Update to 1.22.12

2024-06-14 18:16:41 +02:00 · 2024-06-14 18:16:41 +02:00 · 10d1a21b62
commit 10d1a21b62
parent 0f0ca10305
4 changed files with 181 additions and 88 deletions
--- a/.gitignore
+++ b/.gitignore
@ -74,3 +74,10 @@
 /gst-plugins-good-1.18.2.tar.xz
 /gst-plugins-good-1.18.4.tar.xz
 /gst-plugins-good-1.22.1.tar.xz
+/gst-plugins-good-1.22.2.tar.xz
+/gst-plugins-good-1.22.3.tar.xz
+/gst-plugins-good-1.22.5.tar.xz
+/gst-plugins-good-1.22.7.tar.xz
+/gst-plugins-good-1.22.8.tar.xz
+/gst-plugins-good-1.22.9.tar.xz
+/gst-plugins-good-1.22.12.tar.xz
--- a/0001-flacparse-Avoid-integer-overflow-in-available-data-c.patch
+++ b/0001-flacparse-Avoid-integer-overflow-in-available-data-c.patch
@ -1,55 +0,0 @@
-From cf36c771ea7f4e42603c2b5880432bc8c7d3dff1 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
-Date: Tue, 13 Jun 2023 13:20:16 +0300
-Subject: [PATCH] flacparse: Avoid integer overflow in available data check for
- image tags
-
-If the image length as stored in the file is some bogus integer then
-adding it to the current byte readers position can overflow and wrongly
-have the check for enough available data succeed.
-
-This then later can cause NULL pointer dereferences or out of bounds
-reads/writes when actually reading the image data.
-
-Fixes ZDI-CAN-20775
-Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/2661
-
-Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/4894>
---
- .../gst-plugins-good/gst/audioparsers/gstflacparse.c        | 6 +++---
- 1 file changed, 3 insertions(+), 3 deletions(-)
-
-diff --git a/subprojects/gst-plugins-good/gst/audioparsers/gstflacparse.c b/subprojects/gst-plugins-good/gst/audioparsers/gstflacparse.c
-index a53b7ebc77..8ee450c65a 100644
--- a/subprojects/gst-plugins-good/gst/audioparsers/gstflacparse.c
-+++ b/subprojects/gst-plugins-good/gst/audioparsers/gstflacparse.c
-@@ -1111,6 +1111,7 @@ gst_flac_parse_handle_picture (GstFlacParse * flacparse, GstBuffer * buffer)
-   GstMapInfo map;
-   guint32 img_len = 0, img_type = 0;
-   guint32 img_mimetype_len = 0, img_description_len = 0;
-+  const guint8 *img_data;
- 
-   gst_buffer_map (buffer, &map, GST_MAP_READ);
-   gst_byte_reader_init (&reader, map.data, map.size);
-@@ -1137,7 +1138,7 @@ gst_flac_parse_handle_picture (GstFlacParse * flacparse, GstBuffer * buffer)
-   if (!gst_byte_reader_get_uint32_be (&reader, &img_len))
-     goto error;
- 
-  if (gst_byte_reader_get_pos (&reader) + img_len > map.size)
-+  if (!gst_byte_reader_get_data (&reader, img_len, &img_data))
-     goto error;
- 
-   GST_INFO_OBJECT (flacparse, "Got image of %d bytes", img_len);
-@@ -1146,8 +1147,7 @@ gst_flac_parse_handle_picture (GstFlacParse * flacparse, GstBuffer * buffer)
-     if (flacparse->tags == NULL)
-       flacparse->tags = gst_tag_list_new_empty ();
- 
-    gst_tag_list_add_id3_image (flacparse->tags,
-        map.data + gst_byte_reader_get_pos (&reader), img_len, img_type);
-+    gst_tag_list_add_id3_image (flacparse->tags, img_data, img_len, img_type);
-   }
- 
-   gst_buffer_unmap (buffer, &map);
-- 
-2.43.0
-
--- a/gstreamer1-plugins-good.spec
+++ b/gstreamer1-plugins-good.spec
@ -9,18 +9,29 @@
 %bcond_with nasm
 %endif

-%bcond_without qt
+# RHEL 10 will provide Qt 6 and drop Qt 5
+%if 0%{?rhel} >= 10
+%bcond_with qt5
+%else
+%bcond_without qt5
+%endif
+
+%if 0%{?rhel} && 0%{?rhel} < 10
+%bcond_with qt6
+%else
+%bcond_without qt6
+%endif

