packages/gstreamer1-plugins-base
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!35 fix CVE-2023-37328

Browse Source 
From: @technology208 
Reviewed-by: @weidongkl, @small_leek 
Signed-off-by: @small_leek
This commit is contained in:
openeuler-ci-bot 2024-03-25 07:32:21 +00:00 committed by Gitee
commit 7285a296eb
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 32 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
CVE-2023-37328.patch Normal file
View File

@ -0,0 +1,25 @@
From 18b887d30a81deadd600017265cb61f5d0e1bea0 Mon Sep 17 00:00:00 2001
From: technology208 <technology@208suo.com>
Date: Thu, 14 Mar 2024 15:54:38 +0800
Subject: [PATCH] Create Patch
---
gst/subparse/gstsubparse.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/gst/subparse/gstsubparse.c b/gst/subparse/gstsubparse.c
index 4254158..e8d3eca 100644
--- a/gst/subparse/gstsubparse.c
+++ b/gst/subparse/gstsubparse.c
@@ -814,7 +814,7 @@ subrip_fix_up_markup (gchar ** p_txt, gconstpointer allowed_tags_ptr)
}
if (*next_tag == '<' && *(next_tag + 1) == '/') {
- end_tag = strchr (cur, '>');
+ end_tag = strchr (next_tag, '>');
if (end_tag) {
const gchar *last = NULL;
if (num_open_tags > 0)
--
2.33.0

8
gstreamer1-plugins-base.spec
View File

@ -3,7 +3,8 @@
Name: gstreamer1-plugins-base
Version: 1.16.2
Release: 3
Release: 4
Summary: GStreamer streaming media framework base plugins
License: LGPLv2+
URL: http://gstreamer.freedesktop.org/
@ -13,6 +14,7 @@ Patch0: 0001-missing-plugins-Remove-the-mpegaudioversion-field.patch
Patch1: Adapt-to-backwards-incompatible-change-in-GUN.patch
Patch6000: backport-CVE-2021-3522.patch
Patch6001: CVE-2023-37328.patch
BuildRequires: gcc-c++ gstreamer1-devel >= %{version} gobject-introspection-devel >= 1.31.1 iso-codes-devel alsa-lib-devel
BuildRequires: cdparanoia-devel libogg-devel >= 1.0 libtheora-devel >= 1.1 libvisual-devel libvorbis-devel >= 1.0 libXv-devel
@ -58,6 +60,7 @@ This package provides manual for developpers.
%patch0 -p1
%patch1 -p1
%patch6000 -p1
%patch6001 -p1
%build
NOCONFIGURE=1 \
@ -279,6 +282,9 @@ find $RPM_BUILD_ROOT -name '*.la' -exec rm -fv {} ';'
%{_mandir}/man1/gst-device-monitor-*.gz
%changelog
* Fri Mar 15 2024 technology208 <technology@208suo.com> - 1.16.2-4
- fix CVE-2023-37328
* Mon Oct 16 2023 wangkai <13474090681@163.com> - 1.16.2-3
- Compatible with gstreamer-plugins-base packages