Package: guix-patches;
Reported by: Leo Famulari <leo <at> famulari.name>
Date: Sat, 24 Apr 2021 19:13:02 UTC
Severity: normal
Done: Leo Famulari <leo <at> famulari.name>
Bug is archived. No further changes may be made.
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 48000 in the body.
You can then email your comments to 48000 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
View this report as an mbox folder, status mbox, maintainer mbox
guix-patches <at> gnu.org:bug#48000; Package guix-patches.
(Sat, 24 Apr 2021 19:13:02 GMT) Full text and rfc822 format available.Leo Famulari <leo <at> famulari.name>:guix-patches <at> gnu.org.
(Sat, 24 Apr 2021 19:13:02 GMT) Full text and rfc822 format available.Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
From: Leo Famulari <leo <at> famulari.name> To: guix-patches <at> gnu.org Subject: GStreamer security updates Date: Sat, 24 Apr 2021 15:12:19 -0400
[Message part 1 (text/plain, inline)]
Here is a patch series to apply some GStreamer security updates. I tested that all the packages build. Can you recommend some applications to test? Some of the upstream bug reports are still private, but I linked to them from the patch files anyways.
[signature.asc (application/pgp-signature, inline)]
guix-patches <at> gnu.org:bug#48000; Package guix-patches.
(Sat, 24 Apr 2021 19:15:01 GMT) Full text and rfc822 format available.Message #8 received at 48000 <at> debbugs.gnu.org (full text, mbox):
From: Leo Famulari <leo <at> famulari.name> To: 48000 <at> debbugs.gnu.org Subject: [PATCH 3/5] gnu: gst-plugins-bad: Fix an overflow when processing video files. Date: Sat, 24 Apr 2021 15:14:33 -0400
* gnu/packages/patches/gst-plugins-bad-fix-overflow.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/gstreamer.scm (gst-plugins-bad)[source]: Use it.
---
gnu/local.mk | 1 +
gnu/packages/gstreamer.scm | 1 +
.../gst-plugins-bad-fix-overflow.patch | 263 ++++++++++++++++++
3 files changed, 265 insertions(+)
create mode 100644 gnu/packages/patches/gst-plugins-bad-fix-overflow.patch
diff --git a/gnu/local.mk b/gnu/local.mk
index b3e84be598..94d7daf910 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1170,6 +1170,7 @@ dist_patch_DATA = \
%D%/packages/patches/grub-verifiers-Blocklist-fallout-cleanup.patch \
%D%/packages/patches/gspell-dash-test.patch \
%D%/packages/patches/gst-libav-64channels-stack-corruption.patch \
+ %D%/packages/patches/gst-plugins-bad-fix-overflow.patch \
%D%/packages/patches/gst-plugins-good-fix-test.patch \
%D%/packages/patches/gst-plugins-good-CVE-2021-3497.patch \
%D%/packages/patches/gst-plugins-good-CVE-2021-3498.patch \
diff --git a/gnu/packages/gstreamer.scm b/gnu/packages/gstreamer.scm
index 81ac0a2f5f..58a02119c6 100644
--- a/gnu/packages/gstreamer.scm
+++ b/gnu/packages/gstreamer.scm
@@ -681,6 +681,7 @@ model to base your own plug-in on, here it is.")
(method url-fetch)
(uri (string-append "https://gstreamer.freedesktop.org/src/"
name "/" name "-" version ".tar.xz"))
+ (patches (search-patches "gst-plugins-bad-fix-overflow.patch"))
(sha256
(base32
"06ildd4rl6cynirv3p00d2ddf5is9svj4i7mkahldzhq24pq5mca"))))
diff --git a/gnu/packages/patches/gst-plugins-bad-fix-overflow.patch b/gnu/packages/patches/gst-plugins-bad-fix-overflow.patch
new file mode 100644
index 0000000000..95ab13db51
--- /dev/null
+++ b/gnu/packages/patches/gst-plugins-bad-fix-overflow.patch
@@ -0,0 +1,263 @@
+Fix an overflow when calculating something for AVC/HEVC videos:
+
+https://security-tracker.debian.org/tracker/TEMP-0000000-C6AAE1
+
+Patch copied from upstream source repository:
+
+https://gitlab.freedesktop.org/gstreamer/gst-plugins-bad/-/commit/0cfbf7ad91c7f121192c8ce135769f8eb276c41d
+From 0cfbf7ad91c7f121192c8ce135769f8eb276c41d Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian <at> centricular.com>
+Date: Tue, 23 Mar 2021 19:19:14 +0200
+Subject: [PATCH] h2645parser: Catch overflows in AVC/HEVC NAL unit length
+ calculations
+
+Offset and size are stored as 32 bit guint and might overflow when
+adding the nal_length_size, so let's avoid that.
+
+For the size this would happen if the AVC/HEVC NAL unit size happens to
+be stored in 4 bytes and is 4294967292 or higher, which is likely
+corrupted data anyway.
+
+For the offset this is something for the caller of these functions to
+take care of but is unlikely to happen as it would require parsing on a
+>4GB buffer.
+
+Allowing these overflows causes all kinds of follow-up bugs in the
+h2645parse elements, ranging from infinite loops and memory leaks to
+potential memory corruptions.
