Hello community,
here is the log from the commit of package gstreamer-plugins-base for
openSUSE:Factory checked in at 2019-06-13 22:34:14
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/gstreamer-plugins-base (Old)
and /work/SRC/openSUSE:Factory/.gstreamer-plugins-base.new.4811 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "gstreamer-plugins-base"
Thu Jun 13 22:34:14 2019 rev:60 rq:707914 version:1.14.5
Changes:
--------
---
/work/SRC/openSUSE:Factory/gstreamer-plugins-base/gstreamer-plugins-base.changes
2019-05-20 10:27:15.553938884 +0200
+++
/work/SRC/openSUSE:Factory/.gstreamer-plugins-base.new.4811/gstreamer-plugins-base.changes
2019-06-13 22:34:16.692363128 +0200
@@ -1,0 +2,31 @@
+Fri May 31 21:36:38 UTC 2019 - Bjørn Lie <[email protected]>
+
+- Update to version 1.14.5:
+ + audioconvert: fix endianness conversion for unpacked formats
+ (e.g. S24_32BE).
+ + audioringbuffer: Fix wrong memcpy address when reordering
+ channels.
+ + decodebin2: Make sure to remove pad probes when freeing
+ GstDecodeGroup.
+ + glviewconvert: fix output when a transformation matrix is used.
+ + glupload:
+ - Prevent segfault when updating caps.
+ - dmabuf: be explicit about gl formats used.
+ + gl/egl: Determine correct format on dmabuf import.
+ + id3tag: validate the year from v1 tags before passing to
+ GstDateTime.
+ + rtpbasepayload: Fix sequence numbers when using buffer lists.
+ + rtspconnection:
+ - Fix security issue, potential heap overflow (CVE-2019-9928).
+ - Fix GError set over the top of a previous GError.
+ - Do not duplicate authentication headers.
+ + subparse: don’t assert when failing to parse subrip timestamp.
+ + video: various convert sample frame fixes.
+ + video-converter: fix conversion from I420_10LE/BE, I420_12LE/BE,
+ A420_10LE/BE to BGRA/RGBA which created corrupted output.
+ + video-format: Fix GBRA_10/12 alpha channel pixel strides.
+- Drop upstream fixed patches:
+ + CVE-2019-9928.patch
+ + 0001-id3tag-Correctly-validate-the-year-from-v1-tags-befo.patch
+
+-------------------------------------------------------------------
Old:
----
0001-id3tag-Correctly-validate-the-year-from-v1-tags-befo.patch
CVE-2019-9928.patch
gst-plugins-base-1.14.4.tar.xz
New:
----
gst-plugins-base-1.14.5.tar.xz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ gstreamer-plugins-base.spec ++++++
--- /var/tmp/diff_new_pack.ar4sM0/_old 2019-06-13 22:34:17.256362945 +0200
+++ /var/tmp/diff_new_pack.ar4sM0/_new 2019-06-13 22:34:17.260362943 +0200
@@ -20,7 +20,7 @@
%define gst_branch 1.0
%define gstreamer_plugins_base_req %(xzgrep --text "^GST[_A-Z]*_REQ"
%{SOURCE0} | sort -u | sed 's/GST_REQ=/gstreamer >= /')
Name: gstreamer-plugins-base
-Version: 1.14.4
+Version: 1.14.5
Release: 0
Summary: GStreamer Streaming-Media Framework Plug-Ins
License: LGPL-2.1-or-later AND GPL-2.0-or-later
@@ -29,9 +29,6 @@
Source0:
https://gstreamer.freedesktop.org/src/gst-plugins-base/%{_name}-%{version}.tar.xz
Source1: gstreamer-plugins-base.appdata.xml
Source2: baselibs.conf
-Patch0: 0001-id3tag-Correctly-validate-the-year-from-v1-tags-befo.patch
-# PATCh-FIX-UPSTREAM CVE-2019-9928.patch boo#1133375 [email protected] -- fix a
heap overflow in the rtsp connection parser.
-Patch1: CVE-2019-9928.patch
BuildRequires: Mesa-libGLESv3-devel
BuildRequires: cdparanoia-devel
++++++ gst-plugins-base-1.14.4.tar.xz -> gst-plugins-base-1.14.5.tar.xz ++++++
++++ 5621 lines of diff (skipped)
