159.226.251.81]:57818 helo=cstnet.cn)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <zhengjunjie@iscas.ac.cn>) id 1sqjmN-0004CT-JB
 for 72835@debbugs.gnu.org; Tue, 17 Sep 2024 21:46:53 -0400
Received: from m.tailaa68d.ts.net (unknown [107.174.64.25])
 by APP-03 (Coremail) with SMTP id rQCowACHVIzpMOpmMZhWBA--.351S3;
 Wed, 18 Sep 2024 09:46:23 +0800 (CST)
From: Zheng Junjie <zhengjunjie@iscas.ac.cn>
Date: Wed, 18 Sep 2024 09:43:08 +0800
Message-ID: 
 <1da1167ad845e384bc250cb721cd637ab9b11e97.1726567073.git.zhengjunjie@iscas.ac.cn>
X-Mailer: git-send-email 2.46.0
In-Reply-To: <cover.1726567073.git.zhengjunjie@iscas.ac.cn>
References: <cover.1726567073.git.zhengjunjie@iscas.ac.cn>
MIME-Version: 1.0
X-CM-TRANSID: rQCowACHVIzpMOpmMZhWBA--.351S3
X-Coremail-Antispam: 1UD129KBjvJXoW3Cr4xAw15Xr17uw48Gr13CFg_yoWDKF17p3
 y5tr1fZ3y5Jw4rZws7G3WqqF15u34xWFyUW39rAw1S9wnxuFyUtFW0yay8CFy3W393u3Wx
 uFyrX34xGr1YyaUanT9S1TB71UUUUU7qnTZGkaVYY2UrUUUUjbIjqfuFe4nvWSU5nxnvy2
 9KBjDU0xBIdaVrnRJUUU9Ib7Iv0xC_Kw4lb4IE77IF4wAFF20E14v26r1j6r4UM7CY07I2
 0VC2zVCF04k26cxKx2IYs7xG6rWj6s0DM7CIcVAFz4kK6r1j6r18M28IrcIa0xkI8VA2jI
 8067AKxVWUGwA2048vs2IY020Ec7CjxVAFwI0_Jr4l8cAvFVAK0II2c7xJM28CjxkF64kE
 wVA0rcxSw2x7M28EF7xvwVC0I7IYx2IY67AKxVW7JVWDJwA2z4x0Y4vE2Ix0cI8IcVCY1x
 0267AKxVW8Jr0_Cr1UM28EF7xvwVC2z280aVAFwI0_Gr1j6F4UJwA2z4x0Y4vEx4A2jsIE
 c7CjxVAFwI0_Cr1j6rxdM2AIxVAIcxkEcVAq07x20xvEncxIr21l5I8CrVACY4xI64kE6c
 02F40Ex7xfMcIj6xIIjxv20xvE14v26r126r1DMcIj6I8E87Iv67AKxVWUJVW8JwAm72CE
 4IkC6x0Yz7v_Jr0_Gr1lF7xvr2IYc2Ij64vIr41l42xK82IYc2Ij64vIr41l4I8I3I0E4I
 kC6x0Yz7v_Jr0_Gr1lx2IqxVAqx4xG67AKxVWUJVWUGwC20s026x8GjcxK67AKxVWUGVWU
 WwC2zVAF1VAY17CE14v26r1j6r15MIIYrxkI7VAKI48JMIIF0xvE2Ix0cI8IcVAFwI0_Xr
 0_Ar1lIxAIcVC0I7IYx2IY6xkF7I0E14v26r4j6F4UMIIF0xvE42xK8VAvwI8IcIk0rVWU
 JVWUCwCI42IY6I8E87Iv67AKxVW8JVWxJwCI42IY6I8E87Iv6xkF7I0E14v26r4j6r4UJb
 IYCTnIWIevJa73UjIFyTuYvjxUgySrUUUUU
X-Originating-IP: [107.174.64.25]
X-CM-SenderInfo: x2kh0wxmxqyx3h6l2u1dvotugofq/
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-BeenThere: guix-patches@gnu.org
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/guix-patches>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=subscribe>
Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org
Sender: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org
X-getmail-retrieved-from-mailbox: Patches

* gnu/packages/video.scm (libvpx): Update to 1.14.1.
[source]: Remove libvpx-CVE-2023-5217.patch.

* gnu/packages/patches/libvpx-CVE-2023-44488.patch:
* gnu/packages/patches/libvpx-CVE-2023-5217.patch: Remove them.
* gnu/local.mk (dist_patch_DATA): Unregister them.

