commit live555 for openSUSE:Factory

Source-Sync Wed, 25 Aug 2021 11:58:36 -0700

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package live555 for openSUSE:Factory checked 
in at 2021-08-25 20:56:38
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/live555 (Old)
 and      /work/SRC/openSUSE:Factory/.live555.new.1899 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "live555"

Wed Aug 25 20:56:38 2021 rev:27 rq:913854 version:2021.08.23

Changes:
--------
--- /work/SRC/openSUSE:Factory/live555/live555.changes  2021-08-16 
10:14:00.874923494 +0200
+++ /work/SRC/openSUSE:Factory/.live555.new.1899/live555.changes        
2021-08-25 20:57:21.161228582 +0200
@@ -1,0 +2,30 @@
+Mon Aug 23 14:46:03 UTC 2021 - Fusion Future <qydwhotm...@gmail.com>
+
+- Update to 2021.08.23:
+  * Updated the "readSocket()" code in "GroupsockHelper.cpp" yet
+    again to try to eliminate another (alleged) "depends on
+    uninitialised value" report from 'valgrind'.
+    (If, after this, you still see this, then your implementation
+    of "recvfrom()" is broken.)
+- Changes in 2021.08.19:
+  * Updated the "readSocket()" code in "GroupsockHelper.cpp" to
+    eliminate another possible "depends on uninitialised value"
+    report from 'valgrind'.
+- Changes in 2021.08.18:
+  * Updated the "readSocket()" code in "GroupsockHelper.cpp" to
+    eliminate a "depends on uninitialised value" report from
+    'valgrind'.
+- Changes in 2021.08.17:
+  * Updated the 'groupsock' "setPortNum()" function to not rely
+    upon the "ss_family" family field, in case it's uninitialized.
+- Changes in 2021.08.14:
+  * Fixed a minor bug in the previous release ("delete" should have
+    been "delete[]")
+- Changes in 2021.08.13:
+  * Fixed a bug in "MPEG1or2Demux" that could cause a 'reading
+    twice at the same time" abort when streaming from a MPEG
+    Program Stream file. (boo#1189726, CVE-2021-39283)
+  * Fixed a potential memory leak in "AC3AudioStreamFramer".
+    (boo#1189725, CVE-2021-39282)
+
+-------------------------------------------------------------------

Old:
----
  live.2021.08.09.tar.gz

New:
----
  live.2021.08.23.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ live555.spec ++++++
--- /var/tmp/diff_new_pack.XOA70z/_old  2021-08-25 20:57:21.941227557 +0200
+++ /var/tmp/diff_new_pack.XOA70z/_new  2021-08-25 20:57:21.941227557 +0200
@@ -20,7 +20,7 @@
 %define lmdmaj 97
 
 Name:           live555
-Version:        2021.08.09
+Version:        2021.08.23
 Release:        0
 Summary:        LIVE555 Streaming Media
 License:        LGPL-2.1-only
@@ -136,12 +136,15 @@
 %files -n libliveMedia%{lmdmaj}
 %license COPYING
 %{_libdir}/libliveMedia.so.%{lmdmaj}*
+
 %files -n libBasicUsageEnvironment1
 %license COPYING
 %{_libdir}/libBasicUsageEnvironment.so.1*
+
 %files -n libgroupsock30
 %license COPYING
 %{_libdir}/libgroupsock.so.30*
+
 %files -n libUsageEnvironment3
 %license COPYING
 %{_libdir}/libUsageEnvironment.so.3*

++++++ live.2021.08.09.tar.gz -> live.2021.08.23.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/live/BasicUsageEnvironment/include/BasicUsageEnvironment_version.hh 
new/live/BasicUsageEnvironment/include/BasicUsageEnvironment_version.hh
--- old/live/BasicUsageEnvironment/include/BasicUsageEnvironment_version.hh     
2021-08-09 08:33:36.000000000 +0200
+++ new/live/BasicUsageEnvironment/include/BasicUsageEnvironment_version.hh     
2021-08-23 14:05:17.000000000 +0200
@@ -19,7 +19,7 @@
 #ifndef _BASICUSAGEENVIRONMENT_VERSION_HH
 #define _BASICUSAGEENVIRONMENT_VERSION_HH
 
-#define BASICUSAGEENVIRONMENT_LIBRARY_VERSION_STRING   "2021.08.09"
-#define BASICUSAGEENVIRONMENT_LIBRARY_VERSION_INT              1628467200
+#define BASICUSAGEENVIRONMENT_LIBRARY_VERSION_STRING   "2021.08.23"
+#define BASICUSAGEENVIRONMENT_LIBRARY_VERSION_INT              1629676800
 
