[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
45/203: gnu: gst-plugins-ugly: Update to 1.19.2.
From: |
guix-commits |
Subject: |
45/203: gnu: gst-plugins-ugly: Update to 1.19.2. |
Date: |
Wed, 3 Nov 2021 21:09:55 -0400 (EDT) |
apteryx pushed a commit to branch core-updates-frozen-batched-changes
in repository guix.
commit 764bccb2add96e493c9669e6bbe68e302e8dcc3c
Author: Maxim Cournoyer <maxim.cournoyer@gmail.com>
AuthorDate: Sat Oct 2 00:25:19 2021 -0400
gnu: gst-plugins-ugly: Update to 1.19.2.
* gnu/packages/gstreamer.scm (gst-plugins-ugly): Update to 1.19.2. Delete
trailing #t.
[patches]: Delete field.
[meson]: Use meson-0.55.
* gnu/packages/patches/gst-plugins-ugly-fix-out-of-bound-reads.patch: Delete
file.
* gnu/local.mk (dist_patch_DATA): De-register it.
---
gnu/local.mk | 1 -
gnu/packages/gstreamer.scm | 11 +-
.../gst-plugins-ugly-fix-out-of-bound-reads.patch | 119 ---------------------
3 files changed, 5 insertions(+), 126 deletions(-)
diff --git a/gnu/local.mk b/gnu/local.mk
index f90d3fd..198c1a2 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1216,7 +1216,6 @@ dist_patch_DATA =
\
%D%/packages/patches/grub-setup-root.patch \
%D%/packages/patches/gspell-dash-test.patch \
%D%/packages/patches/gst-libav-64channels-stack-corruption.patch \
- %D%/packages/patches/gst-plugins-ugly-fix-out-of-bound-reads.patch \
%D%/packages/patches/guile-1.8-cpp-4.5.patch \
%D%/packages/patches/guile-2.2-skip-oom-test.patch \
%D%/packages/patches/guile-2.2-skip-so-test.patch \
diff --git a/gnu/packages/gstreamer.scm b/gnu/packages/gstreamer.scm
index 3b6fe05..efa5b2c 100644
--- a/gnu/packages/gstreamer.scm
+++ b/gnu/packages/gstreamer.scm
@@ -890,19 +890,19 @@ par compared to the rest.")
(define-public gst-plugins-ugly
(package
(name "gst-plugins-ugly")
- (version "1.18.4")
+ (version "1.19.2")
(source
(origin
(method url-fetch)
(uri
(string-append "https://gstreamer.freedesktop.org/src/"
name "/" name "-" version ".tar.xz"))
- (patches (search-patches
"gst-plugins-ugly-fix-out-of-bound-reads.patch"))
(sha256
- (base32 "0g6i4db1883q3j0l2gdv46fcqwiiaw63n6mhvsfcms1i1p7g1391"))))
+ (base32 "1pwz68qg40018ai655fdrjn5clmn0gp2b7dik0jzwx0fzbwzr87j"))))
(build-system meson-build-system)
(arguments
- `(#:glib-or-gtk? #t ; To wrap binaries and/or compile schemas
+ `(#:meson ,meson-0.55
+ #:glib-or-gtk? #t ; To wrap binaries and/or compile schemas
#:phases
(modify-phases %standard-phases
,@%common-gstreamer-phases
@@ -916,8 +916,7 @@ par compared to the rest.")
;; Tests look for $XDG_RUNTIME_DIR.
(setenv "XDG_RUNTIME_DIR" (getcwd))
;; For missing '/etc/machine-id'.
- (setenv "DBUS_FATAL_WARNINGS" "0")
- #t)))))
+ (setenv "DBUS_FATAL_WARNINGS" "0"))))))
(native-inputs
`(("gettext" ,gettext-minimal)
("glib:bin" ,glib "bin")
diff --git a/gnu/packages/patches/gst-plugins-ugly-fix-out-of-bound-reads.patch
b/gnu/packages/patches/gst-plugins-ugly-fix-out-of-bound-reads.patch
deleted file mode 100644
index 3c6a96f..0000000
--- a/gnu/packages/patches/gst-plugins-ugly-fix-out-of-bound-reads.patch
+++ /dev/null
@@ -1,119 +0,0 @@
-Fix out of bounds reads when parsing audio and video packets:
-
-https://security-tracker.debian.org/tracker/TEMP-0000000-4DAA44
-https://gitlab.freedesktop.org/gstreamer/gst-plugins-ugly/-/issues/37
-
-Patch copied from upstream source repository:
-
-https://gitlab.freedesktop.org/gstreamer/gst-plugins-ugly/-/commit/3aba7d1e625554b2407bc77b3d09b4928b937d5f
-From 3aba7d1e625554b2407bc77b3d09b4928b937d5f Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
-Date: Wed, 3 Mar 2021 11:05:14 +0200
-Subject: [PATCH] rmdemux: Make sure we have enough data available when parsing
- audio/video packets
-
-Otherwise there will be out-of-bounds reads and potential crashes.
-
-Thanks to Natalie Silvanovich for reporting.
