diff --git a/gst-plugins-base-1.22.9.tar.xz b/gst-plugins-base-1.22.9.tar.xz deleted file mode 100644 index e7ecc8a..0000000 --- a/gst-plugins-base-1.22.9.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:fac3e0dd2d8e9370388b34bf8c21b89d5f63bc3cfc12cd7fdc8fc6c1cba03334 -size 2369680 diff --git a/gst-plugins-base-1.24.0.tar.xz b/gst-plugins-base-1.24.0.tar.xz new file mode 100644 index 0000000..e15a59f --- /dev/null +++ b/gst-plugins-base-1.24.0.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:f33774129c437e2207034f8927af4cf7ed8c0f006a4602b5cde2823ec6c0cc07 +size 2414344 diff --git a/gst-plugins-base-audiobasesink-gap.patch b/gst-plugins-base-audiobasesink-gap.patch new file mode 100644 index 0000000..40748f1 --- /dev/null +++ b/gst-plugins-base-audiobasesink-gap.patch @@ -0,0 +1,20 @@ +diff --git a/gst-libs/gst/audio/gstaudiobasesink.c b/gst-libs/gst/audio/gstaudiobasesink.c +index 1f843ac..891941d 100644 +--- a/gst-libs/gst/audio/gstaudiobasesink.c ++++ b/gst-libs/gst/audio/gstaudiobasesink.c +@@ -1124,15 +1124,6 @@ gst_audio_base_sink_wait_event (GstBaseSink * bsink, GstEvent * event) + /* Make sure the ringbuffer will start again if interrupted during event_wait() */ + g_atomic_int_set (&sink->eos_rendering, 1); + clear_force_start_flag = TRUE; +- +- /* For gap events, don't actually wait for the clock to +- * reach that time, or it will drain the ringbuffer, just +- * ensure we're prerolled and let the next actual buffer +- * get rendered where it belongs */ +- if (GST_EVENT_TYPE (event) == GST_EVENT_GAP) { +- ret = gst_base_sink_do_preroll (bsink, GST_MINI_OBJECT_CAST (event)); +- goto done; +- } + break; + default: + break; diff --git a/gstreamer-plugins-base-CVE-2024-4453.patch b/gstreamer-plugins-base-CVE-2024-4453.patch new file mode 100644 index 0000000..bb0c317 --- /dev/null +++ b/gstreamer-plugins-base-CVE-2024-4453.patch @@ -0,0 +1,53 @@ +commit e68eccff103ab0e91e6d77a892f57131b33902f5 +Author: Sebastian Dröge +Date: Thu Apr 25 15:21:20 2024 +0300 + + exiftag: Prevent integer overflows and out of bounds reads when handling undefined tags + + Fixes ZDI-CAN-23896 + Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3483 + + Part-of: + +diff -Nura gst-plugins-base-1.24.0/gst-libs/gst/tag/gstexiftag.c gst-plugins-base-1.24.0_new/gst-libs/gst/tag/gstexiftag.c +--- gst-plugins-base-1.24.0/gst-libs/gst/tag/gstexiftag.c 2024-03-05 07:51:42.000000000 +0800 ++++ gst-plugins-base-1.24.0_new/gst-libs/gst/tag/gstexiftag.c 2024-05-27 19:25:58.227183616 +0800 +@@ -1383,6 +1383,7 @@ + + if (count > 4) { + GstMapInfo info; ++ gsize alloc_size; + + if (offset < reader->base_offset) { + GST_WARNING ("Offset is smaller (%u) than base offset (%u)", offset, +@@ -1404,14 +1405,28 @@ + return; + } + ++ if (info.size - real_offset < count) { ++ GST_WARNING ("Invalid size %u for buffer of size %" G_GSIZE_FORMAT ++ ", not adding tag %s", count, info.size, tag->gst_tag); ++ gst_buffer_unmap (reader->buffer, &info); ++ return; ++ } ++ ++ if (!g_size_checked_add (&alloc_size, count, 1)) { ++ GST_WARNING ("Invalid size %u for buffer of size %" G_GSIZE_FORMAT ++ ", not adding tag %s", real_offset, info.size, tag->gst_tag); ++ gst_buffer_unmap (reader->buffer, &info); ++ return; ++ } ++ + /* +1 because it could be a string without the \0 */ +- data = malloc (sizeof (guint8) * count + 1); ++ data = malloc (alloc_size); + memcpy (data, info.data + real_offset, count); + data[count] = 0; + + gst_buffer_unmap (reader->buffer, &info); + } else { +- data = malloc (sizeof (guint8) * count + 1); ++ data = malloc (count + 1); + memcpy (data, (guint8 *) offset_as_data, count); + data[count] = 0; + } diff --git a/gstreamer-plugins-base.changes b/gstreamer-plugins-base.changes index a296e9a..04738cd 100644 --- a/gstreamer-plugins-base.changes +++ b/gstreamer-plugins-base.changes @@ -1,3 +1,86 @@ +------------------------------------------------------------------- +Wed May 22 12:45:03 UTC 2024 - Cliff Zhao + +- Add gstreamer-plugins-base-CVE-2024-4453.patch: + Backporting e68eccff from upstream, Prevent integer overflows + and out of bounds reads when handling undefined tags. + (CVE-2024-4453 ZDI-24-467 ZDI-CAN-23896 bsc#1224806) + +------------------------------------------------------------------- +Tue Mar 5 06:20:51 UTC 2024 - Antonio Larrosa + +- Update to version 1.24.0: + * Highlights + - New Discourse forum and Matrix chat space + - New Analytics and Machine Learning abstractions and elements + - Playbin3 and decodebin3 are now stable and the default in + gst-play-1.0, GstPlay/GstPlayer + - The va plugin is now preferred over gst-vaapi and has higher + ranks + - GstMeta serialization/deserialization and other GstMeta + improvements + - New GstMeta for SMPTE ST-291M HANC/VANC Ancillary Data + - New unixfd plugin for efficient 1:N inter-process + communication on Linux + - cudaipc source and sink for zero-copy CUDA memory sharing + between processes + - New intersink and intersrc elements for 1:N pipeline + decoupling within the same process + - Qt5 + Qt6 QML integration improvements including qml6glsrc, + qml6glmixer, qml6gloverlay, and qml6d3d11sink elements + - DRM Modifier Support for dmabufs on Linux + - OpenGL, Vulkan and CUDA integration enhancements + - Vulkan H.264 and H.265 video decoders + - RTP stack improvements including new RFC7273 modes and more + correct header extension handling in depayloaders + - WebRTC improvements such as support for ICE consent + freshness, and a new webrtcsrc element to complement + webrtcsink + - WebRTC signallers and webrtcsink implementations for LiveKit + and AWS Kinesis Video Streams + - WHIP server source and client sink, and a WHEP source + - Precision Time Protocol (PTP) clock support for Windows and + other additions + - Low-Latency HLS (LL-HLS) support and many other HLS and DASH + enhancements + - New W3C Media Source Extensions library + - Countless closed caption handling improvements including new + cea608mux and cea608tocea708 elements + - Translation support for awstranscriber + - Bayer 10/12/14/16-bit depth support + - MPEG-TS support for asynchronous KLV demuxing and segment + seeking, plus various new muxer features + - Capture source and sink for AJA capture and playout cards + - SVT-AV1 and VA-API AV1 encoders, stateless AV1 video decoder + - New uvcsink element for exporting streams as UVC camera + - DirectWrite text rendering plugin for windows + - Direct3D12-based video decoding, conversion, composition, and + rendering + - AMD Advanced Media Framework AV1 + H.265 video encoders with + 10-bit and HDR support + - AVX/AVX2 support and NEON support on macOS on Apple ARM64 + CPUs via new liborc + - GStreamer C# bindings have been updated + - Rust bindings improvements and many new and improved Rust + plugins + - Rust plugins now shipped in packages for all major platforms + including Android and iOS + - Lots of new plugins, features, performance improvements and + bug fixes + * For more detailed information on this