rpms
/
gstreamer1-plugins-base
20
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: rpms:c9
Branches Tags
rpms:i9c
rpms:c9
rpms:i8c
rpms:c8
rpms:i10cs
rpms:cs10
rpms:i10c-beta
rpms:c10-beta
rpms:i8c-beta
rpms:c8-beta
rpms:i9c-beta
rpms:c9-beta
..
compare: rpms:c9-beta
Branches Tags
rpms:i9c
rpms:c9
rpms:i8c
rpms:c8
rpms:i10cs
rpms:cs10
rpms:i10c-beta
rpms:c10-beta
rpms:i8c-beta
rpms:c8-beta
rpms:i9c-beta
rpms:c9-beta

No commits in common. 'c9' and 'c9-beta' have entirely different histories.
c9 ... c9-beta

10 changed files with 34 additions and 236 deletions
Show Stats

20
SOURCES/0001-missing-plugins-Remove-the-mpegaudioversion-field.patch
Unescape View File

@ -1,21 +1,21 @@
From cd9358bdbae7e0cbaac4c235dead2e819b033d2f Mon Sep 17 00:00:00 2001 From 06ca82cad9898f5df40011fe0614ee1dfd89f1ae Mon Sep 17 00:00:00 2001
From: Bastien Nocera <hadess@hadess.net> From: Bastien Nocera <hadess@hadess.net>
Date: Wed, 17 Jan 2024 16:19:30 +0100 Date: Fri, 3 Aug 2012 17:50:24 +0100
Subject: [PATCH 1/8] missing-plugins: Remove the mpegaudioversion field Subject: [PATCH 1/2] missing-plugins: Remove the mpegaudioversion field
From missing plugins requests as it's a duplicate of mpegversion From missing plugins requests as it's a duplicate of mpegversion
and its presence would break codec discovery when using RPM. and its presence would break codec discovery when using RPM.
https://bugzilla.redhat.com/show_bug.cgi?id=680809 https://bugzilla.redhat.com/show_bug.cgi?id=680809
--- ---
.../gst-plugins-base/gst-libs/gst/pbutils/missing-plugins.c | 3 +++ gst-libs/gst/pbutils/missing-plugins.c | 3 +++
1 file changed, 3 insertions(+) 1 file changed, 3 insertions(+)
diff --git a/subprojects/gst-plugins-base/gst-libs/gst/pbutils/missing-plugins.c b/subprojects/gst-plugins-base/gst-libs/gst/pbutils/missing-plugins.c diff --git a/gst-libs/gst/pbutils/missing-plugins.c b/gst-libs/gst/pbutils/missing-plugins.c
index 69330b933b..c4fd3e6737 100644 index a08803b18..cdce4bf05 100644
--- a/subprojects/gst-plugins-base/gst-libs/gst/pbutils/missing-plugins.c --- a/gst-libs/gst/pbutils/missing-plugins.c
+++ b/subprojects/gst-plugins-base/gst-libs/gst/pbutils/missing-plugins.c +++ b/gst-libs/gst/pbutils/missing-plugins.c
@@ -191,6 +191,9 @@ copy_and_clean_caps (const GstCaps * caps) @@ -151,6 +151,9 @@ copy_and_clean_caps (const GstCaps * caps)
gst_structure_remove_field (s, "play-speed"); gst_structure_remove_field (s, "play-speed");
gst_structure_remove_field (s, "play-scale"); gst_structure_remove_field (s, "play-scale");
gst_structure_remove_field (s, "dynamic_range"); gst_structure_remove_field (s, "dynamic_range");
@ -26,5 +26,5 @@ index 69330b933b..c4fd3e6737 100644
return ret; return ret;
} }
-- --
2.47.0 2.14.3

4
SOURCES/0003-subparse-Look-for-the-closing-of-a-tag-after-the-ope.patch → SOURCES/0001-subparse-Look-for-the-closing-of-a-tag-after-the-ope.patch
Unescape View File

