gstreamer-*: 1.10.2 -> 1.10.3 for multiple CVEs

gst-plugins-bad:
From the Arch Linux advisory:
 - CVE-2017-5843 (arbitrary code execution): A double-free issue has
 been found in gstreamer before 1.10.3, in
 gst_mxf_demux_update_essence_tracks.

- CVE-2017-5848 (denial of service): An out-of-bounds read has been
  found in gstreamer before 1.10.3, in gst_ps_demux_parse_psm.
More: https://lwn.net/Vulnerabilities/713772/

gst-plugins-base:
From the Arch Linux advisory:

- CVE-2017-5837 (denial of service): A floating point exception issue
  has been found in gstreamer before 1.10.3, in
  gst_riff_create_audio_caps.

- CVE-2017-5839 (denial of service): An endless recursion issue
  leading to stack overflow has been found in gstreamer before 1.10.3,
  in gst_riff_create_audio_caps.

- CVE-2017-5842 (arbitrary code execution): An off-by-one write has
  been found in gstreamer before 1.10.3, in
  html_context_handle_element.

- CVE-2017-5844 (denial of service): A floating point exception issue
  has been found in gstreamer before 1.10.3, in
  gst_riff_create_audio_caps.
More: https://lwn.net/Vulnerabilities/713773/

gst-plugins-good:
From the Arch Linux advisory:

- CVE-2016-10198 (denial of service): An invalid memory read flaw has
  been found in gstreamer before 1.10.3, in
  gst_aac_parse_sink_setcaps.

- CVE-2016-10199 (denial of service): An out of bounds read has been
  found in gstreamer before 1.10.3, in qtdemux_tag_add_str_full.

- CVE-2017-5840 (denial of service): An out-of-bounds read has been
  found in gstreamer before 1.10.3, in qtdemux_parse_samples.

- CVE-2017-5841 (denial of service): An out-of-bounds read has been
  found in gstreamer before 1.10.3, in gst_avi_demux_parse_ncdt.

- CVE-2017-5845 (denial of service): An out-of-bounds read has been
  found in gstreamer before 1.10.3, in gst_avi_demux_parse_ncdt.
More: https://lwn.net/Vulnerabilities/713774/

gst-plugins-ugly:
From the Arch Linux advisory:

- CVE-2017-5846 (denial of service): An out-of-bounds read has been
  found in gstreamer before 1.10.3, in
  gst_asf_demux_process_ext_stream_props.

- CVE-2017-5847 (denial of service): An out-of-bounds read has been
  found in gstreamer before 1.10.3, in
  gst_asf_demux_process_ext_content_desc.
More: https://lwn.net/Vulnerabilities/713775/

gstreamer:
From the Arch Linux advisory:

An out of bounds read has been found in gstreamer before 1.10.3, in
gst_date_time_new_from_iso8601_string.
More: https://lwn.net/Vulnerabilities/713776/
This commit is contained in:
Graham Christensen 2017-02-08 08:27:59 -05:00
parent 9d30099b7f
commit afd59811a1
No known key found for this signature in database
GPG Key ID: 06121D366FE9435C
10 changed files with 20 additions and 20 deletions

View File

@ -14,7 +14,7 @@ let
inherit (stdenv.lib) optional optionalString; inherit (stdenv.lib) optional optionalString;
in in
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
name = "gst-plugins-bad-1.10.2"; name = "gst-plugins-bad-1.10.3";
meta = with stdenv.lib; { meta = with stdenv.lib; {
description = "Gstreamer Bad Plugins"; description = "Gstreamer Bad Plugins";
@ -31,7 +31,7 @@ stdenv.mkDerivation rec {
src = fetchurl { src = fetchurl {
url = "${meta.homepage}/src/gst-plugins-bad/${name}.tar.xz"; url = "${meta.homepage}/src/gst-plugins-bad/${name}.tar.xz";
sha256 = "0fisnnfpp3s8pbm6hjrfi4wjpq2da8c6w3ns9pjcg7590f9wm587"; sha256 = "1rwla1p57yzygb68z2xk5l5kvqzj5w3nxq0davkwk139zd8r6294";
}; };
outputs = [ "out" "dev" ]; outputs = [ "out" "dev" ];