+
+Part-of: <https://gitlab.freedesktop.org/gstreamer/gst-plugins-bad/-/merge_requests/2107>
+---
+ gst-libs/gst/codecparsers/gsth264parser.c | 16 +++++-
+ gst-libs/gst/codecparsers/gsth265parser.c | 16 +++++-
+ tests/check/libs/h264parser.c | 60 +++++++++++++++++++++++
+ tests/check/libs/h265parser.c | 60 +++++++++++++++++++++++
+ 4 files changed, 150 insertions(+), 2 deletions(-)
+
+diff --git a/gst-libs/gst/codecparsers/gsth264parser.c b/gst-libs/gst/codecparsers/gsth264parser.c
+index 012f1d0d7..68aa25068 100644
+--- a/gst-libs/gst/codecparsers/gsth264parser.c
++++ b/gst-libs/gst/codecparsers/gsth264parser.c
+@@ -1556,6 +1556,14 @@ gst_h264_parser_identify_nalu_avc (GstH264NalParser * nalparser,
+
+ memset (nalu, 0, sizeof (*nalu));
+
++ /* Would overflow guint below otherwise: the callers needs to ensure that
++ * this never happens */
++ if (offset > G_MAXUINT32 - nal_length_size) {
++ GST_WARNING ("offset + nal_length_size overflow");
++ nalu->size = 0;
++ return GST_H264_PARSER_BROKEN_DATA;
++ }
++
+ if (size < offset + nal_length_size) {
+ GST_DEBUG ("Can't parse, buffer has too small size %" G_GSIZE_FORMAT
+ ", offset %u", size, offset);
+@@ -1570,7 +1578,13 @@ gst_h264_parser_identify_nalu_avc (GstH264NalParser * nalparser,
+ nalu->sc_offset = offset;
+ nalu->offset = offset + nal_length_size;
+
+- if (size < nalu->size + nal_length_size) {
++ if (nalu->size > G_MAXUINT32 - nal_length_size) {
++ GST_WARNING ("NALU size + nal_length_size overflow");
++ nalu->size = 0;
++ return GST_H264_PARSER_BROKEN_DATA;
++ }
++
++ if (size < (gsize) nalu->size + nal_length_size) {
+ nalu->size = 0;
+
+ return GST_H264_PARSER_NO_NAL_END;
+diff --git a/gst-libs/gst/codecparsers/gsth265parser.c b/gst-libs/gst/codecparsers/gsth265parser.c
+index 26e68b276..dc7f27aa9 100644
+--- a/gst-libs/gst/codecparsers/gsth265parser.c
++++ b/gst-libs/gst/codecparsers/gsth265parser.c
+@@ -1531,6 +1531,14 @@ gst_h265_parser_identify_nalu_hevc (GstH265Parser * parser,
+
+ memset (nalu, 0, sizeof (*nalu));
+
++ /* Would overflow guint below otherwise: the callers needs to ensure that
++ * this never happens */
++ if (offset > G_MAXUINT32 - nal_length_size) {
++ GST_WARNING ("offset + nal_length_size overflow");
++ nalu->size = 0;
++ return GST_H265_PARSER_BROKEN_DATA;
++ }
++
+ if (size < offset + nal_length_size) {
+ GST_DEBUG ("Can't parse, buffer has too small size %" G_GSIZE_FORMAT
+ ", offset %u", size, offset);
+@@ -1545,7 +1553,13 @@ gst_h265_parser_identify_nalu_hevc (GstH265Parser * parser,
+ nalu->sc_offset = offset;
+ nalu->offset = offset + nal_length_size;
+
+- if (size < nalu->size + nal_length_size) {
++ if (nalu->size > G_MAXUINT32 - nal_length_size) {
++ GST_WARNING ("NALU size + nal_length_size overflow");
++ nalu->size = 0;
++ return GST_H265_PARSER_BROKEN_DATA;
++ }
++
++ if (size < (gsize) nalu->size + nal_length_size) {
+ nalu->size = 0;
+
+ return GST_H265_PARSER_NO_NAL_END;
+diff --git a/tests/check/libs/h264parser.c b/tests/check/libs/h264parser.c
+index c7c46d9a2..d322dd8db 100644
+--- a/tests/check/libs/h264parser.c
++++ b/tests/check/libs/h264parser.c
+@@ -229,6 +229,65 @@ GST_START_TEST (test_h264_parse_slice_5bytes)
+
+ GST_END_TEST;
+
++GST_START_TEST (test_h264_parse_identify_nalu_avc)
++{
++ GstH264ParserResult res;
++ GstH264NalUnit nalu;
++ GstH264NalParser *const parser = gst_h264_nal_parser_new ();
++ /* Skip 3 bytes for the start code */
++ const gsize nal_size = sizeof (slice_dpa) - 3;
++ const gsize buf_size = 4 + nal_size;
++ guint8 *buf = g_new (guint8, buf_size);
++
++ memcpy (buf + 4, slice_dpa + 3, nal_size);
++
++ GST_WRITE_UINT16_BE (buf + 2, nal_size);
++ res = gst_h264_parser_identify_nalu_avc (parser, buf, 2, buf_size, 2, &nalu);
++
++ assert_equals_int (res, GST_H264_PARSER_OK);
++ assert_equals_int (nalu.type, GST_H264_NAL_SLICE_DPA);
++ assert_equals_int (nalu.offset, 4);
++ assert_equals_int (nalu.size, nal_size);
++
++ GST_WRITE_UINT32_BE (buf, nal_size);
++ res = gst_h264_parser_identify_nalu_avc (parser, buf, 0, buf_size, 4, &nalu);
++
++ assert_equals_int (res, GST_H264_PARSER_OK);
++ assert_equals_int (nalu.type, GST_H264_NAL_SLICE_DPA);
++ assert_equals_int (nalu.offset, 4);
++ assert_equals_int (nalu.size, nal_size);
++
++ GST_WRITE_UINT32_BE (buf, G_MAXUINT32);
++ res = gst_h264_parser_identify_nalu_avc (parser, buf, 0, buf_size, 4, &nalu);
++
++ assert_equals_int (res, GST_H264_PARSER_BROKEN_DATA);
++
++ GST_WRITE_UINT32_BE (buf, G_MAXUINT32 - 2);
++ res = gst_h264_parser_identify_nalu_avc (parser, buf, 0, buf_size, 4, &nalu);
++
++ assert_equals_int (res, GST_H264_PARSER_BROKEN_DATA);
++
++ GST_WRITE_UINT32_BE (buf, G_MAXUINT32 - 3);
++ res = gst_h264_parser_identify_nalu_avc (parser, buf, 0, buf_size, 4, &nalu);
++
++ assert_equals_int (res, GST_H264_PARSER_BROKEN_DATA);
++
++ GST_WRITE_UINT32_BE (buf, G_MAXUINT32 - 4);
++ res = gst_h264_parser_identify_nalu_avc (parser, buf, 0, buf_size, 4, &nalu);
++
++ assert_equals_int (res, GST_H264_PARSER_NO_NAL_END);
++
++ GST_WRITE_UINT32_BE (buf, G_MAXUINT32 - 6);
++ res = gst_h264_parser_identify_nalu_avc (parser, buf, 0, buf_size, 4, &nalu);
++
++ assert_equals_int (res, GST_H264_PARSER_NO_NAL_END);
++
++ g_free (buf);
++ gst_h264_nal_parser_free (parser);
++}
++
++GST_END_TEST;
++
+ static guint8 nalu_sps_with_vui[] = {