@ -1,7 +1,7 @@
From f7f24aed62178dc1deb581a512029dcb20727137 Mon Sep 17 00:00:00 2001 From f7f24aed62178dc1deb581a512029dcb20727137 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com> From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Tue, 13 Jun 2023 12:53:13 +0300 Date: Tue, 13 Jun 2023 12:53:13 +0300
Subject: [PATCH 3/8] subparse: Look for the closing `>` of a tag after the Subject: [PATCH 1/2] subparse: Look for the closing `>` of a tag after the
opening `<` opening `<`
Previously when fixing up subrip markip, we were looking from the start Previously when fixing up subrip markip, we were looking from the start
@ -32,5 +32,5 @@ index 7aa922cdd8..d0960a971a 100644
const gchar *last = NULL; const gchar *last = NULL;
if (num_open_tags > 0) if (num_open_tags > 0)
-- --
2.47.0 2.43.0

25
SOURCES/0002-gl-fix-compilation.patch
Unescape View File

@ -1,25 +0,0 @@
From 2ede3bc75535b7445db836fdcb6a6c85c5f47dbe Mon Sep 17 00:00:00 2001
From: Wim Taymans <wtaymans@redhat.com>
Date: Wed, 17 Jan 2024 16:20:46 +0100
Subject: [PATCH 2/8] gl: fix compilation
---
.../gst-libs/gst/gl/wayland/gstglwindow_wayland_egl.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/subprojects/gst-plugins-base/gst-libs/gst/gl/wayland/gstglwindow_wayland_egl.h b/subprojects/gst-plugins-base/gst-libs/gst/gl/wayland/gstglwindow_wayland_egl.h
index 0212744b74..58299473d9 100644
--- a/subprojects/gst-plugins-base/gst-libs/gst/gl/wayland/gstglwindow_wayland_egl.h
+++ b/subprojects/gst-plugins-base/gst-libs/gst/gl/wayland/gstglwindow_wayland_egl.h
@@ -22,7 +22,7 @@
#define __GST_GL_WINDOW_WAYLAND_EGL_H__
#include <wayland-client.h>
-#include "xdg-shell-client-protocol.h"
+#include "../xdg-shell-client-protocol.h"
#include <wayland-egl.h>
#include <wayland-cursor.h>
--
2.47.0

4
SOURCES/0004-subparse-Skip-after-the-end-of-a-valid-closing-tag-i.patch → SOURCES/0002-subparse-Skip-after-the-end-of-a-valid-closing-tag-i.patch
Unescape View File

@ -1,7 +1,7 @@
From 997e8b0a485a22a9e44d503d7a1c6aa1970061e0 Mon Sep 17 00:00:00 2001 From 997e8b0a485a22a9e44d503d7a1c6aa1970061e0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com> From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Tue, 13 Jun 2023 12:58:26 +0300 Date: Tue, 13 Jun 2023 12:58:26 +0300
Subject: [PATCH 4/8] subparse: Skip after the end of a valid closing tag Subject: [PATCH 2/2] subparse: Skip after the end of a valid closing tag
instead of only skipping `<` instead of only skipping `<`
This is a small optimization and avoids restarting the next parsing This is a small optimization and avoids restarting the next parsing
@ -29,5 +29,5 @@ index d0960a971a..b33ddbb2a7 100644
} }
} }
-- --
2.47.0 2.43.0