Change-Id: I123caed254e8046751f104cd3a82e4db904de787
---
 gnu/local.mk                                  |   2 -
 .../patches/libvpx-CVE-2023-44488.patch       | 107 ------------------
 .../patches/libvpx-CVE-2023-5217.patch        |  99 ----------------
 gnu/packages/video.scm                        |   7 +-
 4 files changed, 3 insertions(+), 212 deletions(-)
 delete mode 100644 gnu/packages/patches/libvpx-CVE-2023-44488.patch
 delete mode 100644 gnu/packages/patches/libvpx-CVE-2023-5217.patch

diff --git a/gnu/local.mk b/gnu/local.mk
index fcdf174099..fdb503aa32 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1699,8 +1699,6 @@ dist_patch_DATA =						\
   %D%/packages/patches/libutils-remove-damaging-includes.patch	\
   %D%/packages/patches/libvdpau-va-gl-unbundle.patch		\
   %D%/packages/patches/libvpx-CVE-2016-2818.patch		\
-  %D%/packages/patches/libvpx-CVE-2023-5217.patch		\
-  %D%/packages/patches/libvpx-CVE-2023-44488.patch		\
   %D%/packages/patches/libxml2-xpath0-Add-option-xpath0.patch	\
   %D%/packages/patches/libwpd-gcc-compat.patch			\
   %D%/packages/patches/libxslt-generated-ids.patch		\
diff --git a/gnu/packages/patches/libvpx-CVE-2023-44488.patch b/gnu/packages/patches/libvpx-CVE-2023-44488.patch
deleted file mode 100644
index 4ebb034eb4..0000000000
--- a/gnu/packages/patches/libvpx-CVE-2023-44488.patch
+++ /dev/null
@@ -1,107 +0,0 @@
-From the upstream repo, can be removed after 1.14.1
-https://github.com/webmproject/libvpx/commit/df9fd9d5b7325060b2b921558a1eb20ca7880937.patch
-https://www.openwall.com/lists/oss-security/2023/09/30/4
-
-The test change didn't apply so it was removed from the patch
-
-From df9fd9d5b7325060b2b921558a1eb20ca7880937 Mon Sep 17 00:00:00 2001
-From: Jerome Jiang <jianj@google.com>
-Date: Thu, 30 Jun 2022 13:48:56 -0400
-Subject: [PATCH] Fix bug with smaller width bigger size
-
-Fixed previous patch that clusterfuzz failed on.
-
-Local fuzzing passing overnight.
-
-Bug: webm:1642
-Change-Id: If0e08e72abd2e042efe4dcfac21e4cc51afdfdb9
-(cherry picked from commit 263682c9a29395055f3b3afe2d97be1828a6223f)
----
- test/resize_test.cc          | 11 +++--------
- vp9/common/vp9_alloccommon.c | 13 ++++++-------
- vp9/encoder/vp9_encoder.c    | 27 +++++++++++++++++++++++++--
- 3 files changed, 34 insertions(+), 17 deletions(-)
-
-diff --git a/vp9/common/vp9_alloccommon.c b/vp9/common/vp9_alloccommon.c
-index e53883f621d..9e73e40ea09 100644
---- a/vp9/common/vp9_alloccommon.c
-+++ b/vp9/common/vp9_alloccommon.c
-@@ -135,13 +135,6 @@ int vp9_alloc_context_buffers(VP9_COMMON *cm, int width, int height) {
-     cm->free_mi(cm);
-     if (cm->alloc_mi(cm, new_mi_size)) goto fail;
-   }
--
--  if (cm->seg_map_alloc_size < cm->mi_rows * cm->mi_cols) {
--    // Create the segmentation map structure and set to 0.
--    free_seg_map(cm);
--    if (alloc_seg_map(cm, cm->mi_rows * cm->mi_cols)) goto fail;
--  }
--
-   if (cm->above_context_alloc_cols < cm->mi_cols) {
-     vpx_free(cm->above_context);
-     cm->above_context = (ENTROPY_CONTEXT *)vpx_calloc(
-@@ -156,6 +149,12 @@ int vp9_alloc_context_buffers(VP9_COMMON *cm, int width, int height) {
-     cm->above_context_alloc_cols = cm->mi_cols;
-   }
- 
-+  if (cm->seg_map_alloc_size < cm->mi_rows * cm->mi_cols) {
-+    // Create the segmentation map structure and set to 0.