+ 0x00, 0x00, 0x00, 0x01, 0x67, 0x64, 0x00, 0x28,
+ 0xac, 0xd9, 0x40, 0x78, 0x04, 0x4f, 0xde, 0x03,
+@@ -666,6 +725,7 @@ h264parser_suite (void)
+ tcase_add_test (tc_chain, test_h264_parse_slice_dpa);
+ tcase_add_test (tc_chain, test_h264_parse_slice_eoseq_slice);
+ tcase_add_test (tc_chain, test_h264_parse_slice_5bytes);
++ tcase_add_test (tc_chain, test_h264_parse_identify_nalu_avc);
+ tcase_add_test (tc_chain, test_h264_parse_invalid_sei);
+ tcase_add_test (tc_chain, test_h264_create_sei);
+
+diff --git a/tests/check/libs/h265parser.c b/tests/check/libs/h265parser.c
+index 0a0e4db97..5b6a215ec 100644
+--- a/tests/check/libs/h265parser.c
++++ b/tests/check/libs/h265parser.c
+@@ -255,6 +255,65 @@ GST_START_TEST (test_h265_parse_slice_6bytes)
+
+ GST_END_TEST;
+
++GST_START_TEST (test_h265_parse_identify_nalu_hevc)
++{
++ GstH265ParserResult res;
++ GstH265NalUnit nalu;
++ GstH265Parser *parser = gst_h265_parser_new ();
++ /* Skip 4 bytes for the start code */
++ const gsize nal_size = sizeof (slice_eos_slice_eob) - 4;
++ const gsize buf_size = 4 + nal_size;
++ guint8 *buf = g_new (guint8, buf_size);
++
++ memcpy (buf + 4, slice_eos_slice_eob + 4, nal_size);
++
++ GST_WRITE_UINT16_BE (buf + 2, nal_size);
++ res = gst_h265_parser_identify_nalu_hevc (parser, buf, 2, buf_size, 2, &nalu);
++
++ assert_equals_int (res, GST_H265_PARSER_OK);
++ assert_equals_int (nalu.type, GST_H265_NAL_SLICE_IDR_W_RADL);
++ assert_equals_int (nalu.offset, 4);
++ assert_equals_int (nalu.size, nal_size);
++
++ GST_WRITE_UINT32_BE (buf, nal_size);
++ res = gst_h265_parser_identify_nalu_hevc (parser, buf, 0, buf_size, 4, &nalu);
++
++ assert_equals_int (res, GST_H265_PARSER_OK);
++ assert_equals_int (nalu.type, GST_H265_NAL_SLICE_IDR_W_RADL);
++ assert_equals_int (nalu.offset, 4);
++ assert_equals_int (nalu.size, nal_size);
++
++ GST_WRITE_UINT32_BE (buf, G_MAXUINT32);
++ res = gst_h265_parser_identify_nalu_hevc (parser, buf, 0, buf_size, 4, &nalu);
++
++ assert_equals_int (res, GST_H265_PARSER_BROKEN_DATA);
++
++ GST_WRITE_UINT32_BE (buf, G_MAXUINT32 - 2);
++ res = gst_h265_parser_identify_nalu_hevc (parser, buf, 0, buf_size, 4, &nalu);
++
++ assert_equals_int (res, GST_H265_PARSER_BROKEN_DATA);
++
++ GST_WRITE_UINT32_BE (buf, G_MAXUINT32 - 3);
++ res = gst_h265_parser_identify_nalu_hevc (parser, buf, 0, buf_size, 4, &nalu);
++
++ assert_equals_int (res, GST_H265_PARSER_BROKEN_DATA);
++
++ GST_WRITE_UINT32_BE (buf, G_MAXUINT32 - 4);
++ res = gst_h265_parser_identify_nalu_hevc (parser, buf, 0, buf_size, 4, &nalu);
++
++ assert_equals_int (res, GST_H265_PARSER_NO_NAL_END);
++
++ GST_WRITE_UINT32_BE (buf, G_MAXUINT32 - 6);
++ res = gst_h265_parser_identify_nalu_hevc (parser, buf, 0, buf_size, 4, &nalu);
++
++ assert_equals_int (res, GST_H265_PARSER_NO_NAL_END);
++
++ g_free (buf);
++ gst_h265_parser_free (parser);
++}
++
++GST_END_TEST;
++
+ GST_START_TEST (test_h265_base_profiles)
+ {
+ GstH265ProfileTierLevel ptl;
+@@ -1101,6 +1160,7 @@ h265parser_suite (void)
+ tcase_add_test (tc_chain, test_h265_parse_slice_eos_slice_eob);
+ tcase_add_test (tc_chain, test_h265_parse_pic_timing);
+ tcase_add_test (tc_chain, test_h265_parse_slice_6bytes);
++ tcase_add_test (tc_chain, test_h265_parse_identify_nalu_hevc);
+ tcase_add_test (tc_chain, test_h265_base_profiles);
+ tcase_add_test (tc_chain, test_h265_base_profiles_compat);
+ tcase_add_test (tc_chain, test_h265_format_range_profiles_exact_match);
+--
+2.31.1
+
--
2.31.1
guix-patches <at> gnu.org:bug#48000; Package guix-patches.
(Sat, 24 Apr 2021 19:15:02 GMT) Full text and rfc822 format available.Message #11 received at 48000 <at> debbugs.gnu.org (full text, mbox):
From: Leo Famulari <leo <at> famulari.name> To: 48000 <at> debbugs.gnu.org Subject: [PATCH 1/5] gnu: gst-plugins-good: Fix CVE-2021-3497 and CVE-2021-3498. Date: Sat, 24 Apr 2021 15:14:31 -0400
* gnu/packages/patches/gst-plugins-good-CVE-2021-3497.patch,
gnu/packages/patches/gst-plugins-good-CVE-2021-3498.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/gstreamer.scm (gst-plugins-good)[source]: Use them.
---
gnu/local.mk | 2 +
gnu/packages/gstreamer.scm | 4 +-
.../gst-plugins-good-CVE-2021-3497.patch | 174 ++++++++++++++++++
.../gst-plugins-good-CVE-2021-3498.patch | 22 +++
4 files changed, 201 insertions(+), 1 deletion(-)
create mode 100644 gnu/packages/patches/gst-plugins-good-CVE-2021-3497.patch
create mode 100644 gnu/packages/patches/gst-plugins-good-CVE-2021-3498.patch
diff --git a/gnu/local.mk b/gnu/local.mk
index 50b11a8ca2..e19daf76ca 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1170,6 +1170,8 @@ dist_patch_DATA = \
%D%/packages/patches/grub-verifiers-Blocklist-fallout-cleanup.patch \
%D%/packages/patches/gspell-dash-test.patch \
%D%/packages/patches/gst-plugins-good-fix-test.patch \
+ %D%/packages/patches/gst-plugins-good-CVE-2021-3497.patch \
+ %D%/packages/patches/gst-plugins-good-CVE-2021-3498.patch \
%D%/packages/patches/guile-1.8-cpp-4.5.patch \
%D%/packages/patches/guile-2.2-skip-oom-test.patch \
%D%/packages/patches/guile-2.2-skip-so-test.patch \
diff --git a/gnu/packages/gstreamer.scm b/gnu/packages/gstreamer.scm
index 6a4e14167d..6a050ca297 100644
--- a/gnu/packages/gstreamer.scm
+++ b/gnu/packages/gstreamer.scm
@@ -591,7 +591,9 @@ for the GStreamer multimedia library.")
(string-append
"https://gstreamer.freedesktop.org/src/" name "/"
name "-" version ".tar.xz"))
- (patches (search-patches "gst-plugins-good-fix-test.patch"))
+ (patches (search-patches "gst-plugins-good-fix-test.patch"
+ "gst-plugins-good-CVE-2021-3497.patch"
+ "gst-plugins-good-CVE-2021-3498.patch"))
(sha256
(base32 "1929nhjsvbl4bw37nfagnfsnxz737cm2x3ayz9ayrn9lwkfm45zp"))))
(build-system meson-build-system)
diff --git a/gnu/packages/patches/gst-plugins-good-CVE-2021-3497.patch b/gnu/packages/patches/gst-plugins-good-CVE-2021-3497.patch
new file mode 100644
index 0000000000..c8c3ee6cf1
--- /dev/null
+++ b/gnu/packages/patches/gst-plugins-good-CVE-2021-3497.patch
@@ -0,0 +1,174 @@
+Fix CVE-2021-3497:
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3497
+https://gstreamer.freedesktop.org/security/sa-2021-0002.html
+
+Patch copied from upstream source repository:
+
+https://gitlab.freedesktop.org/gstreamer/gst-plugins-good/-/commit/9181191511f9c0be6a89c98b311f49d66bd46dc3?merge_request_iid=903
+
+diff --git a/gst/matroska/matroska-demux.c b/gst/matroska/matroska-demux.c
+index 467815986c8c3d86fd8906a0d539b34f67d6693e..0e47ee7b5e25ac3331f30439710ae755235f2a22 100644
+--- a/gst/matroska/matroska-demux.c
++++ b/gst/matroska/matroska-demux.c
+@@ -3851,6 +3851,12 @@ gst_matroska_demux_add_wvpk_header (GstElement * element,
+ guint32 block_samples, tmp;
+ gsize size = gst_buffer_get_size (*buf);
+
++ if (size < 4) {
++ GST_ERROR_OBJECT (element, "Too small wavpack buffer");
++ gst_buffer_unmap (*buf, &map);
++ return GST_FLOW_ERROR;
++ }
++
+ gst_buffer_extract (*buf, 0, &tmp, sizeof (guint32));
+ block_samples = GUINT32_FROM_LE (tmp);
+ /* we need to reconstruct the header of the wavpack block */
+@@ -3858,10 +3864,10 @@ gst_matroska_demux_add_wvpk_header (GstElement * element,
+ /* -20 because ck_size is the size of the wavpack block -8
+ * and lace_size is the size of the wavpack block + 12
+ * (the three guint32 of the header that already are in the buffer) */
+- wvh.ck_size = size + sizeof (Wavpack4Header) - 20;
++ wvh.ck_size = size + WAVPACK4_HEADER_SIZE - 20;
+
+ /* block_samples, flags and crc are already in the buffer */
+- newbuf = gst_buffer_new_allocate (NULL, sizeof (Wavpack4Header) - 12, NULL);
++ newbuf = gst_buffer_new_allocate (NULL, WAVPACK4_HEADER_SIZE - 12, NULL);
+
+ gst_buffer_map (newbuf, &outmap, GST_MAP_WRITE);
+ data = outmap.data;
+@@ -3886,9 +3892,11 @@ gst_matroska_demux_add_wvpk_header (GstElement * element,
+ audiocontext->wvpk_block_index += block_samples;
+ } else {
+ guint8 *outdata = NULL;
+- guint outpos = 0;
+- gsize buf_size, size, out_size = 0;
++ gsize buf_size, size;
+ guint32 block_samples, flags, crc, blocksize;
++ GstAdapter *adapter;
++
++ adapter = gst_adapter_new ();
+
+ gst_buffer_map (*buf, &map, GST_MAP_READ);
+ buf_data = map.data;
+@@ -3897,6 +3905,7 @@ gst_matroska_demux_add_wvpk_header (GstElement * element,
+ if (buf_size < 4) {
+ GST_ERROR_OBJECT (element, "Too small wavpack buffer");
+ gst_buffer_unmap (*buf, &map);
++ g_object_unref (adapter);
+ return GST_FLOW_ERROR;
+ }
+
+@@ -3918,59 +3927,57 @@ gst_matroska_demux_add_wvpk_header (GstElement * element,
+ data += 4;
+ size -= 4;
+
+- if (blocksize == 0 || size < blocksize)
+- break;
+-
+- g_assert ((newbuf == NULL) == (outdata == NULL));
++ if (blocksize == 0 || size < blocksize) {
++ GST_ERROR_OBJECT (element, "Too small wavpack buffer");
++ gst_buffer_unmap (*buf, &map);
++ g_object_unref (adapter);
++ return GST_FLOW_ERROR;
++ }
+
+- if (newbuf == NULL) {
+- out_size = sizeof (Wavpack4Header) + blocksize;
+- newbuf = gst_buffer_new_allocate (NULL, out_size, NULL);
++ g_assert (newbuf == NULL);
+
+- gst_buffer_copy_into (newbuf, *buf,
+- GST_BUFFER_COPY_TIMESTAMPS | GST_BUFFER_COPY_FLAGS, 0, -1);
++ newbuf =
++ gst_buffer_new_allocate (NULL, WAVPACK4_HEADER_SIZE + blocksize,
++ NULL);
++ gst_buffer_map (newbuf, &outmap, GST_MAP_WRITE);
++ outdata = outmap.data;
++
++ outdata[0] = 'w';
++ outdata[1] = 'v';
++ outdata[2] = 'p';
++ outdata[3] = 'k';
++ outdata += 4;
++
++ GST_WRITE_UINT32_LE (outdata, blocksize + WAVPACK4_HEADER_SIZE - 8);
++ GST_WRITE_UINT16_LE (outdata + 4, wvh.version);
++ GST_WRITE_UINT8 (outdata + 6, wvh.track_no);
++ GST_WRITE_UINT8 (outdata + 7, wvh.index_no);
++ GST_WRITE_UINT32_LE (outdata + 8, wvh.total_samples);
++ GST_WRITE_UINT32_LE (outdata + 12, wvh.block_index);
++ GST_WRITE_UINT32_LE (outdata + 16, block_samples);
++ GST_WRITE_UINT32_LE (outdata + 20, flags);
++ GST_WRITE_UINT32_LE (outdata + 24, crc);
++ outdata += 28;
++
++ memcpy (outdata, data, blocksize);
+
+- outpos = 0;
+- gst_buffer_map (newbuf, &outmap, GST_MAP_WRITE);
+- outdata = outmap.data;
+- } else {
+- gst_buffer_unmap (newbuf, &outmap);
+- out_size += sizeof (Wavpack4Header) + blocksize;