View File

@ -4,7 +4,7 @@
}: }:
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
name = "gst-plugins-base-1.10.2"; name = "gst-plugins-base-1.10.3";
meta = { meta = {
description = "Base plugins and helper libraries"; description = "Base plugins and helper libraries";
@ -15,7 +15,7 @@ stdenv.mkDerivation rec {
src = fetchurl { src = fetchurl {
url = "${meta.homepage}/src/gst-plugins-base/${name}.tar.xz"; url = "${meta.homepage}/src/gst-plugins-base/${name}.tar.xz";
sha256 = "086yjwmp4fykcqkj6zqhwrk2z49981kl8x545vz2wvblrc7x9h7v"; sha256 = "040pifl4cgsqqz2si4s1y5khj3zwm39w21siagxwp805swbrcag6";
}; };
outputs = [ "out" "dev" ]; outputs = [ "out" "dev" ];

View File

@ -3,7 +3,7 @@
}: }:
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
name = "gstreamer-1.10.2"; name = "gstreamer-1.10.3";
meta = { meta = {
description = "Open source multimedia framework"; description = "Open source multimedia framework";
@ -15,7 +15,7 @@ stdenv.mkDerivation rec {
src = fetchurl { src = fetchurl {
url = "${meta.homepage}/src/gstreamer/${name}.tar.xz"; url = "${meta.homepage}/src/gstreamer/${name}.tar.xz";
sha256 = "0rcd4ya4k99x6ngm9v78as7ql0rqibkwshc13lb4rjdszs0qw3hm"; sha256 = "0gdnxg5igbhnpjhrzp31w1ww95j805byqd6mj3x29wli54dxrfc5";
}; };
outputs = [ "out" "dev" ]; outputs = [ "out" "dev" ];

View File

@ -3,7 +3,7 @@
}: }:
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
name = "gstreamer-editing-services-1.10.2"; name = "gstreamer-editing-services-1.10.3";
meta = with stdenv.lib; { meta = with stdenv.lib; {
description = "Library for creation of audio/video non-linear editors"; description = "Library for creation of audio/video non-linear editors";
@ -14,7 +14,7 @@ stdenv.mkDerivation rec {
src = fetchurl { src = fetchurl {
url = "${meta.homepage}/src/gstreamer-editing-services/${name}.tar.xz"; url = "${meta.homepage}/src/gstreamer-editing-services/${name}.tar.xz";
sha256 = "0hx7bwj8li88qq09slvdxlnfq76hr35nyjvd4ixrz5gmkpmrl5fv"; sha256 = "0ax3qbi1m4wcii03ysln3lm8nhw3fr2rd35ndfy4mr4vg2nm5gxw";
}; };
outputs = [ "out" "dev" ]; outputs = [ "out" "dev" ];

View File

@ -10,7 +10,7 @@ let
inherit (stdenv.lib) optionals optionalString; inherit (stdenv.lib) optionals optionalString;
in in
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
name = "gst-plugins-good-1.10.2"; name = "gst-plugins-good-1.10.3";
meta = with stdenv.lib; { meta = with stdenv.lib; {
description = "Gstreamer Good Plugins"; description = "Gstreamer Good Plugins";
@ -26,7 +26,7 @@ stdenv.mkDerivation rec {
src = fetchurl { src = fetchurl {
url = "${meta.homepage}/src/gst-plugins-good/${name}.tar.xz"; url = "${meta.homepage}/src/gst-plugins-good/${name}.tar.xz";
sha256 = "04rksbhjj2yz32g523cfabwqn2s3byd94dpbxghxr0p9ridk53qr"; sha256 = "0mar8ss8bvpz699ql4kgndvna8qsv7kj372py4435ffl6hzfj1sf";
}; };
outputs = [ "out" "dev" ]; outputs = [ "out" "dev" ];