-
-Fixes https://gitlab.freedesktop.org/gstreamer/gst-plugins-ugly/-/issues/37
-
-Part-of:
<https://gitlab.freedesktop.org/gstreamer/gst-plugins-ugly/-/merge_requests/74>
----
- gst/realmedia/rmdemux.c | 35 +++++++++++++++++++++++++++++++++++
- 1 file changed, 35 insertions(+)
-
-diff --git a/gst/realmedia/rmdemux.c b/gst/realmedia/rmdemux.c
-index 6cc659a1..68b0736b 100644
---- a/gst/realmedia/rmdemux.c
-+++ b/gst/realmedia/rmdemux.c
-@@ -2223,6 +2223,9 @@ gst_rmdemux_parse_video_packet (GstRMDemux * rmdemux,
GstRMDemuxStream * stream,
-
- gst_buffer_map (in, &map, GST_MAP_READ);
-
-+ if (map.size < offset)
-+ goto not_enough_data;
-+
- data = map.data + offset;
- size = map.size - offset;
-
-@@ -2289,6 +2292,9 @@ gst_rmdemux_parse_video_packet (GstRMDemux * rmdemux,
GstRMDemuxStream * stream,
- }
- GST_DEBUG_OBJECT (rmdemux, "fragment size %d", fragment_size);
-
-+ if (map.size < (data - map.data) + fragment_size)
-+ goto not_enough_data;
-+
- /* get the fragment */
- fragment =
- gst_buffer_copy_region (in, GST_BUFFER_COPY_ALL, data - map.data,
-@@ -2437,6 +2443,9 @@ gst_rmdemux_parse_audio_packet (GstRMDemux * rmdemux,
GstRMDemuxStream * stream,
- GstFlowReturn ret;
- GstBuffer *buffer;
-
-+ if (gst_buffer_get_size (in) < offset)
-+ goto not_enough_data;
-+
- buffer = gst_buffer_copy_region (in, GST_BUFFER_COPY_MEMORY, offset, -1);
-
- if (rmdemux->first_ts != -1 && timestamp > rmdemux->first_ts)
-@@ -2467,9 +2476,19 @@ gst_rmdemux_parse_audio_packet (GstRMDemux * rmdemux,
GstRMDemuxStream * stream,
- ret = gst_pad_push (stream->pad, buffer);
- }
-
-+done:
- gst_buffer_unref (in);
-
- return ret;
-+
-+ /* ERRORS */
-+not_enough_data:
-+ {
-+ GST_ELEMENT_WARNING (rmdemux, STREAM, DECODE, ("Skipping bad packet."),
-+ (NULL));
-+ ret = GST_FLOW_OK;
-+ goto done;
-+ }
- }
-
- static GstFlowReturn
-@@ -2490,6 +2509,9 @@ gst_rmdemux_parse_packet (GstRMDemux * rmdemux,
GstBuffer * in, guint16 version)
- data = map.data;
- size = map.size;
-
-+ if (size < 4 + 6 + 1 + 2)
-+ goto not_enough_data;
-+
- /* stream number */
- id = RMDEMUX_GUINT16_GET (data);
-
-@@ -2525,6 +2547,9 @@ gst_rmdemux_parse_packet (GstRMDemux * rmdemux,
GstBuffer * in, guint16 version)
-
- /* version 1 has an extra byte */
- if (version == 1) {
-+ if (size < 1)
-+ goto not_enough_data;
-+
- data += 1;
- size -= 1;
- }
-@@ -2596,6 +2621,16 @@ unknown_stream:
- gst_buffer_unref (in);
- return GST_FLOW_OK;
- }
-+
-+ /* ERRORS */
-+not_enough_data:
-+ {
-+ GST_ELEMENT_WARNING (rmdemux, STREAM, DECODE, ("Skipping bad packet."),
-+ (NULL));
-+ gst_buffer_unmap (in, &map);
-+ gst_buffer_unref (in);
-+ return GST_FLOW_OK;
-+ }
- }
-
- gboolean
---
-2.31.1
-
- 18/203: gnu: cheese: Propagate gdk-pixbuf+svg rather than gdk-pixbuf., (continued)
- 18/203: gnu: cheese: Propagate gdk-pixbuf+svg rather than gdk-pixbuf., guix-commits, 2021/11/03
- 14/203: gnu: librsvg-next: Do not propagate gdk-pixbuf., guix-commits, 2021/11/03
- 20/203: gnu: gst-plugins-base: Update to 1.18.4., guix-commits, 2021/11/03
- 27/203: gnu: gst-editing-services: Update to 1.18.4., guix-commits, 2021/11/03
- 32/203: gnu: python-docutils: Update to 0.17.1., guix-commits, 2021/11/03
- 40/203: gnu: gstreamer: Update to 1.19.2., guix-commits, 2021/11/03
- 12/203: gnu: appstream-glib: Propagate gdk-pixbuf+svg rather than gdk-pixbuf., guix-commits, 2021/11/03
- 42/203: gnu: gst-plugins-good: Update to 1.19.2., guix-commits, 2021/11/03
- 38/203: gnu: python-sphinx: Update to 4.2.0., guix-commits, 2021/11/03
- 43/203: gnu: zxing-cpp: Update to 1.2.0., guix-commits, 2021/11/03
- 45/203: gnu: gst-plugins-ugly: Update to 1.19.2.,
guix-commits <=
- 49/203: gnu: e2fsprogs: Update to 1.46.4., guix-commits, 2021/11/03
- 51/203: gnu: pulseaudio: Update to 15.0., guix-commits, 2021/11/03
- 124/203: gnu: libthai: Make datrie a normal native-input., guix-commits, 2021/11/03
- 130/203: gnu: webkitgtk: Use libsoup 3 and build with GCC., guix-commits, 2021/11/03
- 133/203: gnu: python-flit: Update to 3.3.0., guix-commits, 2021/11/03
- 146/203: gnu: nspr: Normalize inputs., guix-commits, 2021/11/03
- 138/203: profiles: Add a gdk-pixbuf-loaders-cache-file hook., guix-commits, 2021/11/03
- 154/203: gnu: python-dbusmock: Update to 0.24.0., guix-commits, 2021/11/03
- 149/203: gnu: meson: Update to 0.60.0., guix-commits, 2021/11/03
- 158/203: gnu: gdk-pixbuf: Remove obsolete jasper support., guix-commits, 2021/11/03