commit gstreamer-plugins-good for openSUSE:Factory

root Mon, 13 Feb 2017 15:37:48 -0800

Hello community,

here is the log from the commit of package gstreamer-plugins-good for 
openSUSE:Factory checked in at 2017-02-14 00:37:31
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/gstreamer-plugins-good (Old)
 and      /work/SRC/openSUSE:Factory/.gstreamer-plugins-good.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "gstreamer-plugins-good"

Changes:
--------
--- 
/work/SRC/openSUSE:Factory/gstreamer-plugins-good/gstreamer-plugins-good.changes
    2017-02-03 17:41:55.836782491 +0100
+++ 
/work/SRC/openSUSE:Factory/.gstreamer-plugins-good.new/gstreamer-plugins-good.changes
       2017-02-14 00:37:32.358242564 +0100
@@ -1,0 +2,7 @@
+Sat Feb  4 23:08:04 UTC 2017 - [email protected]
+
+- Add gstreamer-plugins-good-qtdemux-sanity-check.patch: qtdemux:
+  sanity check number of segments in edit list. Fixes crash with
+  fuzzed file (bgo#777940).
+
+-------------------------------------------------------------------
@@ -4 +11 @@
-- Update to version 1.10.3:
+- Update to version 1.10.3 (CVE-2017-5838):

New:
----
  gstreamer-plugins-good-qtdemux-sanity-check.patch

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ gstreamer-plugins-good.spec ++++++
--- /var/tmp/diff_new_pack.pUbgz3/_old  2017-02-14 00:37:33.570071476 +0100
+++ /var/tmp/diff_new_pack.pUbgz3/_new  2017-02-14 00:37:33.574070911 +0100
@@ -32,6 +32,8 @@
 Source0:        
http://download.gnome.org/sources/gst-plugins-good/1.10/%{_name}-%{version}.tar.xz
 Source1:        gstreamer-plugins-good.appdata.xml
 Source99:       baselibs.conf
+# PATCH-FIX-UPSTREAM gstreamer-plugins-good-qtdemux-sanity-check.patch 
bgo#777940 [email protected] -- qtdemux: sanity check number of segments in 
edit list
+Patch0:         gstreamer-plugins-good-qtdemux-sanity-check.patch
 %if 0%{?ENABLE_AALIB}
 BuildRequires:  aalib-devel
 %endif
@@ -123,6 +125,7 @@
 %prep
 chmod 0644 %{S:0}
 %setup -q -n %{_name}-%{version}
+%patch0 -p1
 %if !0%{?is_opensuse}
 translation-update-upstream po gst-plugins-good-%{gst_branch}
 %endif

++++++ gstreamer-plugins-good-qtdemux-sanity-check.patch ++++++
>From cc1968e3e7995ae737e4d484ecf7b8b6139dac91 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tim-Philipp=20M=C3=BCller?= <[email protected]>
Date: Mon, 30 Jan 2017 20:20:08 +0000
Subject: qtdemux: sanity check number of segments in edit list

Fixes crash with fuzzed file.

https://bugzilla.gnome.org/show_bug.cgi?id=777940

diff --git a/gst/isomp4/qtdemux.c b/gst/isomp4/qtdemux.c
index f2c4a42..ba36a9e 100644
--- a/gst/isomp4/qtdemux.c
+++ b/gst/isomp4/qtdemux.c
@@ -8668,7 +8668,7 @@ qtdemux_parse_segments (GstQTDemux * qtdemux, 
QtDemuxStream * stream,
 
     n_segments = QT_UINT32 (buffer + 12);
 
-    if (size < 16 + n_segments * entry_size) {
+    if (n_segments > 100000 || size < 16 + n_segments * entry_size) {
       GST_WARNING_OBJECT (qtdemux, "Invalid edit list");
       goto done;
     }
-- 
cgit v0.10.2

commit gstreamer-plugins-good for openSUSE:Factory

Reply via email to