View File

@ -9,7 +9,7 @@
assert withSystemLibav -> libav != null; assert withSystemLibav -> libav != null;
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
name = "gst-libav-1.10.2"; name = "gst-libav-1.10.3";
meta = { meta = {
homepage = "http://gstreamer.freedesktop.org"; homepage = "http://gstreamer.freedesktop.org";
@ -19,7 +19,7 @@ stdenv.mkDerivation rec {
src = fetchurl { src = fetchurl {
url = "${meta.homepage}/src/gst-libav/${name}.tar.xz"; url = "${meta.homepage}/src/gst-libav/${name}.tar.xz";
sha256 = "0g778j7w4vpbhwjzyrzpajvr26nxm6vqby84v8g1w1hz44v71pd3"; sha256 = "1aajayv63ardkbmcg7pnh2d87r067325a5wzinwihaw6n5jw2sws";
}; };
outputs = [ "out" "dev" ]; outputs = [ "out" "dev" ];

View File

@ -6,14 +6,14 @@
let let
inherit (pythonPackages) python pygobject3; inherit (pythonPackages) python pygobject3;
in stdenv.mkDerivation rec { in stdenv.mkDerivation rec {
name = "gst-python-1.10.2"; name = "gst-python-1.10.3";
src = fetchurl { src = fetchurl {
urls = [ urls = [
"${meta.homepage}/src/gst-python/${name}.tar.xz" "${meta.homepage}/src/gst-python/${name}.tar.xz"
"mirror://gentoo/distfiles/${name}.tar.xz" "mirror://gentoo/distfiles/${name}.tar.xz"
]; ];
sha256 = "1sljnqkxf2ix6yzghrapw5irl0rbp8aa8w2hggk7i6d9js10ls71"; sha256 = "1sljnqkxf2ix7yzghrapw5irl0rbp8aa8w2hggk7i6d9js10ls71";
}; };
patches = [ ./different-path-with-pygobject.patch ]; patches = [ ./different-path-with-pygobject.patch ];

View File

@ -5,7 +5,7 @@
}: }:
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
name = "gst-plugins-ugly-1.10.2"; name = "gst-plugins-ugly-1.10.3";
meta = with stdenv.lib; { meta = with stdenv.lib; {
description = "Gstreamer Ugly Plugins"; description = "Gstreamer Ugly Plugins";
@ -22,7 +22,7 @@ stdenv.mkDerivation rec {
src = fetchurl { src = fetchurl {
url = "${meta.homepage}/src/gst-plugins-ugly/${name}.tar.xz"; url = "${meta.homepage}/src/gst-plugins-ugly/${name}.tar.xz";
sha256 = "17gc2zd3v6spmm2d6912sqfcyyv5f2ghdhq31f5kx5mw5r6ds0zk"; sha256 = "1lkb8kznc9wxmhbp7k67b50y27nz8jp2x2flb91xzydz7b89f5f9";
}; };
outputs = [ "out" "dev" ]; outputs = [ "out" "dev" ];

View File

@ -5,11 +5,11 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
name = "gst-vaapi-${version}"; name = "gst-vaapi-${version}";
version = "1.10.2"; version = "1.10.3";
src = fetchurl { src = fetchurl {
url = "${meta.homepage}/src/gstreamer-vaapi/gstreamer-vaapi-${version}.tar.xz"; url = "${meta.homepage}/src/gstreamer-vaapi/gstreamer-vaapi-${version}.tar.xz";
sha256 = "1abzaj9kczap1xmalgzid1k3gqcn1ghnn76cn2kclc1gbfwd4ccy"; sha256 = "07ing6z7n0ylz5vknk3d2lw54a6szd6m8hqc3px6lahmd832ga6f";
}; };
outputs = [ "out" "dev" ]; outputs = [ "out" "dev" ];

View File

@ -3,7 +3,7 @@
}: }:
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
name = "gst-validate-1.10.2"; name = "gst-validate-1.10.3";
meta = { meta = {
description = "Integration testing infrastructure for the GStreamer framework"; description = "Integration testing infrastructure for the GStreamer framework";
@ -14,7 +14,7 @@ stdenv.mkDerivation rec {
src = fetchurl { src = fetchurl {
url = "${meta.homepage}/src/gst-validate/${name}.tar.xz"; url = "${meta.homepage}/src/gst-validate/${name}.tar.xz";
sha256 = "1mwyk3b19aq78mjhmrpc7qqs9flrykrn1j763g5wx546swc489xy"; sha256 = "00icav26pj81cxdykf86rp3jw6lb178ydrqhcck43i94jdb4hsxy";
}; };
outputs = [ "out" "dev" ]; outputs = [ "out" "dev" ];