gstreamer

mirror of https://gitlab.freedesktop.org/gstreamer/gstreamer.git synced 2025-01-28 18:18:38 +00:00

History

Sebastian Dröge 14d306da6d qtdemux: Fix integer overflows in zlib decompression code Various variables were of smaller types than needed and there were no checks for any overflows when doing additions on the sizes. This is all checked now. In addition the size of the decompressed data is limited to 200MB now as any larger sizes are likely pathological and we can avoid out of memory situations in many cases like this. Also fix a bug where the available output size on the next iteration in the zlib decompression code was provided too large and could potentially lead to out of bound writes. Thanks to Adam Doupe for analyzing and reporting the issue. CVE: tbd https://gstreamer.freedesktop.org/security/sa-2022-0003.html Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225 Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/2610>		2022-06-15 17:50:55 +00:00
..
gst-devtools	Bump GLib requirement to >= 2.62	2022-06-10 06:01:41 +00:00
gst-docs	Docs: Add the design document for DMA buffer sharing.	2022-06-07 02:28:49 +00:00
gst-editing-services	Bump GLib requirement to >= 2.62	2022-06-10 06:01:41 +00:00
gst-examples	gst-examples: continue if webrtc deps are not satisfied	2022-05-14 09:49:33 +00:00
gst-integration-testsuites
gst-libav
gst-omx	Bump GLib requirement to >= 2.62	2022-06-10 06:01:41 +00:00
gst-plugins-bad	decklinkvideosink: Fix selection of > PAL widescreen modes	2022-06-15 13:23:51 +00:00
gst-plugins-base	decodebin3: fix EOS event sequence	2022-06-15 07:19:30 +00:00
gst-plugins-good	qtdemux: Fix integer overflows in zlib decompression code	2022-06-15 17:50:55 +00:00
gst-plugins-ugly	Bump GLib requirement to >= 2.62	2022-06-10 06:01:41 +00:00
gst-python
gst-rtsp-server	Bump GLib requirement to >= 2.62	2022-06-10 06:01:41 +00:00
gstreamer	queuearray: Fix potential heap overflow when expanding GstQueueArray	2022-06-15 15:42:40 +00:00
gstreamer-sharp
gstreamer-vaapi	vaapi: Do not disable the whole vpp when some va operations not available.	2022-06-15 03:47:36 +00:00
macos-bison-binary
win-flex-bison-binaries
win-nasm
avtp.wrap
bindinator.wrap
cairo.wrap
dav1d.wrap
dssim.wrap	Pin all wrap files to closest tag or commit sha1	2021-10-14 22:34:49 +00:00
dv.wrap
expat.wrap
fdk-aac.wrap
FFmpeg.wrap
fontconfig.wrap
freetype2.wrap
fribidi.wrap
gl-headers.wrap
glib-networking.wrap
glib.wrap
graphene.wrap
gst-plugins-rs.wrap
gtk-sharp.wrap
harfbuzz.wrap
json-glib.wrap
lame.wrap
libdrm.wrap
libffi.wrap
libjpeg-turbo.wrap
libmicrodns.wrap
libnice.wrap
libopenjp2.wrap
libpng.wrap
libpsl.wrap
libsoup.wrap
libwpe.wrap
libxml2.wrap
ogg.wrap
openh264.wrap
opus.wrap
orc.wrap
pango.wrap	subprojects: pin pango wrap to tag	2021-08-08 19:42:24 +01:00
pcre.wrap
pixman.wrap
proxy-libintl.wrap
pycairo.wrap
pygobject.wrap
sqlite3.wrap
vorbis.wrap
webrtc-audio-processing.wrap
wpebackend-fdo.wrap
x264.wrap
zlib.wrap