-+    free_seg_map(cm);
-+    if (alloc_seg_map(cm, cm->mi_rows * cm->mi_cols)) goto fail;
-+  }
-+
-   if (vp9_alloc_loop_filter(cm)) goto fail;
- 
-   return 0;
-diff --git a/vp9/encoder/vp9_encoder.c b/vp9/encoder/vp9_encoder.c
-index b66fdc0bca3..e3850775455 100644
---- a/vp9/encoder/vp9_encoder.c
-+++ b/vp9/encoder/vp9_encoder.c
-@@ -1973,6 +1973,17 @@ static void alloc_copy_partition_data(VP9_COMP *cpi) {
-   }
- }
- 
-+static void free_copy_partition_data(VP9_COMP *cpi) {
-+  vpx_free(cpi->prev_partition);
-+  cpi->prev_partition = NULL;
-+  vpx_free(cpi->prev_segment_id);
-+  cpi->prev_segment_id = NULL;
-+  vpx_free(cpi->prev_variance_low);
-+  cpi->prev_variance_low = NULL;
-+  vpx_free(cpi->copied_frame_cnt);
-+  cpi->copied_frame_cnt = NULL;
-+}
-+
- void vp9_change_config(struct VP9_COMP *cpi, const VP9EncoderConfig *oxcf) {
-   VP9_COMMON *const cm = &cpi->common;
-   RATE_CONTROL *const rc = &cpi->rc;
-@@ -2052,6 +2063,8 @@ void vp9_change_config(struct VP9_COMP *cpi, const VP9EncoderConfig *oxcf) {
-     new_mi_size = cm->mi_stride * calc_mi_size(cm->mi_rows);
-     if (cm->mi_alloc_size < new_mi_size) {
-       vp9_free_context_buffers(cm);
-+      vp9_free_pc_tree(&cpi->td);
-+      vpx_free(cpi->mbmi_ext_base);
-       alloc_compressor_data(cpi);
-       realloc_segmentation_maps(cpi);
-       cpi->initial_width = cpi->initial_height = 0;
-@@ -2070,8 +2083,18 @@ void vp9_change_config(struct VP9_COMP *cpi, const VP9EncoderConfig *oxcf) {
-     update_frame_size(cpi);
- 
-   if (last_w != cpi->oxcf.width || last_h != cpi->oxcf.height) {
--    memset(cpi->consec_zero_mv, 0,
--           cm->mi_rows * cm->mi_cols * sizeof(*cpi->consec_zero_mv));
-+    vpx_free(cpi->consec_zero_mv);
-+    CHECK_MEM_ERROR(
-+        cm, cpi->consec_zero_mv,
-+        vpx_calloc(cm->mi_rows * cm->mi_cols, sizeof(*cpi->consec_zero_mv)));
-+
-+    vpx_free(cpi->skin_map);
-+    CHECK_MEM_ERROR(
-+        cm, cpi->skin_map,
-+        vpx_calloc(cm->mi_rows * cm->mi_cols, sizeof(cpi->skin_map[0])));
-+
-+    free_copy_partition_data(cpi);
-+    alloc_copy_partition_data(cpi);
-     if (cpi->oxcf.aq_mode == CYCLIC_REFRESH_AQ)
-       vp9_cyclic_refresh_reset_resize(cpi);
-     rc->rc_1_frame = 0;
diff --git a/gnu/packages/patches/libvpx-CVE-2023-5217.patch b/gnu/packages/patches/libvpx-CVE-2023-5217.patch
deleted file mode 100644
index 2bcb0bcd55..0000000000
--- a/gnu/packages/patches/libvpx-CVE-2023-5217.patch
+++ /dev/null
@@ -1,99 +0,0 @@
-From: Tobias Geerinckx-Rice <me@tobias.gr>
-Date: Sun Sep 24 02:00:00 2023 +0200
-Subject: libvpx: Fix CVE-2023-5217.
-
-These are the changes made to libvpx between Firefox ESR 115.3.0 and
-115.3.1, which claims to fix CVE-2023-5217 and so do we.  The report
-itself is not public.
-
-It consists of the following 2 upstream libvpx commits:
-  af6dedd715f4307669366944cca6e0417b290282
-  3fbd1dca6a4d2dad332a2110d646e4ffef36d590
-which are not yet part of an upstream commit.
