dgit.raspbian.org Git - gst-plugins-bad1.0.git/log

Maintainers of GStreamer packages [Fri, 27 Oct 2023 20:55:02 +0000 (22:55 +0200)]

CVE-2023-40474

commit f73fc41f2ca6a0cd4e883aee64bf8e1c15ff68ce
Author: Sebastian Dröge <sebastian@centricular.com>
Date:   Thu Aug 10 15:45:01 2023 +0300

    mxfdemux: Fix integer overflow causing out of bounds writes when handling invalid uncompressed video

    Check ahead of time when parsing the track information whether
    width, height and bpp are valid and usable without overflows.

    Fixes ZDI-CAN-21660, CVE-2023-40474

    Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/2896

    Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/5365>

Gbp-Pq: Name CVE-2023-40474.patch

commit | commitdiff | tree

Maintainers of GStreamer packages [Fri, 27 Oct 2023 20:55:02 +0000 (22:55 +0200)]

SA-2023-0003

Gbp-Pq: Name SA-2023-0003.patch

commit | commitdiff | tree

Sebastian Dröge [Tue, 23 Mar 2021 17:19:14 +0000 (19:19 +0200)]

[PATCH] h2645parser: Catch overflows in AVC/HEVC NAL unit length calculations

Offset and size are stored as 32 bit guint and might overflow when
adding the nal_length_size, so let's avoid that.

For the size this would happen if the AVC/HEVC NAL unit size happens to
be stored in 4 bytes and is 4294967292 or higher, which is likely
corrupted data anyway.

For the offset this is something for the caller of these functions to
take care of but is unlikely to happen as it would require parsing on a
>4GB buffer.

Allowing these overflows causes all kinds of follow-up bugs in the
h2645parse elements, ranging from infinite loops and memory leaks to
potential memory corruptions.

Part-of: <https://gitlab.freedesktop.org/gstreamer/gst-plugins-bad/-/merge_requests/2103>

Gbp-Pq: Name 0001-h2645parser-Catch-overflows-in-AVC-HEVC-NAL-unit-length.patch

commit | commitdiff | tree

Maintainers of GStreamer packages [Fri, 27 Oct 2023 20:55:02 +0000 (22:55 +0200)]

_openexr-std-cxx11

===================================================================

Gbp-Pq: Name 03_openexr-std-cxx11.patch

commit | commitdiff | tree

Andrew Wesie [Fri, 16 Oct 2020 11:29:02 +0000 (12:29 +0100)]

[PATCH] codecparsers: h264parser: guard against ref_pic_markings overflow

Part-of: <https://gitlab.freedesktop.org/gstreamer/gst-plugins-bad/-/merge_requests/1703>

Gbp-Pq: Name 02_ref_pic_markings_overflow.patch

commit | commitdiff | tree

Iain Lane [Fri, 27 Oct 2023 20:55:02 +0000 (22:55 +0200)]

Tell libtool not to deduplicate linked libraries which causes problems in the case of circular deps. Force -lc to be added at the end.

Gbp-Pq: Name 01_fix-modplug-linking.patch

commit | commitdiff | tree

Thorsten Alteholz [Fri, 27 Oct 2023 20:55:02 +0000 (22:55 +0200)]

gst-plugins-bad1.0 (1.14.4-1+deb10u4) buster-security; urgency=high

  * Non-maintainer upload by the LTS Team.
  * CVE-2023-40476
    h265parser: Fix possible overflow using max_sub_layers_minus1
  * CVE-2023-40475
    mxfdemux: Check number of channels for AES3 audio (CVE-2023-40475)
  * CVE-2023-40474
    mxfdemux: Fix integer overflow causing out of bounds writes when handling
    invalid uncompressed video

[dgit import unpatched gst-plugins-bad1.0 1.14.4-1+deb10u4]

commit | commitdiff | tree

Thorsten Alteholz [Fri, 27 Oct 2023 20:55:02 +0000 (22:55 +0200)]

Import gst-plugins-bad1.0_1.14.4-1+deb10u4.debian.tar.xz

[dgit import tarball gst-plugins-bad1.0 1.14.4-1+deb10u4 gst-plugins-bad1.0_1.14.4-1+deb10u4.debian.tar.xz]

commit | commitdiff | tree

Sebastian Dröge [Wed, 3 Oct 2018 10:57:59 +0000 (13:57 +0300)]

Import gst-plugins-bad1.0_1.14.4.orig.tar.xz

[dgit import orig gst-plugins-bad1.0_1.14.4.orig.tar.xz]

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom