summary |
shortlog | log |
commit |
commitdiff |
tree
first ⋅ prev ⋅ next
Raspbian automatic forward porter [Fri, 28 Jul 2023 09:25:01 +0000 (10:25 +0100)]
Merge version 1.14.4-1+rvt+deb10u2 and 1.14.4-1+deb10u3 to produce 1.14.4-1+rvt+deb10u3
Thorsten Alteholz [Sat, 22 Jul 2023 16:03:02 +0000 (17:03 +0100)]
Merge gst-plugins-bad1.0 (1.14.4-1+deb10u3) import into refs/heads/workingbranch
Maintainers of GStreamer packages [Sat, 22 Jul 2023 16:03:02 +0000 (17:03 +0100)]
SA-2023-0003
Gbp-Pq: Name SA-2023-0003.patch
Sebastian Dröge [Tue, 23 Mar 2021 17:19:14 +0000 (19:19 +0200)]
[PATCH] h2645parser: Catch overflows in AVC/HEVC NAL unit length calculations
Offset and size are stored as 32 bit guint and might overflow when
adding the nal_length_size, so let's avoid that.
For the size this would happen if the AVC/HEVC NAL unit size happens to
be stored in 4 bytes and is
4294967292 or higher, which is likely
corrupted data anyway.
For the offset this is something for the caller of these functions to
take care of but is unlikely to happen as it would require parsing on a
>4GB buffer.
Allowing these overflows causes all kinds of follow-up bugs in the
h2645parse elements, ranging from infinite loops and memory leaks to
potential memory corruptions.
Part-of: <https://gitlab.freedesktop.org/gstreamer/gst-plugins-bad/-/merge_requests/2103>
Gbp-Pq: Name 0001-h2645parser-Catch-overflows-in-AVC-HEVC-NAL-unit-length.patch
Maintainers of GStreamer packages [Sat, 22 Jul 2023 16:03:02 +0000 (17:03 +0100)]
_openexr-std-cxx11
===================================================================
Gbp-Pq: Name 03_openexr-std-cxx11.patch
Andrew Wesie [Fri, 16 Oct 2020 11:29:02 +0000 (12:29 +0100)]
[PATCH] codecparsers: h264parser: guard against ref_pic_markings overflow
Part-of: <https://gitlab.freedesktop.org/gstreamer/gst-plugins-bad/-/merge_requests/1703>
Gbp-Pq: Name 02_ref_pic_markings_overflow.patch
Iain Lane [Sat, 22 Jul 2023 16:03:02 +0000 (17:03 +0100)]
Tell libtool not to deduplicate linked libraries which causes problems in the case of circular deps. Force -lc to be added at the end.
Gbp-Pq: Name 01_fix-modplug-linking.patch
Thorsten Alteholz [Sat, 22 Jul 2023 16:03:02 +0000 (17:03 +0100)]
gst-plugins-bad1.0 (1.14.4-1+deb10u3) buster-security; urgency=high
* Non-maintainer upload by the LTS Team.
* CVE-2023-37329
SA-2023-0003: fix heap override
[dgit import unpatched gst-plugins-bad1.0 1.14.4-1+deb10u3]
Thorsten Alteholz [Sat, 22 Jul 2023 16:03:02 +0000 (17:03 +0100)]
Import gst-plugins-bad1.0_1.14.4-1+deb10u3.debian.tar.xz
[dgit import tarball gst-plugins-bad1.0 1.14.4-1+deb10u3 gst-plugins-bad1.0_1.14.4-1+deb10u3.debian.tar.xz]
Raspbian automatic forward porter [Thu, 29 Apr 2021 20:05:29 +0000 (21:05 +0100)]
Merge version 1.14.4-1+rvt+deb10u1 and 1.14.4-1+deb10u2 to produce 1.14.4-1+rvt+deb10u2
Sebastian Dröge [Thu, 22 Apr 2021 18:38:06 +0000 (19:38 +0100)]
Merge gst-plugins-bad1.0 (1.14.4-1+deb10u2) import into refs/heads/workingbranch
Sebastian Dröge [Tue, 23 Mar 2021 17:19:14 +0000 (19:19 +0200)]
[PATCH] h2645parser: Catch overflows in AVC/HEVC NAL unit length calculations
Offset and size are stored as 32 bit guint and might overflow when
adding the nal_length_size, so let's avoid that.