+- gst_buffer_set_size (newbuf, out_size);
+- gst_buffer_map (newbuf, &outmap, GST_MAP_WRITE);
+- outdata = outmap.data;
+- }
++ gst_buffer_unmap (newbuf, &outmap);
++ gst_adapter_push (adapter, newbuf);
++ newbuf = NULL;
+
+- outdata[outpos] = 'w';
+- outdata[outpos + 1] = 'v';
+- outdata[outpos + 2] = 'p';
+- outdata[outpos + 3] = 'k';
+- outpos += 4;
+-
+- GST_WRITE_UINT32_LE (outdata + outpos,
+- blocksize + sizeof (Wavpack4Header) - 8);
+- GST_WRITE_UINT16_LE (outdata + outpos + 4, wvh.version);
+- GST_WRITE_UINT8 (outdata + outpos + 6, wvh.track_no);
+- GST_WRITE_UINT8 (outdata + outpos + 7, wvh.index_no);
+- GST_WRITE_UINT32_LE (outdata + outpos + 8, wvh.total_samples);
+- GST_WRITE_UINT32_LE (outdata + outpos + 12, wvh.block_index);
+- GST_WRITE_UINT32_LE (outdata + outpos + 16, block_samples);
+- GST_WRITE_UINT32_LE (outdata + outpos + 20, flags);
+- GST_WRITE_UINT32_LE (outdata + outpos + 24, crc);
+- outpos += 28;
+-
+- memmove (outdata + outpos, data, blocksize);
+- outpos += blocksize;
+ data += blocksize;
+ size -= blocksize;
+ }
+ gst_buffer_unmap (*buf, &map);
+- gst_buffer_unref (*buf);
+
+- if (newbuf)
+- gst_buffer_unmap (newbuf, &outmap);
++ newbuf = gst_adapter_take_buffer (adapter, gst_adapter_available (adapter));
++ g_object_unref (adapter);
+
++ gst_buffer_copy_into (newbuf, *buf,
++ GST_BUFFER_COPY_TIMESTAMPS | GST_BUFFER_COPY_FLAGS, 0, -1);
++ gst_buffer_unref (*buf);
+ *buf = newbuf;
++
+ audiocontext->wvpk_block_index += block_samples;
+ }
+
+diff --git a/gst/matroska/matroska-ids.h b/gst/matroska/matroska-ids.h
+index 429213f778063ba0063944ab64ad60373bbce5ee..8d4a685a910ec13100a3c3d156b2412d28ec0522 100644
+--- a/gst/matroska/matroska-ids.h
++++ b/gst/matroska/matroska-ids.h
+@@ -688,6 +688,8 @@ typedef struct _Wavpack4Header {
+ guint32 crc; /* crc for actual decoded data */
+ } Wavpack4Header;
+
++#define WAVPACK4_HEADER_SIZE (32)
++
+ typedef enum {
+ GST_MATROSKA_TRACK_ENCODING_SCOPE_FRAME = (1<<0),
+ GST_MATROSKA_TRACK_ENCODING_SCOPE_CODEC_DATA = (1<<1),
diff --git a/gnu/packages/patches/gst-plugins-good-CVE-2021-3498.patch b/gnu/packages/patches/gst-plugins-good-CVE-2021-3498.patch
new file mode 100644
index 0000000000..50eb42f126
--- /dev/null
+++ b/gnu/packages/patches/gst-plugins-good-CVE-2021-3498.patch
@@ -0,0 +1,22 @@
+Fix CVE-2021-3498:
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3498
+https://gstreamer.freedesktop.org/security/sa-2021-0003.html
+
+Patch copied from upstream source repository:
+
+https://gitlab.freedesktop.org/gstreamer/gst-plugins-good/-/commit/02174790726dd20a5c73ce2002189bf240ad4fe0?merge_request_iid=903
+
+diff --git a/gst/matroska/matroska-demux.c b/gst/matroska/matroska-demux.c
+index 4d0234743b8cf243b4521e56ef9027ba23b1b5d0..467815986c8c3d86fd8906a0d539b34f67d6693e 100644
+--- a/gst/matroska/matroska-demux.c
++++ b/gst/matroska/matroska-demux.c
+@@ -692,6 +692,8 @@ gst_matroska_demux_parse_stream (GstMatroskaDemux * demux, GstEbmlRead * ebml,
+
+ DEBUG_ELEMENT_START (demux, ebml, "TrackEntry");
+
++ *dest_context = NULL;
++
+ /* start with the master */
+ if ((ret = gst_ebml_read_master (ebml, &id)) != GST_FLOW_OK) {
+ DEBUG_ELEMENT_STOP (demux, ebml, "TrackEntry", ret);
--
2.31.1
guix-patches <at> gnu.org:bug#48000; Package guix-patches.
(Sat, 24 Apr 2021 19:16:02 GMT) Full text and rfc822 format available.Message #14 received at 48000 <at> debbugs.gnu.org (full text, mbox):
From: Leo Famulari <leo <at> famulari.name> To: 48000 <at> debbugs.gnu.org Subject: [PATCH 2/5] gnu: gst-libav: Fix a stack corruption bug. Date: Sat, 24 Apr 2021 15:14:32 -0400
* gnu/packages/patches/gst-libav-64channels-stack-corruption.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/gstreamer.scm (gst-libav)[source]: Use it.
---
gnu/local.mk | 1 +
gnu/packages/gstreamer.scm | 1 +
...st-libav-64channels-stack-corruption.patch | 31 +++++++++++++++++++
3 files changed, 33 insertions(+)
create mode 100644 gnu/packages/patches/gst-libav-64channels-stack-corruption.patch
diff --git a/gnu/local.mk b/gnu/local.mk
index e19daf76ca..b3e84be598 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1169,6 +1169,7 @@ dist_patch_DATA = \
%D%/packages/patches/grub-setup-root.patch \
%D%/packages/patches/grub-verifiers-Blocklist-fallout-cleanup.patch \
%D%/packages/patches/gspell-dash-test.patch \
+ %D%/packages/patches/gst-libav-64channels-stack-corruption.patch \
%D%/packages/patches/gst-plugins-good-fix-test.patch \
%D%/packages/patches/gst-plugins-good-CVE-2021-3497.patch \
%D%/packages/patches/gst-plugins-good-CVE-2021-3498.patch \
diff --git a/gnu/packages/gstreamer.scm b/gnu/packages/gstreamer.scm
index 6a050ca297..81ac0a2f5f 100644
--- a/gnu/packages/gstreamer.scm
+++ b/gnu/packages/gstreamer.scm
@@ -851,6 +851,7 @@ think twice about shipping them.")
