2 files changed, 13 insertions, 12 deletions

diff --git a/gnu/packages/patches/libvpx-CVE-2016-2818.patch b/gnu/packages/patches/libvpx-CVE-2016-2818.patch
index 1fdf01cbca..bef3448b81 100644
--- a/gnu/packages/patches/libvpx-CVE-2016-2818.patch
+++ b/gnu/packages/patches/libvpx-CVE-2016-2818.patch
@@ -9,15 +9,15 @@ Patch contents copied from Mozilla esr45 changeset 312077:7ebfe49f001c
 
 --- libvpx-1.5.0/vp8/vp8_cx_iface.c.orig	2015-11-09 17:12:38.000000000 -0500
 +++ libvpx-1.5.0/vp8/vp8_cx_iface.c	2016-06-08 08:48:46.037213092 -0400
-@@ -925,11 +925,19 @@
-         {
-             res = image2yuvconfig(img, &sd);
+@@ -860,11 +860,20 @@
+     if (img != NULL) {
+       res = image2yuvconfig(img, &sd);
  
--            if (vp8_receive_raw_frame(ctx->cpi, ctx->next_frame_flag | lib_flags,
--                                      &sd, dst_time_stamp, dst_end_time_stamp))
--            {
--                VP8_COMP *cpi = (VP8_COMP *)ctx->cpi;
--                res = update_error_state(ctx, &cpi->common.error);
+-      if (vp8_receive_raw_frame(ctx->cpi, ctx->next_frame_flag | lib_flags, &sd,
+-                                dst_time_stamp, dst_end_time_stamp)) {
+-        VP8_COMP *cpi = (VP8_COMP *)ctx->cpi;
+-        res = update_error_state(ctx, &cpi->common.error);
+-      }
 +            if (sd.y_width != ctx->cfg.g_w || sd.y_height != ctx->cfg.g_h) {
 +                /* from vp8_encoder.h for g_w/g_h:
 +                   "Note that the frames passed as input to the encoder must have this resolution"
@@ -31,6 +31,7 @@ Patch contents copied from Mozilla esr45 changeset 312077:7ebfe49f001c
 +                    VP8_COMP *cpi = (VP8_COMP *)ctx->cpi;
 +                    res = update_error_state(ctx, &cpi->common.error);
 +                }
-             }
++            }
  
-             /* reset for next frame */
+       /* reset for next frame */
+       ctx->next_frame_flag = 0;
diff --git a/gnu/packages/video.scm b/gnu/packages/video.scm
index d6c62c73c3..5c5d91d86c 100644
--- a/gnu/packages/video.scm
+++ b/gnu/packages/video.scm
@@ -934,7 +934,7 @@ access to mpv's powerful playback capabilities.")
 (define-public libvpx
   (package
     (name "libvpx")
-    (version "1.6.0")
+    (version "1.6.1")
     (source (origin
               (method url-fetch)
               (uri (string-append "http://storage.googleapis.com/"
@@ -942,7 +942,7 @@ access to mpv's powerful playback capabilities.")
                                   name "-" version ".tar.bz2"))
               (sha256
                (base32
-                "1basd6dda5di9p7jhc0f4f52wzm9c3hsravqspw6ibpcn5gbpbyh"))
+                "06d8hqjkfs6wl45qf4pwh1kpbvkx6cwywd5y8d4lgagvjwm0qb0w"))
               (patches (search-patches "libvpx-CVE-2016-2818.patch"))))
     (build-system gnu-build-system)
     (arguments