 #endif
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/live/UsageEnvironment/include/UsageEnvironment_version.hh 
new/live/UsageEnvironment/include/UsageEnvironment_version.hh
--- old/live/UsageEnvironment/include/UsageEnvironment_version.hh       
2021-08-09 08:33:36.000000000 +0200
+++ new/live/UsageEnvironment/include/UsageEnvironment_version.hh       
2021-08-23 14:05:17.000000000 +0200
@@ -19,7 +19,7 @@
 #ifndef _USAGEENVIRONMENT_VERSION_HH
 #define _USAGEENVIRONMENT_VERSION_HH
 
-#define USAGEENVIRONMENT_LIBRARY_VERSION_STRING        "2021.08.09"
-#define USAGEENVIRONMENT_LIBRARY_VERSION_INT           1628467200
+#define USAGEENVIRONMENT_LIBRARY_VERSION_STRING        "2021.08.23"
+#define USAGEENVIRONMENT_LIBRARY_VERSION_INT           1629676800
 
 #endif
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/live/config.linux-with-shared-libraries 
new/live/config.linux-with-shared-libraries
--- old/live/config.linux-with-shared-libraries 2021-08-09 08:33:57.000000000 
+0200
+++ new/live/config.linux-with-shared-libraries 2021-08-23 14:05:29.000000000 
+0200
@@ -4,7 +4,7 @@
 # One or more interfaces were added, but no existing interfaces were changed 
or removed => CURRENT += 1; REVISION = 0; AGE += 1
 
 libliveMedia_VERSION_CURRENT=97
-libliveMedia_VERSION_REVISION=0
+libliveMedia_VERSION_REVISION=2
 libliveMedia_VERSION_AGE=0
 libliveMedia_LIB_SUFFIX=so.$(shell expr $(libliveMedia_VERSION_CURRENT) - 
$(libliveMedia_VERSION_AGE)).$(libliveMedia_VERSION_AGE).$(libliveMedia_VERSION_REVISION)
 
@@ -19,7 +19,7 @@
 libUsageEnvironment_LIB_SUFFIX=so.$(shell expr 
$(libUsageEnvironment_VERSION_CURRENT) - 
$(libUsageEnvironment_VERSION_AGE)).$(libUsageEnvironment_VERSION_AGE).$(libUsageEnvironment_VERSION_REVISION)
 
 libgroupsock_VERSION_CURRENT=30
-libgroupsock_VERSION_REVISION=4
+libgroupsock_VERSION_REVISION=8
 libgroupsock_VERSION_AGE=0
 libgroupsock_LIB_SUFFIX=so.$(shell expr $(libgroupsock_VERSION_CURRENT) - 
$(libgroupsock_VERSION_AGE)).$(libgroupsock_VERSION_AGE).$(libgroupsock_VERSION_REVISION)
 #####
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/live/groupsock/GroupsockHelper.cpp 
new/live/groupsock/GroupsockHelper.cpp
--- old/live/groupsock/GroupsockHelper.cpp      2021-08-09 08:33:36.000000000 
+0200
+++ new/live/groupsock/GroupsockHelper.cpp      2021-08-23 14:05:17.000000000 
+0200
@@ -393,6 +393,10 @@
                           (struct sockaddr*)&fromAddress,
                           &addressSize);
   if (bytesRead < 0) {
+    fromAddress.ss_family = AF_INET;
+    ((sockaddr_in&)fromAddress).sin_addr.s_addr = 0;
+    ((sockaddr_in&)fromAddress).sin_port = 0;
+
     //##### HACK to work around bugs in Linux and Windows:
     int err = env.getErrno();
     if (err == 111 /*ECONNREFUSED (Linux)*/
@@ -408,22 +412,16 @@
        || err == EAGAIN
 #endif
        || err == 113 /*EHOSTUNREACH (Linux)*/) { // Why does Linux return this 
for datagram sock?
-      switch (fromAddress.ss_family) {
-       case AF_INET: {
-         ((sockaddr_in&)fromAddress).sin_addr.s_addr = 0;
-         break;
-       }
-        case AF_INET6: {
-         for (unsigned i = 0; i < 16; ++i) 
((sockaddr_in6&)fromAddress).sin6_addr.s6_addr[i] = 0;
-         break;
-       }
-      }
       return 0;
     }
     //##### END HACK
     socketErr(env, "recvfrom() error: ");
   } else if (bytesRead == 0) {
     // "recvfrom()" on a stream socket can return 0 if the remote end has 
closed the connection.  Treat this as an error:
+    fromAddress.ss_family = AF_INET;
+    ((sockaddr_in&)fromAddress).sin_addr.s_addr = 0;
+    ((sockaddr_in&)fromAddress).sin_port = 0;
+
     return -1;
   }
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/live/groupsock/NetAddress.cpp 
new/live/groupsock/NetAddress.cpp
--- old/live/groupsock/NetAddress.cpp   2021-08-09 08:33:36.000000000 +0200
+++ new/live/groupsock/NetAddress.cpp   2021-08-23 14:05:17.000000000 +0200
@@ -514,14 +514,5 @@
 }
 