(string-append
"https://gstreamer.freedesktop.org/src/" name "/"
name "-" version ".tar.xz"))
+ (patches (search-patches "gst-libav-64channels-stack-corruption.patch"))
(sha256
(base32 "0jbzams9ggk3sq9ywv4gsl9rghyn203l2582m6l5c1sz9ka9m5in"))))
(build-system meson-build-system)
diff --git a/gnu/packages/patches/gst-libav-64channels-stack-corruption.patch b/gnu/packages/patches/gst-libav-64channels-stack-corruption.patch
new file mode 100644
index 0000000000..cc174e618d
--- /dev/null
+++ b/gnu/packages/patches/gst-libav-64channels-stack-corruption.patch
@@ -0,0 +1,31 @@
+Fix a stack corruption when handling files with more than 64 audio
+channels:
+
+https://gstreamer.freedesktop.org/security/sa-2021-0005.html
+
+Patch copied from upstream source repository:
+
+https://gitlab.freedesktop.org/gstreamer/gst-libav/-/commit/dcea8baa14a5fc3b796d876baaf2f238546ba2b1
+
+diff --git a/ext/libav/gstavcodecmap.c b/ext/libav/gstavcodecmap.c
+index b5be4bb7a5f2712f78383da9319754a8849e3307..be22f22cf5c7c7b22b13e44b10999adaacbcca2b 100644
+--- a/ext/libav/gstavcodecmap.c
++++ b/ext/libav/gstavcodecmap.c
+@@ -102,7 +102,7 @@ gst_ffmpeg_channel_layout_to_gst (guint64 channel_layout, gint channels,
+ guint nchannels = 0;
+ gboolean none_layout = FALSE;
+
+- if (channel_layout == 0) {
++ if (channel_layout == 0 || channels > 64) {
+ nchannels = channels;
+ none_layout = TRUE;
+ } else {
+@@ -163,7 +163,7 @@ gst_ffmpeg_channel_layout_to_gst (guint64 channel_layout, gint channels,
+ } else {
+ guint i;
+
+- for (i = 0; i < nchannels; i++)
++ for (i = 0; i < nchannels && i < 64; i++)
+ pos[i] = GST_AUDIO_CHANNEL_POSITION_NONE;
+ }
+ }
--
2.31.1
guix-patches <at> gnu.org:bug#48000; Package guix-patches.
(Sat, 24 Apr 2021 19:16:02 GMT) Full text and rfc822 format available.Message #17 received at 48000 <at> debbugs.gnu.org (full text, mbox):
From: Leo Famulari <leo <at> famulari.name> To: 48000 <at> debbugs.gnu.org Subject: [PATCH 4/5] gnu: gst-plugins-base: Fix an invalid read when parsing ID3v2 tags. Date: Sat, 24 Apr 2021 15:14:34 -0400
* gnu/packages/patches/gst-plugins-base-fix-id3v2-invalid-read.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/gstreamer.scm (gst-plugins-base)[source]: Use it.
---
gnu/local.mk | 1 +
gnu/packages/gstreamer.scm | 1 +
...-plugins-base-fix-id3v2-invalid-read.patch | 40 +++++++++++++++++++
3 files changed, 42 insertions(+)
create mode 100644 gnu/packages/patches/gst-plugins-base-fix-id3v2-invalid-read.patch
diff --git a/gnu/local.mk b/gnu/local.mk
index 94d7daf910..a57f1996ff 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1171,6 +1171,7 @@ dist_patch_DATA = \
%D%/packages/patches/gspell-dash-test.patch \
%D%/packages/patches/gst-libav-64channels-stack-corruption.patch \
%D%/packages/patches/gst-plugins-bad-fix-overflow.patch \
+ %D%/packages/patches/gst-plugins-base-fix-id3v2-invalid-read.patch \
%D%/packages/patches/gst-plugins-good-fix-test.patch \
%D%/packages/patches/gst-plugins-good-CVE-2021-3497.patch \
%D%/packages/patches/gst-plugins-good-CVE-2021-3498.patch \
diff --git a/gnu/packages/gstreamer.scm b/gnu/packages/gstreamer.scm
index 58a02119c6..7d9c5c993f 100644
--- a/gnu/packages/gstreamer.scm
+++ b/gnu/packages/gstreamer.scm
@@ -527,6 +527,7 @@ This package provides the core library and elements.")
(method url-fetch)
(uri (string-append "https://gstreamer.freedesktop.org/src/" name "/"
name "-" version ".tar.xz"))
+ (patches (search-patches "gst-plugins-base-fix-id3v2-invalid-read.patch"))
(sha256
(base32
"1b05kg46azrxxvq42c71071lfsnc34pw4vynnkczdqi6g0gzn16x"))))
diff --git a/gnu/packages/patches/gst-plugins-base-fix-id3v2-invalid-read.patch b/gnu/packages/patches/gst-plugins-base-fix-id3v2-invalid-read.patch
new file mode 100644
index 0000000000..b2dfef0118
--- /dev/null
+++ b/gnu/packages/patches/gst-plugins-base-fix-id3v2-invalid-read.patch
@@ -0,0 +1,40 @@
+Fix an "invalid read during ID3v2 tag parsing".
+
+https://security-tracker.debian.org/tracker/TEMP-0000000-57E7C1
+https://gitlab.freedesktop.org/gstreamer/gst-plugins-base/-/issues/876
+
+Patch copied from upstream source repository:
+
+https://gitlab.freedesktop.org/gstreamer/gst-plugins-base/-/commit/f4a1428a6997658625d529b9db60fde812fbf1ee
+
+From f4a1428a6997658625d529b9db60fde812fbf1ee Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Tim-Philipp=20M=C3=BCller?= <tim <at> centricular.com>
+Date: Wed, 3 Mar 2021 01:08:25 +0000
+Subject: [PATCH] tag: id3v2: fix frame size check and potential invalid reads
+
+Check the right variable when checking if there's
+enough data left to read the frame size.
