packages/gstreamer1-plugins-base
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!38 [sync] PR-34: fix CVE-2023-37328

Browse Source 
From: @openeuler-sync-bot 
Reviewed-by: @weidongkl 
Signed-off-by: @weidongkl
This commit is contained in:
openeuler-ci-bot 2024-03-26 05:58:28 +00:00 committed by Gitee
commit 28d7758e1d
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 31 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
CVE-2023-37328.patch Normal file
View File

@ -0,0 +1,25 @@
From 18b887d30a81deadd600017265cb61f5d0e1bea0 Mon Sep 17 00:00:00 2001
From: technology208 <technology@208suo.com>
Date: Thu, 14 Mar 2024 15:54:38 +0800
Subject: [PATCH] Create Patch
---
gst/subparse/gstsubparse.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/gst/subparse/gstsubparse.c b/gst/subparse/gstsubparse.c
index 4254158..e8d3eca 100644
--- a/gst/subparse/gstsubparse.c
+++ b/gst/subparse/gstsubparse.c
@@ -814,7 +814,7 @@ subrip_fix_up_markup (gchar ** p_txt, gconstpointer allowed_tags_ptr)
}
if (*next_tag == '<' && *(next_tag + 1) == '/') {
- end_tag = strchr (cur, '>');
+ end_tag = strchr (next_tag, '>');
if (end_tag) {
const gchar *last = NULL;
if (num_open_tags > 0)
--
2.33.0

7
gstreamer1-plugins-base.spec
View File

@ -3,7 +3,7 @@
Name: gstreamer1-plugins-base
Version: 1.18.4
Release: 5
Release: 6
Summary: GStreamer streaming media framework base plugins
License: LGPLv2+
URL: http://gstreamer.freedesktop.org/
@ -13,6 +13,7 @@ Patch0: 0001-missing-plugins-Remove-the-mpegaudioversion-field.patch
Patch1000: gst-plugins-base-1.18.4-sw.patch
Patch6000: backport-xclaesse-fix-meson-0-58.patch
Patch6001: CVE-2023-37328.patch
BuildRequires: gcc-c++ gstreamer1-devel >= %{version} gobject-introspection-devel >= 1.31.1 iso-codes-devel alsa-lib-devel
BuildRequires: cdparanoia-devel libogg-devel >= 1.0 libtheora-devel >= 1.1 libvisual-devel libvorbis-devel >= 1.0 libXv-devel
@ -53,6 +54,7 @@ This package provides manual for developpers.
%patch0 -p1
%patch1000 -p1
%patch6000 -p1
%patch6001 -p1
%build
%meson -D doc=disabled -D gtk_doc=disabled -D orc=enabled \
@ -268,6 +270,9 @@ find $RPM_BUILD_ROOT -name '*.la' -exec rm -fv {} ';'
%{_mandir}/man1/gst-device-monitor-*.gz
%changelog
* Fri Mar 15 2024 technology208 <technology@208suo.com> - 1.18.4-6
- fix CVE-2023-37328
* Sun Feb 04 2024 yangchenguang <yangchenguang@kylinsec.com.cn> - 1.18.4-5
- Add build sw_64 support