For the size this would happen if the AVC/HEVC NAL unit size happens to
be stored in 4 bytes and is
4294967292 or higher, which is likely
corrupted data anyway.
For the offset this is something for the caller of these functions to
take care of but is unlikely to happen as it would require parsing on a
>4GB buffer.
Allowing these overflows causes all kinds of follow-up bugs in the
h2645parse elements, ranging from infinite loops and memory leaks to
potential memory corruptions.
Part-of: <https://gitlab.freedesktop.org/gstreamer/gst-plugins-bad/-/merge_requests/2103>
Gbp-Pq: Name 0001-h2645parser-Catch-overflows-in-AVC-HEVC-NAL-unit-length.patch
Maintainers of GStreamer packages [Thu, 22 Apr 2021 18:38:06 +0000 (19:38 +0100)]
_openexr-std-cxx11
===================================================================
Gbp-Pq: Name 03_openexr-std-cxx11.patch
Andrew Wesie [Fri, 16 Oct 2020 11:29:02 +0000 (12:29 +0100)]
[PATCH] codecparsers: h264parser: guard against ref_pic_markings overflow
Part-of: <https://gitlab.freedesktop.org/gstreamer/gst-plugins-bad/-/merge_requests/1703>
Gbp-Pq: Name 02_ref_pic_markings_overflow.patch
Iain Lane [Thu, 22 Apr 2021 18:38:06 +0000 (19:38 +0100)]
Tell libtool not to deduplicate linked libraries which causes problems in the case of circular deps. Force -lc to be added at the end.
Gbp-Pq: Name 01_fix-modplug-linking.patch
Sebastian Dröge [Thu, 22 Apr 2021 18:38:06 +0000 (19:38 +0100)]
gst-plugins-bad1.0 (1.14.4-1+deb10u2) buster-security; urgency=high
* debian/patches/0001-h2645parser-Catch-overflows-in-AVC-HEVC-NAL-unit-length.patch:
+ Catch overflows in AVC/HEVC NAL unit length calculations, which would
lead to allocating infinite amounts of small memory blocks until OOM and
could potentially also lead to memory corruptions.
See https://gitlab.freedesktop.org/gstreamer/gst-plugins-bad/-/merge_requests/2103
[dgit import unpatched gst-plugins-bad1.0 1.14.4-1+deb10u2]
Sebastian Dröge [Thu, 22 Apr 2021 18:38:06 +0000 (19:38 +0100)]
Import gst-plugins-bad1.0_1.14.4-1+deb10u2.debian.tar.xz
[dgit import tarball gst-plugins-bad1.0 1.14.4-1+deb10u2 gst-plugins-bad1.0_1.14.4-1+deb10u2.debian.tar.xz]
Raspbian automatic forward porter [Sun, 24 Jan 2021 22:35:32 +0000 (22:35 +0000)]
Merge version 1.14.4-1+rvtdeb10u1 and 1.14.4-1+deb10u1 to produce 1.14.4-1+rvt+deb10u1
Salvatore Bonaccorso [Sat, 23 Jan 2021 15:37:59 +0000 (15:37 +0000)]
Merge gst-plugins-bad1.0 (1.14.4-1+deb10u1) import into refs/heads/workingbranch
Maintainers of GStreamer packages [Sat, 23 Jan 2021 15:37:59 +0000 (15:37 +0000)]
_openexr-std-cxx11
===================================================================
Gbp-Pq: Name 03_openexr-std-cxx11.patch
Andrew Wesie [Fri, 16 Oct 2020 11:29:02 +0000 (12:29 +0100)]
[PATCH] codecparsers: h264parser: guard against ref_pic_markings overflow
Part-of: <https://gitlab.freedesktop.org/gstreamer/gst-plugins-bad/-/merge_requests/1703>
Gbp-Pq: Name 02_ref_pic_markings_overflow.patch
Iain Lane [Sat, 23 Jan 2021 15:37:59 +0000 (15:37 +0000)]
Tell libtool not to deduplicate linked libraries which causes problems in the case of circular deps. Force -lc to be added at the end.