+
+Closes https://gitlab.freedesktop.org/gstreamer/gst-plugins-base/-/issues/876
+
+Part-of: <https://gitlab.freedesktop.org/gstreamer/gst-plugins-base/-/merge_requests/1065>
+---
+ gst-libs/gst/tag/id3v2frames.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/gst-libs/gst/tag/id3v2frames.c b/gst-libs/gst/tag/id3v2frames.c
+index 8e9f78254..f39659bf7 100644
+--- a/gst-libs/gst/tag/id3v2frames.c
++++ b/gst-libs/gst/tag/id3v2frames.c
+@@ -109,7 +109,7 @@ id3v2_parse_frame (ID3TagsWorking * work)
+
+ if (work->frame_flags & (ID3V2_FRAME_FORMAT_COMPRESSION |
+ ID3V2_FRAME_FORMAT_DATA_LENGTH_INDICATOR)) {
+- if (work->hdr.frame_data_size <= 4)
++ if (frame_data_size <= 4)
+ return FALSE;
+ if (ID3V2_VER_MAJOR (work->hdr.version) == 3) {
+ work->parse_size = GST_READ_UINT32_BE (frame_data);
+--
+2.31.1
+
--
2.31.1
guix-patches <at> gnu.org:bug#48000; Package guix-patches.
(Sat, 24 Apr 2021 19:16:03 GMT) Full text and rfc822 format available.Message #20 received at 48000 <at> debbugs.gnu.org (full text, mbox):
From: Leo Famulari <leo <at> famulari.name> To: 48000 <at> debbugs.gnu.org Subject: [PATCH 5/5] gnu: gst-plugins-ugly: Fix some out-of-bounds reads. Date: Sat, 24 Apr 2021 15:14:35 -0400
* gnu/packages/patches/gst-plugins-ugly-fix-out-of-bound-reads.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/gstreamer.scm (gst-plugins-ugly)[source]: Use it.
---
gnu/local.mk | 1 +
gnu/packages/gstreamer.scm | 1 +
...-plugins-ugly-fix-out-of-bound-reads.patch | 119 ++++++++++++++++++
3 files changed, 121 insertions(+)
create mode 100644 gnu/packages/patches/gst-plugins-ugly-fix-out-of-bound-reads.patch
diff --git a/gnu/local.mk b/gnu/local.mk
index a57f1996ff..a820bbfd1a 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1175,6 +1175,7 @@ dist_patch_DATA = \
%D%/packages/patches/gst-plugins-good-fix-test.patch \
%D%/packages/patches/gst-plugins-good-CVE-2021-3497.patch \
%D%/packages/patches/gst-plugins-good-CVE-2021-3498.patch \
+ %D%/packages/patches/gst-plugins-ugly-fix-out-of-bound-reads.patch \
%D%/packages/patches/guile-1.8-cpp-4.5.patch \
%D%/packages/patches/guile-2.2-skip-oom-test.patch \
%D%/packages/patches/guile-2.2-skip-so-test.patch \
diff --git a/gnu/packages/gstreamer.scm b/gnu/packages/gstreamer.scm
index 7d9c5c993f..9e70961655 100644
--- a/gnu/packages/gstreamer.scm
+++ b/gnu/packages/gstreamer.scm
@@ -793,6 +793,7 @@ par compared to the rest.")
(uri
(string-append "https://gstreamer.freedesktop.org/src/"
name "/" name "-" version ".tar.xz"))
+ (patches (search-patches "gst-plugins-ugly-fix-out-of-bound-reads.patch"))
(sha256
(base32 "1nwbcv5yaib3d8icvyja3zf6lyjf5zf1hndbijrhj8j7xlia0dx3"))))
(build-system meson-build-system)
diff --git a/gnu/packages/patches/gst-plugins-ugly-fix-out-of-bound-reads.patch b/gnu/packages/patches/gst-plugins-ugly-fix-out-of-bound-reads.patch
new file mode 100644
index 0000000000..3c6a96f45d
--- /dev/null
+++ b/gnu/packages/patches/gst-plugins-ugly-fix-out-of-bound-reads.patch
@@ -0,0 +1,119 @@
+Fix out of bounds reads when parsing audio and video packets:
+
+https://security-tracker.debian.org/tracker/TEMP-0000000-4DAA44
+https://gitlab.freedesktop.org/gstreamer/gst-plugins-ugly/-/issues/37
+
+Patch copied from upstream source repository:
+
+https://gitlab.freedesktop.org/gstreamer/gst-plugins-ugly/-/commit/3aba7d1e625554b2407bc77b3d09b4928b937d5f
+From 3aba7d1e625554b2407bc77b3d09b4928b937d5f Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian <at> centricular.com>
+Date: Wed, 3 Mar 2021 11:05:14 +0200
+Subject: [PATCH] rmdemux: Make sure we have enough data available when parsing
+ audio/video packets
+
+Otherwise there will be out-of-bounds reads and potential crashes.
+
+Thanks to Natalie Silvanovich for reporting.
+
+Fixes https://gitlab.freedesktop.org/gstreamer/gst-plugins-ugly/-/issues/37
+
+Part-of: <https://gitlab.freedesktop.org/gstreamer/gst-plugins-ugly/-/merge_requests/74>
+---
+ gst/realmedia/rmdemux.c | 35 +++++++++++++++++++++++++++++++++++
+ 1 file changed, 35 insertions(+)
+
+diff --git a/gst/realmedia/rmdemux.c b/gst/realmedia/rmdemux.c
+index 6cc659a1..68b0736b 100644
+--- a/gst/realmedia/rmdemux.c
++++ b/gst/realmedia/rmdemux.c
+@@ -2223,6 +2223,9 @@ gst_rmdemux_parse_video_packet (GstRMDemux * rmdemux, GstRMDemuxStream * stream,
+
+ gst_buffer_map (in, &map, GST_MAP_READ);
+
++ if (map.size < offset)
++ goto not_enough_data;
++
+ data = map.data + offset;
+ size = map.size - offset;
+
+@@ -2289,6 +2292,9 @@ gst_rmdemux_parse_video_packet (GstRMDemux * rmdemux, GstRMDemuxStream * stream,
+ }
+ GST_DEBUG_OBJECT (rmdemux, "fragment size %d", fragment_size);
+
++ if (map.size < (data - map.data) + fragment_size)
++ goto not_enough_data;
++
+ /* get the fragment */
+ fragment =
+ gst_buffer_copy_region (in, GST_BUFFER_COPY_ALL, data - map.data,
+@@ -2437,6 +2443,9 @@ gst_rmdemux_parse_audio_packet (GstRMDemux * rmdemux, GstRMDemuxStream * stream,
+ GstFlowReturn ret;
+ GstBuffer *buffer;
+
++ if (gst_buffer_get_size (in) < offset)
++ goto not_enough_data;
++
+ buffer = gst_buffer_copy_region (in, GST_BUFFER_COPY_MEMORY, offset, -1);
+
+ if (rmdemux->first_ts != -1 && timestamp > rmdemux->first_ts)
+@@ -2467,9 +2476,19 @@ gst_rmdemux_parse_audio_packet (GstRMDemux * rmdemux, GstRMDemuxStream * stream,
+ ret = gst_pad_push (stream->pad, buffer);
+ }
+
++done:
+ gst_buffer_unref (in);
+
+ return ret;
++
++ /* ERRORS */
++not_enough_data:
++ {
++ GST_ELEMENT_WARNING (rmdemux, STREAM, DECODE, ("Skipping bad packet."),
++ (NULL));
++ ret = GST_FLOW_OK;
++ goto done;
++ }
+ }
+
+ static GstFlowReturn
+@@ -2490,6 +2509,9 @@ gst_rmdemux_parse_packet (GstRMDemux * rmdemux, GstBuffer * in, guint16 version)
+ data = map.data;
+ size = map.size;
+
++ if (size < 4 + 6 + 1 + 2)
++ goto not_enough_data;
++
+ /* stream number */
+ id = RMDEMUX_GUINT16_GET (data);
+
+@@ -2525,6 +2547,9 @@ gst_rmdemux_parse_packet (GstRMDemux * rmdemux, GstBuffer * in, guint16 version)
+
+ /* version 1 has an extra byte */
+ if (version == 1) {
++ if (size < 1)
++ goto not_enough_data;
++
+ data += 1;
+ size -= 1;
+ }
+@@ -2596,6 +2621,16 @@ unknown_stream:
+ gst_buffer_unref (in);
+ return GST_FLOW_OK;
+ }
++
++ /* ERRORS */
++not_enough_data:
++ {
++ GST_ELEMENT_WARNING (rmdemux, STREAM, DECODE, ("Skipping bad packet."),
++ (NULL));
++ gst_buffer_unmap (in, &map);
++ gst_buffer_unref (in);
++ return GST_FLOW_OK;
++ }
+ }
+
+ gboolean
+--
+2.31.1
+
--
2.31.1
guix-patches <at> gnu.org:bug#48000; Package guix-patches.