 #global gitrel     140
 #global gitcommit  9865730cfa5b3a8b2560d082e7e56b350042d3d2
 #global shortcommit %(c=%{gitcommit}; echo ${c:0:5})

 Name:           gstreamer1-plugins-good
-Version:        1.22.1
-Release:        2%{?gitcommit:.git%{shortcommit}}%{?dist}
+Version:        1.22.12
+Release:        1%{?dist}
 Summary:        GStreamer plugins with good code and licensing

-License:        LGPLv2+
+License:        CC0-1.0 AND GPL-2.0-only AND LGPL-2.0-only AND LGPL-2.0-or-later AND LGPL-2.1-only AND LGPL-2.1-or-later AND xlock AND MIT AND BSD-3-Clause AND CC-BY-3.0 
 URL:            http://gstreamer.freedesktop.org/

 %if 0%{?gitrel}
@ -37,8 +48,6 @@ Source0:        http://gstreamer.freedesktop.org/src/gst-plugins-good/gst-plugin
 # See http://www.freedesktop.org/software/appstream/docs/ for more details.
 Source1:        gstreamer-good.appdata.xml

-Patch0:		0001-flacparse-Avoid-integer-overflow-in-available-data-c.patch
-
 BuildRequires:  meson >= 0.48.0
 BuildRequires:  gcc
 BuildRequires:  gcc-c++
@ -72,6 +81,7 @@ BuildRequires:  mesa-libEGL-devel
 BuildRequires:  lame-devel
 BuildRequires:  mpg123-devel
 BuildRequires:  twolame-devel
+#BuildRequires:  qt6-qtshadertools
 %if %{with nasm}
 BuildRequires:  nasm
 %endif
@ -79,7 +89,7 @@ BuildRequires:  libgudev-devel

 # extras
 %if %{with extras}
-BuildRequires:  jack-audio-connection-kit-devel
+BuildRequires:  pipewire-jack-audio-connection-kit-devel
 %ifnarch s390 s390x
 BuildRequires:  libavc1394-devel
 BuildRequires:  libdv-devel
@ -88,6 +98,10 @@ BuildRequires:  libraw1394-devel
 %endif
 %endif

+# The soup elements dynamically load either version of libsoup at runtime,
+# defaulting to libsoup3 if libsoup2 is not already loaded in the process
+Recommends:     libsoup3%{?_isa}
+
 # Obsoletes/Provides moved from plugins-bad-free
 Obsoletes:      gstreamer1-plugin-mpg123 < 1.13.1
 Provides:       gstreamer1-plugin-mpg123 = %{version}-%{release}
@ -121,7 +135,7 @@ good quality and under the LGPL license.

 This package (%{name}-gtk) contains the gtksink output plugin.

-%if %{with qt}
+%if %{with qt5}
 %package qt
 Summary:         GStreamer "good" plugins qt qml plugin
 Requires:        %{name}%{?_isa} = %{version}-%{release}
@ -131,6 +145,8 @@ BuildRequires: pkgconfig(Qt5Qml)
 BuildRequires: pkgconfig(Qt5Quick)
 BuildRequires: pkgconfig(Qt5X11Extras)
 BuildRequires: pkgconfig(Qt5WaylandClient)
+BuildRequires: qt5-qtbase-private-devel
+BuildRequires: qt5-linguist

 Supplements: (gstreamer1-plugins-good and qt5-qtdeclarative)

@ -144,6 +160,31 @@ good quality and under the LGPL license.
 This package (%{name}-qt) contains the qtsink output plugin.
 %endif

+%if %{with qt6}
+%package qt6
+Summary:         GStreamer "good" plugins qt6 qml plugin
+Requires:        %{name}%{?_isa} = %{version}-%{release}
+
+BuildRequires: pkgconfig(Qt6Gui)
+BuildRequires: pkgconfig(Qt6Qml)
+BuildRequires: pkgconfig(Qt6Quick)
+BuildRequires: pkgconfig(Qt6WaylandClient)
+BuildRequires: pkgconfig(Qt6Linguist)
+BuildRequires: qt6-qtbase-private-devel
+BuildRequires: qt6-linguist
+
+Supplements: (gstreamer1-plugins-good and qt6-qtdeclarative)
+
+%description qt6
+GStreamer is a streaming media framework, based on graphs of elements which
+operate on media data.
+
+GStreamer Good Plugins is a collection of well-supported plugins of
+good quality and under the LGPL license.
+
+This package (%{name}-qt6) contains the qml6sink output plugin.
+%endif
+
 %if %{with extras}
 %package extras
 Summary:        Extra GStreamer plugins with good code and licensing
@ -165,7 +206,6 @@ to be installed.

