GStreamer plugins with good code and licensing
Backport 4 upstream patches from GStreamer MR !11811 to fix CVE-2026-53705 (integer overflow vulnerabilities in wavpackdec). The patches address: - Integer overflow in output buffer size allocation - Use of correctly-sized variable types - Integer overflow in input buffer size check - Unmapping input buffer directly after decoding Paths were adjusted from upstream monorepo layout to match the RHEL 8 standalone source tree, and conflicts were resolved for 3 of the 4 patches due to differences in the 1.16.1 codebase. CVE: CVE-2026-53705 Upstream patches: - |
||
|---|---|---|
| .gitignore | ||
| 0001-matroskademux-Fix-extraction-of-multichannel-WavPack.patch | ||
| 0001-rtpqdm2depay-error-out-if-anyone-tries-to-use-this-e.patch | ||
| 0002-matroskademux-Initialize-track-context-out-parameter.patch | ||
| 0003-flacparse-Avoid-integer-overflow-in-available-data-c.patch | ||
| 0004-qtdemux-Avoid-integer-overflow-when-parsing-Theora-e.patch | ||
| 0005-gdkpixbufdec-Check-if-initializing-the-video-info-ac.patch | ||
| 0006-matroskademux-Only-unmap-GstMapInfo-in-WavPack-heade.patch | ||
| 0007-matroskademux-Fix-off-by-one-when-parsing-multi-chan.patch | ||
| 0008-qtdemux-Fix-integer-overflow-when-allocating-the-sam.patch | ||
| 0009-qtdemux-Make-sure-only-an-even-number-of-bytes-is-pr.patch | ||
| gating.yaml | ||
| gstreamer1-plugins-good-1.16.1-CVE-2026-53705.patch | ||
| gstreamer1-plugins-good.spec | ||
| sources | ||