34
SOURCES/0005-tags-Don-t-allow-image-tags-with-G_MAXUINT32-length.patch
Unescape View File

@ -1,34 +0,0 @@
From 1ac83c63d28d02d2dbed663cd6eda4009d6b717e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Tue, 13 Jun 2023 13:22:57 +0300
Subject: [PATCH 5/8] tags: Don't allow image tags with G_MAXUINT32 length
This will cause an integer overflow a little bit further down because we
allocate a bit more memory to allow for a NUL-terminator.
The caller should've avoided passing that much data in already as it's
not going to be a valid image and there's likely not even that much data
available.
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/4894>
---
subprojects/gst-plugins-base/gst-libs/gst/tag/tags.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/subprojects/gst-plugins-base/gst-libs/gst/tag/tags.c b/subprojects/gst-plugins-base/gst-libs/gst/tag/tags.c
index 73e6bb4a36..d38a0c97f4 100644
--- a/subprojects/gst-plugins-base/gst-libs/gst/tag/tags.c
+++ b/subprojects/gst-plugins-base/gst-libs/gst/tag/tags.c
@@ -530,7 +530,8 @@ gst_tag_image_data_to_image_sample (const guint8 * image_data,
GstStructure *image_info = NULL;
g_return_val_if_fail (image_data != NULL, NULL);
- g_return_val_if_fail (image_data_len > 0, NULL);
+ g_return_val_if_fail (image_data_len > 0
+ || image_data_len == G_MAXUINT32, NULL);
g_return_val_if_fail (gst_tag_image_type_is_valid (image_type), NULL);
GST_DEBUG ("image data len: %u bytes", image_data_len);
--
2.47.0

37
SOURCES/0006-opusdec-Set-at-most-64-channels-to-NONE-position.patch
Unescape View File

@ -1,37 +0,0 @@
From 854ad98510462c560ede6539157ce53bebdebf15 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Tue, 1 Oct 2024 13:22:50 +0300
Subject: [PATCH 6/8] opusdec: Set at most 64 channels to NONE position
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-116
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3871
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8096>
---
subprojects/gst-plugins-base/ext/opus/gstopusdec.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/subprojects/gst-plugins-base/ext/opus/gstopusdec.c b/subprojects/gst-plugins-base/ext/opus/gstopusdec.c
index 60f8879dc5..03d061ad00 100644
--- a/subprojects/gst-plugins-base/ext/opus/gstopusdec.c
+++ b/subprojects/gst-plugins-base/ext/opus/gstopusdec.c
@@ -440,12 +440,12 @@ gst_opus_dec_parse_header (GstOpusDec * dec, GstBuffer * buf)
posn = gst_opus_channel_positions[dec->n_channels - 1];
break;
default:{
- gint i;
+ guint i, max_pos = MIN (dec->n_channels, 64);
GST_ELEMENT_WARNING (GST_ELEMENT (dec), STREAM, DECODE,
(NULL), ("Using NONE channel layout for more than 8 channels"));
- for (i = 0; i < dec->n_channels; i++)
+ for (i = 0; i < max_pos; i++)
pos[i] = GST_AUDIO_CHANNEL_POSITION_NONE;
posn = pos;
--
2.47.0