 %prep
 %setup -q -n gst-plugins-good-%{version}
-%patch0 -p3

 %build
 %meson \
@ -186,10 +226,12 @@ to be installed.
  -D dv=%{?with_extras:enabled}%{!?with_extras:disabled} \
  -D dv1394=%{?with_extras:enabled}%{!?with_extras:disabled} \
 %endif
-%if 0%{?_module_build} && "%{_module_name}" == "flatpak-runtime"
+%if 0%{?flatpak_runtime}
  -D v4l2-gudev=disabled \
 %endif
-  -D qt6=disabled
+  -D qt-egl=disabled \
+  -D qt5=%{?with_qt5:enabled}%{!?with_qt5:disabled} \
+  -D qt6=%{?with_qt6:enabled}%{!?with_qt6:disabled}

 %meson_build

@ -292,8 +334,15 @@ find $RPM_BUILD_ROOT -name '*.la' -exec rm -fv {} ';'
 # Plugins with external dependencies
 %{_libdir}/gstreamer-%{majorminor}/libgstgtk.so

+%if %{with qt5}
 %files qt
 %{_libdir}/gstreamer-%{majorminor}/libgstqmlgl.so
+%endif
+
+%if %{with qt6}
+%files qt6
+%{_libdir}/gstreamer-%{majorminor}/libgstqml6.so
+%endif

 %if %{with extras}
 %files extras
@ -307,34 +356,126 @@ find $RPM_BUILD_ROOT -name '*.la' -exec rm -fv {} ';'


 %changelog
-* Wed Jan 17 2024 Wim Taymans <wtaymans@redhat.com> - 1.22.1-2
- CVE-2023-37327: integer overflow leading to heap overwrite in FLAC
-  image tag handling
- Resolves: RHEL-19471
+* Tue Apr 30 2024 Gwyn Ciesla <gwync@protonmail.com> - 1.22.12-1
+- 1.22.12

-* Thu Apr 13 2023 Wim Taymans <wtaymans@redhat.com> - 1.22.1-1
+* Fri Apr 26 2024 Gwyn Ciesla <gwync@protonmail.com> - 1.22.11-2
+- Qt6 re-rebuild
+
+* Thu Apr 18 2024 Gwyn Ciesla <gwync@protonmail.com> - 1.22.11-1
+- 1.22.11
+
+* Thu Apr 18 2024 Jan Grulich <jgrulich@redhat.com> - 1.22.9-1
+- Revert back to 1.22.9 (accidentally merged Rawhide to f40)
+
+* Thu Apr 04 2024 Jan Grulich <jgrulich@redhat.com> - 1.24.0-2
+- Rebuild (qt6)
+
+* Tue Mar 05 2024 Wim Taymans <wtaymans@redhat.com> - 1.24.0-1
+- Update to 1.24.0
+
+* Fri Feb 16 2024 Jan Grulich <jgrulich@redhat.com> - 1.22.9-3
+- Rebuild (qt6)
+
+* Tue Feb 13 2024 Pete Walter <pwalter@fedoraproject.org> - 1.22.9-2
+- Rebuild for libvpx 1.14.x
+
+* Thu Jan 25 2024 Gwyn Ciesla <gwync@protonmail.com> - 1.22.9-1
+- 1.22.9
+
+* Wed Jan 24 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1.22.8-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
+
+* Sat Jan 20 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1.22.8-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
+
+* Mon Dec 18 2023 Gwyn Ciesla <gwync@protonmail.com> - 1.22.8-1
+- 1.22.8
+
+* Wed Nov 29 2023 Jan Grulich <jgrulich@redhat.com> - 1.22.7-2
+- Rebuild (qt6)
+
+* Tue Nov 14 2023 Gwyn Ciesla <gwync@protonmail.com> - 1.22.7-1
+- 1.22.7
+
+* Fri Oct 13 2023 Jan Grulich <jgrulich@redhat.com> - 1.22.5-3
+- Rebuild (qt6)
+
+* Thu Oct 05 2023 Jan Grulich <jgrulich@redhat.com> - 1.22.5-2
+- Rebuild (qt6)
+
+* Fri Jul 21 2023 Wim Taymans <wtaymans@redhat.com> - 1.22.5-1
+- Update to 1.22.5
+- Disable qt-egl and add some BuildRequires to make things compile.
+
+* Thu Jul 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1.22.3-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
+
+* Sun Jun 18 2023 Yaakov Selkowitz <yselkowi@redhat.com> - 1.22.3-2
+- Enable Qt6 plugin, disable Qt5 plugin for RHEL 10
+
+* Thu May 25 2023 Wim Taymans <wtaymans@redhat.com> - 1.22.3-1
+- Update to 1.22.3
+
+* Thu Apr 13 2023 Wim Taymans <wtaymans@redhat.com> - 1.22.2-1
+- Update to 1.22.2
+
+* Mon Mar 13 2023 Wim Taymans <wtaymans@redhat.com> - 1.22.1-1
 - Update to 1.22.1