-
----
-diff -Naur libvpx.orig/test/encode_api_test.cc libvpx/test/encode_api_test.cc
---- libvpx.orig/test/encode_api_test.cc	1970-01-01 01:00:01.000000000 +0100
-+++ libvpx/test/encode_api_test.cc	2023-09-29 21:00:03.189620452 +0200
-@@ -304,7 +304,6 @@
- 
- void InitCodec(const vpx_codec_iface_t &iface, int width, int height,
-                vpx_codec_ctx_t *enc, vpx_codec_enc_cfg_t *cfg) {
--  ASSERT_EQ(vpx_codec_enc_config_default(&iface, cfg, 0), VPX_CODEC_OK);
-   cfg->g_w = width;
-   cfg->g_h = height;
-   cfg->g_lag_in_frames = 0;
-@@ -342,6 +341,7 @@
-         vpx_codec_ctx_t ctx = {};
-       } enc;
- 
-+      ASSERT_EQ(vpx_codec_enc_config_default(iface, &cfg, 0), VPX_CODEC_OK);
-       EXPECT_NO_FATAL_FAILURE(
-           InitCodec(*iface, kWidth, kHeight, &enc.ctx, &cfg));
-       if (IsVP9(iface)) {
-@@ -353,6 +353,50 @@
- 
-       for (const auto threads : { 1, 4, 8, 6, 2, 1 }) {
-         cfg.g_threads = threads;
-+        EXPECT_NO_FATAL_FAILURE(EncodeWithConfig(cfg, &enc.ctx))
-+            << "iteration: " << i << " threads: " << threads;
-+      }
-+    }
-+  }
-+}
-+
-+TEST(EncodeAPI, ConfigResizeChangeThreadCount) {
-+  constexpr int kInitWidth = 1024;
-+  constexpr int kInitHeight = 1024;
-+
-+  for (const auto *iface : kCodecIfaces) {
-+    SCOPED_TRACE(vpx_codec_iface_name(iface));
-+    for (int i = 0; i < (IsVP9(iface) ? 2 : 1); ++i) {
-+      vpx_codec_enc_cfg_t cfg = {};
-+      struct Encoder {
-+        ~Encoder() { EXPECT_EQ(vpx_codec_destroy(&ctx), VPX_CODEC_OK); }
-+        vpx_codec_ctx_t ctx = {};
-+      } enc;
-+
-+      ASSERT_EQ(vpx_codec_enc_config_default(iface, &cfg, 0), VPX_CODEC_OK);
-+      // Start in threaded mode to ensure resolution and thread related
-+      // allocations are updated correctly across changes in resolution and
-+      // thread counts. See https://crbug.com/1486441.
-+      cfg.g_threads = 4;
-+      EXPECT_NO_FATAL_FAILURE(
-+          InitCodec(*iface, kInitWidth, kInitHeight, &enc.ctx, &cfg));
-+      if (IsVP9(iface)) {
-+        EXPECT_EQ(vpx_codec_control_(&enc.ctx, VP9E_SET_TILE_COLUMNS, 6),
-+                  VPX_CODEC_OK);
-+        EXPECT_EQ(vpx_codec_control_(&enc.ctx, VP9E_SET_ROW_MT, i),
-+                  VPX_CODEC_OK);
-+      }
-+
-+      cfg.g_w = 1000;
-+      cfg.g_h = 608;
-+      EXPECT_EQ(vpx_codec_enc_config_set(&enc.ctx, &cfg), VPX_CODEC_OK)
-+          << vpx_codec_error_detail(&enc.ctx);
-+
-+      cfg.g_w = 16;
-+      cfg.g_h = 720;
-+
-+      for (const auto threads : { 1, 4, 8, 6, 2, 1 }) {
-+        cfg.g_threads = threads;
-         EXPECT_NO_FATAL_FAILURE(EncodeWithConfig(cfg, &enc.ctx))
-             << "iteration: " << i << " threads: " << threads;
-       }
-diff -Naur libvpx.orig/vp8/encoder/onyx_if.c libvpx/vp8/encoder/onyx_if.c
---- libvpx.orig/vp8/encoder/onyx_if.c	1970-01-01 01:00:01.000000000 +0100
-+++ libvpx/vp8/encoder/onyx_if.c	2023-09-29 21:01:44.155476128 +0200
-@@ -1443,6 +1443,11 @@
-   last_h = cpi->oxcf.Height;
-   prev_number_of_layers = cpi->oxcf.number_of_layers;
- 
-+  if (cpi->initial_width) {
-+    // TODO(https://crbug.com/1486441): Allow changing thread counts; the
-+    // allocation is done once in vp8_create_compressor().
-+    oxcf->multi_threaded = cpi->oxcf.multi_threaded;
-+  }
-   cpi->oxcf = *oxcf;
- 
-   switch (cpi->oxcf.Mode) {
diff --git a/gnu/packages/video.scm b/gnu/packages/video.scm
index 73e9b31825..6aa4584f27 100644
--- a/gnu/packages/video.scm
+++ b/gnu/packages/video.scm
@@ -2950,7 +2950,7 @@ (define-public mpv-mpris
 (define-public libvpx
   (package
     (name "libvpx")
-    (version "1.12.0")
+    (version "1.14.1")
     (source (origin
               (method git-fetch)
               (uri (git-reference
@@ -2959,9 +2959,8 @@ (define-public libvpx
               (file-name (git-file-name name version))
               (sha256
                (base32
-                "1x12f2bd4jqd532rnixmwvcx8d29yxiacpcxqqh86qczc49la8gm"))
-              (patches (search-patches "libvpx-CVE-2016-2818.patch"
-                                       "libvpx-CVE-2023-5217.patch"))))
+                "0r6qvc84mflpy1zxz7p8aj7i552cwx957l50akvajxmzij1kpy1x"))
+              (patches (search-patches "libvpx-CVE-2016-2818.patch"))))
     (build-system gnu-build-system)
     (arguments
      `(#:configure-flags (list "--enable-shared"