76
SOURCES/0007-vorbis_parse-check-writes-to-GstOggStream.vorbis_mod.patch
Unescape View File

@ -1,76 +0,0 @@
From 99cc78f36aa11642e88cad83a9f0a068c91532eb Mon Sep 17 00:00:00 2001
From: Mathieu Duponchelle <mathieu@centricular.com>
Date: Wed, 2 Oct 2024 15:16:30 +0200
Subject: [PATCH 7/8] vorbis_parse: check writes to
GstOggStream.vorbis_mode_sizes
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-117 Fixes gstreamer#3875
Also perform out-of-bounds check for accesses to op->packet
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8097>
---
.../gst-plugins-base/ext/ogg/vorbis_parse.c | 21 +++++++++++++++++++
1 file changed, 21 insertions(+)
diff --git a/subprojects/gst-plugins-base/ext/ogg/vorbis_parse.c b/subprojects/gst-plugins-base/ext/ogg/vorbis_parse.c
index 65ef463808..757c7cd82b 100644
--- a/subprojects/gst-plugins-base/ext/ogg/vorbis_parse.c
+++ b/subprojects/gst-plugins-base/ext/ogg/vorbis_parse.c
@@ -165,6 +165,10 @@ gst_parse_vorbis_setup_packet (GstOggStream * pad, ogg_packet * op)
if (offset == 0) {
offset = 8;
current_pos -= 1;
+
+ /* have we underrun? */
+ if (current_pos < op->packet)
+ return -1;
}
}
@@ -178,6 +182,10 @@ gst_parse_vorbis_setup_packet (GstOggStream * pad, ogg_packet * op)
if (offset == 7)
current_pos -= 1;
+ /* have we underrun? */
+ if (current_pos < op->packet + 5)
+ return -1;
+
if (((current_pos[-5] & ~((1 << (offset + 1)) - 1)) != 0)
||
current_pos[-4] != 0
@@ -199,9 +207,18 @@ gst_parse_vorbis_setup_packet (GstOggStream * pad, ogg_packet * op)
/* Give ourselves a chance to recover if we went back too far by using
* the size check. */
for (ii = 0; ii < 2; ii++) {
+
if (offset > 4) {
+ /* have we underrun? */
+ if (current_pos < op->packet)
+ return -1;
+
size_check = (current_pos[0] >> (offset - 5)) & 0x3F;
} else {
+ /* have we underrun? */
+ if (current_pos < op->packet + 1)
+ return -1;
+
/* mask part of byte from current_pos */
size_check = (current_pos[0] & ((1 << (offset + 1)) - 1));
/* shift to appropriate position */
@@ -233,6 +250,10 @@ gst_parse_vorbis_setup_packet (GstOggStream * pad, ogg_packet * op)
mode_size_ptr = pad->vorbis_mode_sizes;
+ if (size > G_N_ELEMENTS (pad->vorbis_mode_sizes)) {
+ return -1;
+ }
+
for (i = 0; i < size; i++) {
offset = (offset + 1) % 8;
if (offset == 0)
--
2.47.0

31
SOURCES/0008-vorbisdec-Set-at-most-64-channels-to-NONE-position.patch
Unescape View File

@ -1,31 +0,0 @@
From 60cd489c12b46b63c6e6b95e24cacd53fef739ef Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Mon, 30 Sep 2024 21:35:07 +0300
Subject: [PATCH 8/8] vorbisdec: Set at most 64 channels to NONE position
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-115
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3869
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8101>
---
subprojects/gst-plugins-base/ext/vorbis/gstvorbisdec.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/subprojects/gst-plugins-base/ext/vorbis/gstvorbisdec.c b/subprojects/gst-plugins-base/ext/vorbis/gstvorbisdec.c
index 6a410ed858..1fc4fa883e 100644
--- a/subprojects/gst-plugins-base/ext/vorbis/gstvorbisdec.c
+++ b/subprojects/gst-plugins-base/ext/vorbis/gstvorbisdec.c
@@ -204,7 +204,7 @@ vorbis_handle_identification_packet (GstVorbisDec * vd)
}
default:{
GstAudioChannelPosition position[64];
- gint i, max_pos = MAX (vd->vi.channels, 64);
+ gint i, max_pos = MIN (vd->vi.channels, 64);
GST_ELEMENT_WARNING (vd, STREAM, DECODE,
(NULL), ("Using NONE channel layout for more than 8 channels"));
--
2.47.0

12
SOURCES/xdg-compile.patch
Unescape View File

@ -0,0 +1,12 @@
diff -ru gst-plugins-base-1.18.4/gst-libs/gst/gl/wayland/gstglwindow_wayland_egl.h gst-plugins-base-1.18.4.new/gst-libs/gst/gl/wayland/gstglwindow_wayland_egl.h
--- gst-plugins-base-1.18.4/gst-libs/gst/gl/wayland/gstglwindow_wayland_egl.h 2021-03-15 18:48:01.251275800 +0100
+++ gst-plugins-base-1.18.4.new/gst-libs/gst/gl/wayland/gstglwindow_wayland_egl.h 2022-01-14 16:53:07.235319602 +0100
@@ -22,7 +22,7 @@
#define __GST_GL_WINDOW_WAYLAND_EGL_H__
#include <wayland-client.h>
-#include "xdg-shell-client-protocol.h"
+#include "../xdg-shell-client-protocol.h"
#include <wayland-egl.h>
#include <wayland-cursor.h>