 void setPortNum(struct sockaddr_storage& address, portNumBits portNum/*in 
network order*/) {
-  switch (address.ss_family) {
-    case AF_INET: {
-      ((sockaddr_in&)address).sin_port = portNum;
-      break;
-    }
-    case AF_INET6: {
-      ((sockaddr_in6&)address).sin6_port = portNum;
-      break;
-    }
-  }
+  ((sockaddr_in&)address).sin_port = portNum; // position will be the same for 
"sockaddr_in6"
 }
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/live/groupsock/include/groupsock_version.hh 
new/live/groupsock/include/groupsock_version.hh
--- old/live/groupsock/include/groupsock_version.hh     2021-08-09 
08:33:36.000000000 +0200
+++ new/live/groupsock/include/groupsock_version.hh     2021-08-23 
14:05:17.000000000 +0200
@@ -19,7 +19,7 @@
 #ifndef _GROUPSOCK_VERSION_HH
 #define _GROUPSOCK_VERSION_HH
 
-#define GROUPSOCK_LIBRARY_VERSION_STRING       "2021.08.09"
-#define GROUPSOCK_LIBRARY_VERSION_INT          1628467200
+#define GROUPSOCK_LIBRARY_VERSION_STRING       "2021.08.23"
+#define GROUPSOCK_LIBRARY_VERSION_INT          1629676800
 
 #endif
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/live/liveMedia/AC3AudioStreamFramer.cpp 
new/live/liveMedia/AC3AudioStreamFramer.cpp
--- old/live/liveMedia/AC3AudioStreamFramer.cpp 2021-08-09 08:33:36.000000000 
+0200
+++ new/live/liveMedia/AC3AudioStreamFramer.cpp 2021-08-23 14:05:17.000000000 
+0200
@@ -224,6 +224,7 @@
 }
 
 AC3AudioStreamParser::~AC3AudioStreamParser() {
+  delete[] fSavedFrame;
 }
 
 void AC3AudioStreamParser::registerReadInterest(unsigned char* to,
@@ -303,7 +304,7 @@
 
 void AC3AudioStreamParser::readAndSaveAFrame() {
   unsigned const maxAC3FrameSize = 4000;
-  fSavedFrame = new unsigned char[maxAC3FrameSize];
+  delete[] fSavedFrame; fSavedFrame = new unsigned char[maxAC3FrameSize];
   fSavedFrameSize = 0;
 
   fSavedFrameFlag = 0;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/live/liveMedia/MPEG1or2Demux.cpp 
new/live/liveMedia/MPEG1or2Demux.cpp
--- old/live/liveMedia/MPEG1or2Demux.cpp        2021-08-09 08:33:36.000000000 
+0200
+++ new/live/liveMedia/MPEG1or2Demux.cpp        2021-08-23 14:05:17.000000000 
+0200
@@ -290,7 +290,10 @@
 void MPEG1or2Demux::stopGettingFrames(u_int8_t streamIdTag) {
     struct OutputDescriptor& out = fOutput[streamIdTag];
 
-    if (out.isCurrentlyAwaitingData && fNumPendingReads > 0) 
--fNumPendingReads;
+    if (out.isCurrentlyAwaitingData && fNumPendingReads > 0) {
+      --fNumPendingReads;
+      if (fNumPendingReads == 0 && fInputSource != NULL) 
fInputSource->stopGettingFrames();
+    }
 
     out.isCurrentlyActive = out.isCurrentlyAwaitingData = False;
 }
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/live/liveMedia/include/liveMedia_version.hh 
new/live/liveMedia/include/liveMedia_version.hh
--- old/live/liveMedia/include/liveMedia_version.hh     2021-08-09 
08:33:36.000000000 +0200
+++ new/live/liveMedia/include/liveMedia_version.hh     2021-08-23 
14:05:17.000000000 +0200
@@ -19,7 +19,7 @@
 #ifndef _LIVEMEDIA_VERSION_HH
 #define _LIVEMEDIA_VERSION_HH
 
-#define LIVEMEDIA_LIBRARY_VERSION_STRING       "2021.08.09"
-#define LIVEMEDIA_LIBRARY_VERSION_INT          1628467200
+#define LIVEMEDIA_LIBRARY_VERSION_STRING       "2021.08.23"
+#define LIVEMEDIA_LIBRARY_VERSION_INT          1629676800
 
 #endif

commit live555 for openSUSE:Factory

Reply via email to