-* Fri Nov 11 2022 Wim Taymans <wtaymans@redhat.com> - 1.18.4-6
- Fixes for CVE-2022-1920, CVE-2022-1921, CVE-2022-1922, CVE-2022-1923,
-  CVE-2022-1924, CVE-2022-1925, CVE-2022-2122
-  Resolves: rhbz#2131034, rhbz#2131039, rhbz#2131045, rhbz#2131049,
-            rhbz#2131054, rhbz#2131060, rhbz#2131064
+* Wed Feb 15 2023 Tom Callaway <spot@fedoraproject.org> - 1.22.0-2
+- rebuild for new libvpx

-* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 1.18.4-5
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
-  Related: rhbz#1991688
+* Tue Jan 24 2023 Wim Taymans <wtaymans@redhat.com> - 1.22.0-1
+- Update to 1.22.0

-* Tue Jun 22 2021 Mohan Boddu <mboddu@redhat.com> - 1.18.4-4
- Rebuilt for RHEL 9 BETA for openssl 3.0
-  Related: rhbz#1971065
+* Fri Jan 20 2023 Wim Taymans <wtaymans@redhat.com> - 1.21.90-1
+- Update to 1.21.90

-* Fri May 14 2021 Wim Taymans <wtaymans@redhat.com> - 1.18.4-3
+* Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1.20.5-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
+
+* Wed Jan 11 2023 Wim Taymans <wtaymans@redhat.com> - 1.20.5-1
+- Update to 1.20.5
+
+* Thu Oct 13 2022 Wim Taymans <wtaymans@redhat.com> - 1.20.4-1
+- Update to 1.20.4
+
+* Tue Sep 13 2022 Michel Alexandre Salim <salimma@fedoraproject.org> - 1.20.3-3
+- Rebuilt for flac 1.4.0
+
+* Thu Jul 21 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.20.3-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
+
+* Mon Jul 18 2022 Wim Taymans <wtaymans@redhat.com> - 1.20.3-1
+- Update to 1.20.3
+
+* Fri Feb 4 2022 Wim Taymans <wtaymans@redhat.com> - 1.20.0-1
+- Update to 1.20.0
+
+* Thu Jan 27 2022 Tom Callaway <spot@fedoraproject.org> - 1.19.3-4
+- rebuild for libvpx
+
+* Wed Jan 26 2022 Wim Taymans <wtaymans@redhat.com> - 1.19.3-3
+- Fix build
+
+* Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.19.3-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
+
+* Thu Nov 11 2021 Wim Taymans <wtaymans@redhat.com> - 1.19.3-1
+- Update to 1.19.3
+
+* Thu Sep 23 2021 Wim Taymans <wtaymans@redhat.com> - 1.19.2-1
+- Update to 1.19.2
+
+* Thu Jul 22 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.19.1-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
+
+* Thu Jun 03 2021 Wim Taymans <wtaymans@redhat.com> - 1.19.1-1
+- Update to 1.19.1
+
+* Fri May 14 2021 Wim Taymans <wtaymans@redhat.com> - 1.18.4-2
 - Move libdv and friends to extras
- Resolves: rhbz#1960634
-
-* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 1.18.4-2
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937

 * Tue Mar 16 2021 Wim Taymans <wtaymans@redhat.com> - 1.18.4-1
 - Update to 1.18.4
--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (gst-plugins-good-1.22.1.tar.xz) = 41dfb896c4de3d2dd8e2e69c7120f0143b05c6ce4b0e72111ef9994955d104f55e61ffbff0ec5141a0f606e89fb694562f76af86a2497415256bc7bd4c9c701a
+SHA512 (gst-plugins-good-1.22.12.tar.xz) = 06edbec1981681eef13852f21814666ccd9b664892795109d605015e0fe351d9cc3159af3e0ff92aa0d6bf085af8a749333d128544a2ce8b545067b95b7e09c0