27
SPECS/gstreamer1-plugins-base.spec
Unescape View File

@ -6,7 +6,7 @@
Name: gstreamer1-plugins-base Name: gstreamer1-plugins-base
Version: 1.22.1 Version: 1.22.1
Release: 3%{?gitcommit:.git%{shortcommit}}%{?dist} Release: 2%{?gitcommit:.git%{shortcommit}}%{?dist}
Summary: GStreamer streaming media framework base plugins Summary: GStreamer streaming media framework base plugins
License: LGPLv2+ License: LGPLv2+
@ -18,14 +18,11 @@ Source0: gst-plugins-base-%{version}.tar.xz
%else %else
Source0: http://gstreamer.freedesktop.org/src/gst-plugins-base/gst-plugins-base-%{version}.tar.xz Source0: http://gstreamer.freedesktop.org/src/gst-plugins-base/gst-plugins-base-%{version}.tar.xz
%endif %endif
Patch0: 0001-missing-plugins-Remove-the-mpegaudioversion-field.patch Patch0: 0001-missing-plugins-Remove-the-mpegaudioversion-field.patch
Patch1: 0002-gl-fix-compilation.patch
Patch2: 0003-subparse-Look-for-the-closing-of-a-tag-after-the-ope.patch Patch1: xdg-compile.patch
Patch3: 0004-subparse-Skip-after-the-end-of-a-valid-closing-tag-i.patch Patch2: 0001-subparse-Look-for-the-closing-of-a-tag-after-the-ope.patch
Patch4: 0005-tags-Don-t-allow-image-tags-with-G_MAXUINT32-length.patch Patch3: 0002-subparse-Skip-after-the-end-of-a-valid-closing-tag-i.patch
Patch5: 0006-opusdec-Set-at-most-64-channels-to-NONE-position.patch
Patch6: 0007-vorbis_parse-check-writes-to-GstOggStream.vorbis_mod.patch
Patch7: 0008-vorbisdec-Set-at-most-64-channels-to-NONE-position.patch
BuildRequires: meson >= 0.48.0 BuildRequires: meson >= 0.48.0
BuildRequires: gcc BuildRequires: gcc
@ -122,14 +119,10 @@ for the GStreamer Base Plugins library.
%prep %prep
%setup -q -n gst-plugins-base-%{version} %setup -q -n gst-plugins-base-%{version}
%patch0 -p3 %patch0 -p1
%patch1 -p3 %patch1 -p1
%patch2 -p3 %patch2 -p3
%patch3 -p3 %patch3 -p3
%patch4 -p3
%patch5 -p3
%patch6 -p3
%patch7 -p3
%build %build
%meson \ %meson \
@ -494,10 +487,6 @@ chrpath --delete $RPM_BUILD_ROOT%{_bindir}/gst-play-1.0
%endif %endif
%changelog %changelog
* Mon Dec 16 2024 Wim Taymans <wtaymans@redhat.com> - 1.22.1-3
- Fixes for CVE-2024-47538, CVE-2024-47607, CVE-2024-47615
Resolves: RHEL-70979, RHEL-71015, RHEL-70991
* Wed Jan 17 2024 Wim Taymans <wtaymans@redhat.com> - 1.22.1-2 * Wed Jan 17 2024 Wim Taymans <wtaymans@redhat.com> - 1.22.1-2
- CVE-2023-37328: heap overwrite in subtitle parsing - CVE-2023-37328: heap overwrite in subtitle parsing
- Resolves: RHEL-19475 - Resolves: RHEL-19475

Write Preview
Loading…
Cancel
Save