diff options
-rw-r--r-- | gnu/local.mk | 1 | ||||
-rw-r--r-- | gnu/packages/gstreamer.scm | 12 | ||||
-rw-r--r-- | gnu/packages/patches/gst-plugins-base-fix-id3v2-invalid-read.patch | 40 |
3 files changed, 6 insertions, 47 deletions
diff --git a/gnu/local.mk b/gnu/local.mk index f6b28e225d..d250cb4487 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1217,7 +1217,6 @@ dist_patch_DATA = \ %D%/packages/patches/gspell-dash-test.patch \ %D%/packages/patches/gst-libav-64channels-stack-corruption.patch \ %D%/packages/patches/gst-plugins-bad-fix-overflow.patch \ - %D%/packages/patches/gst-plugins-base-fix-id3v2-invalid-read.patch \ %D%/packages/patches/gst-plugins-good-fix-test.patch \ %D%/packages/patches/gst-plugins-good-CVE-2021-3497.patch \ %D%/packages/patches/gst-plugins-good-CVE-2021-3498.patch \ diff --git a/gnu/packages/gstreamer.scm b/gnu/packages/gstreamer.scm index 7b52081dfb..92042e0aae 100644 --- a/gnu/packages/gstreamer.scm +++ b/gnu/packages/gstreamer.scm @@ -543,21 +543,22 @@ This package provides the core library and elements.") (define-public gst-plugins-base (package (name "gst-plugins-base") - (version "1.18.4") + (version "1.18.5") (source (origin (method url-fetch) (uri (string-append "https://gstreamer.freedesktop.org/src/" name "/" name "-" version ".tar.xz")) - (patches (search-patches "gst-plugins-base-fix-id3v2-invalid-read.patch")) (sha256 (base32 - "08w3ivbc6n4vdds2ap6q7l8zdk9if8417nznyqidf0adm0lk5r99")))) + "18vg8kk7p2p8za8zaqg0v7z6898yw5a3b12vvl7xn02pb3s7l2wn")))) (build-system meson-build-system) (propagated-inputs `(("glib" ,glib) ;required by gstreamer-sdp-1.0.pc ("gstreamer" ,gstreamer) ;required by gstreamer-plugins-base-1.0.pc - + ;; wayland-client.h is referred to in + ;; include/gstreamer-1.0/gst/gl/wayland/gstgldisplay_wayland.h + ("wayland" ,wayland) ;; XXX: Do not enable Orc optimizations on ARM systems because ;; it leads to two test failures. ;; https://gitlab.freedesktop.org/gstreamer/gst-plugins-base/issues/683 @@ -585,8 +586,7 @@ This package provides the core library and elements.") ("libpng" ,libpng) ("libvisual" ,libvisual) ("mesa" ,mesa) - ("wayland-protocols" ,wayland-protocols) - ("wayland" ,wayland))) + ("wayland-protocols" ,wayland-protocols))) (native-inputs `(("pkg-config" ,pkg-config) ("glib:bin" ,glib "bin") diff --git a/gnu/packages/patches/gst-plugins-base-fix-id3v2-invalid-read.patch b/gnu/packages/patches/gst-plugins-base-fix-id3v2-invalid-read.patch deleted file mode 100644 index b2dfef0118..0000000000 --- a/gnu/packages/patches/gst-plugins-base-fix-id3v2-invalid-read.patch +++ /dev/null @@ -1,40 +0,0 @@ -Fix an "invalid read during ID3v2 tag parsing". - -https://security-tracker.debian.org/tracker/TEMP-0000000-57E7C1 -https://gitlab.freedesktop.org/gstreamer/gst-plugins-base/-/issues/876 - -Patch copied from upstream source repository: - -https://gitlab.freedesktop.org/gstreamer/gst-plugins-base/-/commit/f4a1428a6997658625d529b9db60fde812fbf1ee - -From f4a1428a6997658625d529b9db60fde812fbf1ee Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Tim-Philipp=20M=C3=BCller?= <tim@centricular.com> -Date: Wed, 3 Mar 2021 01:08:25 +0000 -Subject: [PATCH] tag: id3v2: fix frame size check and potential invalid reads - -Check the right variable when checking if there's -enough data left to read the frame size. - -Closes https://gitlab.freedesktop.org/gstreamer/gst-plugins-base/-/issues/876 - -Part-of: <https://gitlab.freedesktop.org/gstreamer/gst-plugins-base/-/merge_requests/1065> ---- - gst-libs/gst/tag/id3v2frames.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/gst-libs/gst/tag/id3v2frames.c b/gst-libs/gst/tag/id3v2frames.c -index 8e9f78254..f39659bf7 100644 ---- a/gst-libs/gst/tag/id3v2frames.c -+++ b/gst-libs/gst/tag/id3v2frames.c -@@ -109,7 +109,7 @@ id3v2_parse_frame (ID3TagsWorking * work) - - if (work->frame_flags & (ID3V2_FRAME_FORMAT_COMPRESSION | - ID3V2_FRAME_FORMAT_DATA_LENGTH_INDICATOR)) { -- if (work->hdr.frame_data_size <= 4) -+ if (frame_data_size <= 4) - return FALSE; - if (ID3V2_VER_MAJOR (work->hdr.version) == 3) { - work->parse_size = GST_READ_UINT32_BE (frame_data); --- -2.31.1 - |