Gbp-Pq: Name 01_fix-modplug-linking.patch
Salvatore Bonaccorso [Sat, 23 Jan 2021 15:37:59 +0000 (15:37 +0000)]
gst-plugins-bad1.0 (1.14.4-1+deb10u1) buster-security; urgency=high
* Non-maintainer upload by the Security Team.
* No-change re-upload with version bumped to 1.14.4-1+deb10u1 to sort after
binNMUs for 1.14.4-1 in buster (1.14.4-1+b1).
[dgit import unpatched gst-plugins-bad1.0 1.14.4-1+deb10u1]
Salvatore Bonaccorso [Sat, 23 Jan 2021 15:37:59 +0000 (15:37 +0000)]
Import gst-plugins-bad1.0_1.14.4-1+deb10u1.debian.tar.xz
[dgit import tarball gst-plugins-bad1.0 1.14.4-1+deb10u1 gst-plugins-bad1.0_1.14.4-1+deb10u1.debian.tar.xz]
Peter Michael Green [Tue, 19 Jan 2021 23:14:49 +0000 (23:14 +0000)]
Merge gst-plugins-bad1.0 (1.14.4-1+rvtdeb10u1) import into refs/heads/workingbranch
Maintainers of GStreamer packages [Tue, 19 Jan 2021 23:14:49 +0000 (23:14 +0000)]
_openexr-std-cxx11
===================================================================
Gbp-Pq: Name 03_openexr-std-cxx11.patch
Andrew Wesie [Fri, 16 Oct 2020 11:29:02 +0000 (12:29 +0100)]
[PATCH] codecparsers: h264parser: guard against ref_pic_markings overflow
Part-of: <https://gitlab.freedesktop.org/gstreamer/gst-plugins-bad/-/merge_requests/1703>
Gbp-Pq: Name 02_ref_pic_markings_overflow.patch
Iain Lane [Tue, 19 Jan 2021 23:14:49 +0000 (23:14 +0000)]
Tell libtool not to deduplicate linked libraries which causes problems in the case of circular deps. Force -lc to be added at the end.
Gbp-Pq: Name 01_fix-modplug-linking.patch
Peter Michael Green [Tue, 19 Jan 2021 23:14:49 +0000 (23:14 +0000)]
gst-plugins-bad1.0 (1.14.4-1+rvtdeb10u1) buster-staging; urgency=medium
* Bump version number due to previous binnmu.
[dgit import unpatched gst-plugins-bad1.0 1.14.4-1+rvtdeb10u1]
Peter Michael Green [Tue, 19 Jan 2021 23:14:49 +0000 (23:14 +0000)]
Import gst-plugins-bad1.0_1.14.4-1+rvtdeb10u1.debian.tar.xz
[dgit import tarball gst-plugins-bad1.0 1.14.4-1+rvtdeb10u1 gst-plugins-bad1.0_1.14.4-1+rvtdeb10u1.debian.tar.xz]
Sebastian Dröge [Mon, 18 Jan 2021 15:52:16 +0000 (15:52 +0000)]
Merge gst-plugins-bad1.0 (1.14.4-1deb10u1) import into refs/heads/workingbranch
Maintainers of GStreamer packages [Mon, 18 Jan 2021 15:52:16 +0000 (15:52 +0000)]
_openexr-std-cxx11
===================================================================
Gbp-Pq: Name 03_openexr-std-cxx11.patch
Andrew Wesie [Fri, 16 Oct 2020 11:29:02 +0000 (12:29 +0100)]
[PATCH] codecparsers: h264parser: guard against ref_pic_markings overflow
Part-of: <https://gitlab.freedesktop.org/gstreamer/gst-plugins-bad/-/merge_requests/1703>
Gbp-Pq: Name 02_ref_pic_markings_overflow.patch
Iain Lane [Mon, 18 Jan 2021 15:52:16 +0000 (15:52 +0000)]
Tell libtool not to deduplicate linked libraries which causes problems in the case of circular deps. Force -lc to be added at the end.
Gbp-Pq: Name 01_fix-modplug-linking.patch
Sebastian Dröge [Mon, 18 Jan 2021 15:52:16 +0000 (15:52 +0000)]
gst-plugins-bad1.0 (1.14.4-1deb10u1) buster-security; urgency=high
* debian/patches/02_ref_pic_markings_overflow.patch:
Fix possible overflow of ref-pic-markings array with specially crafted
streams.