update, please see + https://gstreamer.freedesktop.org/releases/1.24/ +- Remove patch reduce-required-meson.patch since meson 1.1 is + really required now. + +------------------------------------------------------------------- +Tue Mar 5 01:07:27 UTC 2024 - Jonas Kvinge + +- Add gst-plugins-base-audiobasesink-gap.patch: + Revert a gap change causing EOS, affecting strawberry playback + causing playback to stop when using mute or fading features. + Upstream issue: + https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3303 + ------------------------------------------------------------------- Thu Feb 1 10:55:30 UTC 2024 - Antonio Larrosa diff --git a/gstreamer-plugins-base.spec b/gstreamer-plugins-base.spec index 62c2887..9b9e1c0 100644 --- a/gstreamer-plugins-base.spec +++ b/gstreamer-plugins-base.spec @@ -20,7 +20,7 @@ %define gst_branch 1.0 %define gstreamer_req_version %(echo %{version} | sed -e "s/+.*//") Name: gstreamer-plugins-base -Version: 1.22.9 +Version: 1.24.0 Release: 0 Summary: GStreamer Streaming-Media Framework Plug-Ins License: GPL-2.0-or-later AND LGPL-2.1-or-later @@ -29,11 +29,12 @@ URL: https://gstreamer.freedesktop.org Source0: %{url}/src/%{_name}/%{_name}-%{version}.tar.xz Source1: gstreamer-plugins-base.appdata.xml Source2: baselibs.conf - -Patch4: add_wayland_dep_to_tests.patch -Patch5: MR-221-video-anc-add-two-new-CEA-608-caption-formats.patch -Patch6: reduce-required-meson.patch - +Patch1: add_wayland_dep_to_tests.patch +Patch2: MR-221-video-anc-add-two-new-CEA-608-caption-formats.patch +# https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3303 +Patch3: gst-plugins-base-audiobasesink-gap.patch +# PATCH-FIX-UPSTREAM gstreamer-plugins-base-CVE-2024-4453.patch CVE-2024-4453 ZDI-24-467 ZDI-CAN-23896 bsc#1224806 qzhao@suse.com -- Prevent integer overflows and out of bounds reads when handling undefined tags. +Patch4: gstreamer-plugins-base-CVE-2024-4453.patch BuildRequires: Mesa-libGLESv3-devel BuildRequires: cdparanoia-devel BuildRequires: gcc-c++ @@ -45,7 +46,7 @@ BuildRequires: libXext-devel BuildRequires: libXv-devel BuildRequires: libjpeg-devel BuildRequires: libpng-devel -BuildRequires: meson >= 0.61 +BuildRequires: meson >= 1.1 BuildRequires: orc >= 0.4.24 BuildRequires: pkgconfig BuildRequires: python3-base @@ -559,8 +560,10 @@ find %{buildroot} -type f -name "*.la" -delete -print %{_libdir}/gstreamer-%{gst_branch}/libgstaudioresample.so %{_libdir}/gstreamer-%{gst_branch}/libgstaudiotestsrc.so %{_libdir}/gstreamer-%{gst_branch}/libgstaudiorate.so +%{_libdir}/gstreamer-%{gst_branch}/libgstbasedebug.so %{_libdir}/gstreamer-%{gst_branch}/libgstcdparanoia.so %{_libdir}/gstreamer-%{gst_branch}/libgstcompositor.so +%{_libdir}/gstreamer-%{gst_branch}/libgstdsd.so %{_libdir}/gstreamer-%{gst_branch}/libgstencoding.so %{_libdir}/gstreamer-%{gst_branch}/libgstgio.so %{_libdir}/gstreamer-%{gst_branch}/libgstlibvisual.so diff --git a/reduce-required-meson.patch b/reduce-required-meson.patch deleted file mode 100644 index 2545beb..0000000 --- a/reduce-required-meson.patch +++ /dev/null @@ -1,12 +0,0 @@ -Index: gst-plugins-base-1.22.9/meson.build -=================================================================== ---- gst-plugins-base-1.22.9.orig/meson.build -+++ gst-plugins-base-1.22.9/meson.build -@@ -1,6 +1,6 @@ - project('gst-plugins-base', 'c', - version : '1.22.9', -- meson_version : '>= 0.62', -+ meson_version : '>= 0.61', - default_options : [ 'warning_level=1', - 'buildtype=debugoptimized' ]) -