(Sun, 25 Apr 2021 08:47:02 GMT) Full text and rfc822 format available.Message #23 received at 48000 <at> debbugs.gnu.org (full text, mbox):
From: Maxime Devos <maximedevos <at> telenet.be> To: Leo Famulari <leo <at> famulari.name>, 48000 <at> debbugs.gnu.org Subject: Re: [bug#48000] GStreamer security updates Date: Sun, 25 Apr 2021 10:45:53 +0200
[Message part 1 (text/plain, inline)]
Leo Famulari schreef op za 24-04-2021 om 15:12 [-0400]: > Here is a patch series to apply some GStreamer security updates. > > I tested that all the packages build. Can you recommend some > applications to test? You can use "guix refresh --list-dependent" to generate a list of applications that you could test. $ guix refresh --list-dependent gst-plugins-good > Building the following 27 packages would ensure 44 dependent packages are rebuilt: > gamine <at> 1.6 lollypop <at> 1.4.6 sound-juicer <at> 3.24.0 rhythmbox <at> 3.4.4 parlatype <at> 2.1 cozy <at> 0.7.8 > telegram-purple <at> 1.4.2 chatty <at> 0.1.17 purple-mattermost <at> 1.2-0.158ce20 bitlbee-purple <at> 3.6 > pidgin-otr <at> 4.0.2 caja-extensions <at> 1.24.1 nomad <at> 0.2.0-alpha-199-g3e7a475 strawberry <at> 0.9.3 > pragha <at> 1.3.4 clementine <at> 1.4.0rc1-450-g2725ef99d beets-bandcamp <at> 0.1.3 beets-next <at> 1.4.9-1.04ea754 > rapid-photo-downloader <at> 0.9.18 gnome <at> 3.34.5 virt-viewer <at> 7.0 vinagre <at> 3.22.0 virt-manager <at> 3.2.0 > blanket <at> 0.3.1 pitivi <at> 0.999.0-2021.01.0 gaupol <at> 1.9 xfburn <at> 0.6.2 A selection: rhythmbox (a music playing application), nomad (a browser, maybe it supports video playing) For more packages: $ guix refresh --list-dependent gst-plugins-base > [...] A selection: rage (music and video player), quadrapassal (a game with sound effects), byzanz (desktop recording application) Greetings, Maxime.
[signature.asc (application/pgp-signature, inline)]
Leo Famulari <leo <at> famulari.name>:Leo Famulari <leo <at> famulari.name>:Message #28 received at 48000-done <at> debbugs.gnu.org (full text, mbox):
From: Leo Famulari <leo <at> famulari.name> To: Maxime Devos <maximedevos <at> telenet.be> Cc: 48000-done <at> debbugs.gnu.org Subject: Re: [bug#48000] GStreamer security updates Date: Tue, 27 Apr 2021 02:01:28 -0400
[Message part 1 (text/plain, inline)]
On Sun, Apr 25, 2021 at 10:45:53AM +0200, Maxime Devos wrote: > $ guix refresh --list-dependent gst-plugins-good > > Building the following 27 packages would ensure 44 dependent packages are rebuilt: > > gamine <at> 1.6 lollypop <at> 1.4.6 sound-juicer <at> 3.24.0 rhythmbox <at> 3.4.4 parlatype <at> 2.1 cozy <at> 0.7.8 > > telegram-purple <at> 1.4.2 chatty <at> 0.1.17 purple-mattermost <at> 1.2-0.158ce20 bitlbee-purple <at> 3.6 > > pidgin-otr <at> 4.0.2 caja-extensions <at> 1.24.1 nomad <at> 0.2.0-alpha-199-g3e7a475 strawberry <at> 0.9.3 > > pragha <at> 1.3.4 clementine <at> 1.4.0rc1-450-g2725ef99d beets-bandcamp <at> 0.1.3 beets-next <at> 1.4.9-1.04ea754 > > rapid-photo-downloader <at> 0.9.18 gnome <at> 3.34.5 virt-viewer <at> 7.0 vinagre <at> 3.22.0 virt-manager <at> 3.2.0 > > blanket <at> 0.3.1 pitivi <at> 0.999.0-2021.01.0 gaupol <at> 1.9 xfburn <at> 0.6.2 > > A selection: > rhythmbox (a music playing application), nomad (a browser, maybe it supports video playing) > > For more packages: > $ guix refresh --list-dependent gst-plugins-base > > [...] > > A selection: > rage (music and video player), quadrapassal (a game with sound effects), byzanz (desktop > recording application) I tested a few applications and pushed as 32db6f504473c118e875f54c6a08b9c6884a3123
[signature.asc (application/pgp-signature, inline)]
Debbugs Internal Request <help-debbugs <at> gnu.org>
to internal_control <at> debbugs.gnu.org.
(Tue, 25 May 2021 11:24:04 GMT) Full text and rfc822 format available.
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.