See https://gitlab.freedesktop.org/gstreamer/gst-plugins-bad/-/commit/
11353b3f6e2f047cc37483d21e6a37ae558896bc
and https://bugzilla.redhat.com/show_bug.cgi?id=
1917192 for details.
* debian/patches/03_openexr-std-cxx11.patch: Fix build with the buster gcc.
[dgit import unpatched gst-plugins-bad1.0 1.14.4-1deb10u1]
Sebastian Dröge [Mon, 18 Jan 2021 15:52:16 +0000 (15:52 +0000)]
Import gst-plugins-bad1.0_1.14.4-1deb10u1.debian.tar.xz
[dgit import tarball gst-plugins-bad1.0 1.14.4-1deb10u1 gst-plugins-bad1.0_1.14.4-1deb10u1.debian.tar.xz]
Sebastian Dröge [Wed, 3 Oct 2018 10:57:59 +0000 (11:57 +0100)]
Import gst-plugins-bad1.0_1.14.4.orig.tar.xz
[dgit import orig gst-plugins-bad1.0_1.14.4.orig.tar.xz]
Sebastian Dröge [Wed, 3 Oct 2018 10:57:59 +0000 (11:57 +0100)]
Merge gst-plugins-bad1.0 (1.14.4-1) import into refs/heads/workingbranch
Iain Lane [Wed, 3 Oct 2018 10:57:59 +0000 (11:57 +0100)]
Tell libtool not to deduplicate linked libraries which causes problems in the case of circular deps. Force -lc to be added at the end.
Gbp-Pq: Name 01_fix-modplug-linking.patch
Sebastian Dröge [Wed, 3 Oct 2018 10:57:59 +0000 (11:57 +0100)]
gst-plugins-bad1.0 (1.14.4-1) unstable; urgency=medium
* New upstream bugfix release
[dgit import unpatched gst-plugins-bad1.0 1.14.4-1]
Sebastian Dröge [Wed, 3 Oct 2018 10:57:59 +0000 (11:57 +0100)]
Import gst-plugins-bad1.0_1.14.4-1.debian.tar.xz
[dgit import tarball gst-plugins-bad1.0 1.14.4-1 gst-plugins-bad1.0_1.14.4-1.debian.tar.xz]
Sebastian Dröge [Fri, 25 Sep 2015 21:22:02 +0000 (23:22 +0200)]
[PATCH] Make sure to link gme plugin with -lz
Gbp-Pq: Name 0001-Make-sure-to-link-gme-plugin-with-lz.patch
Maintainers of GStreamer packages [Thu, 23 Feb 2017 13:39:04 +0000 (13:39 +0000)]
_opencv-linking
Gbp-Pq: Name 02_opencv-linking.patch
Iain Lane [Thu, 23 Feb 2017 13:39:04 +0000 (13:39 +0000)]
Tell libtool not to deduplicate linked libraries which causes problems in the case of circular deps. Force -lc to be added at the end.
Gbp-Pq: Name 01_fix-modplug-linking.patch
Sebastian Dröge [Thu, 23 Feb 2017 13:39:04 +0000 (13:39 +0000)]
gst-plugins-bad1.0 (1.10.4-1) unstable; urgency=medium
* New upstream bugfix release
* debian/build-deps.in:
+ Remove unused dependency on DirectFB (Closes: #855513).
[dgit import unpatched gst-plugins-bad1.0 1.10.4-1]
Sebastian Dröge [Thu, 23 Feb 2017 13:39:04 +0000 (13:39 +0000)]
Import gst-plugins-bad1.0_1.10.4.orig.tar.xz
[dgit import orig gst-plugins-bad1.0_1.10.4.orig.tar.xz]
Sebastian Dröge [Thu, 23 Feb 2017 13:39:04 +0000 (13:39 +0000)]
Import gst-plugins-bad1.0_1.10.4-1.debian.tar.xz
[dgit import tarball gst-plugins-bad1.0 1.10.4-1 gst-plugins-bad1.0_1.10.4-1.debian.tar.xz]
projects / gst-plugins-bad1.0.git / log