An update that fixes one vulnerability, contains one
feature is now available.
Description:
This update for gstreamer, gstreamer-plugins-bad, gstreamer-plugins-base,
gstreamer-plugins-good, gstreamer-plugins-ugly fixes the following issues:
gstreamer was updated to version 1.16.3 (bsc#1181255):
- delay creation of threadpools
- bin: Fix
deep-element-removed
log message
- buffer: fix meta sequence number fallback on rpi
- bufferlist: foreach: always remove as parent if buffer is changed
- bus: Make setting/replacing/clearing the sync handler thread-safe
- elementfactory: Fix missing features in case a feature moves to another
filename
- element: When removing a ghost pad also unset its target
- meta: intern registered impl string
- registry: Use a toolchain-specific registry file on Windows
- systemclock: Invalid internal time calculation causes non-increasing
clock time on Windows
- value: don’t write to
const char *
- value: Fix segfault comparing empty GValueArrays
- Revert floating enforcing
- aggregator: fix iteration direction in skip_buffers
- sparsefile: fix possible crash when seeking
- baseparse: cache fix
- baseparse: fix memory leak when subclass skips whole input buffer
- baseparse: Set the private duration before posting a duration-changed
message
- basetransform: allow not passthrough if generate_output is implemented
- identity: Fix a minor leak using meta_str
- queue: protect against lost wakeups for iterm_del condition
- queue2: Avoid races when posting buffering messages
- queue2: Fix missing/dropped buffering messages at startup
- identity: Unblock condition variable on FLUSH_START
- check: Use
g_thread_yield()
instead of g_usleep(1)
- tests: use cpu_family for arch checks
- gst-launch: Follow up to missing
s/g_print/gst_print/g
- gst-inspect: Add define guard for
g_log_writer_supports_color()
- gst-launch: go back down to
GST_STATE_NULL
in one step.
- device-monitor: list hidden providers before listing devices
- autotools build fixes for GNU make 4.3
gstreamer-plugins-good was updated to version 1.16.3 (bsc#1181255):
- deinterlace: on-the-fly renegotiation
- flacenc: Pass audio info from set_format() to query_total_samples()
explicitly
- flacparse: fix broken reordering of flac metadata
- jack: Use jack_free(3) to release ports
- jpegdec: check buffer size before dereferencing
- pulse: fix discovery of newly added devices
- qtdemux fuzzing fixes
- qtdemux: Add 'mp3 ’ fourcc that VLC seems to produce now
- qtdemux: Specify REDIRECT information in error message
- rtpbin: fix shutdown crash in rtpbin
- rtpsession: rename RTCP thread
- rtpvp8pay, rtpvp9pay: fix caps leak in set_caps()
- rtpjpegdepay: outputs framed jpeg
- rtpjitterbuffer: Properly free internal packets queue in finalize()
- rtspsrc: Don’t return TRUE for unhandled query
- rtspsrc: Avoid stack overflow recursing waiting for response
- rtspsrc: Use the correct type for storing the max-rtcp-rtp-time-diff
property
- rtspsrc: Error out when failling to receive message response
- rtspsrc: Fix for segmentation fault when handling set/get_parameter
requests
- speex: Fix crash on Windows caused by cross-CRT issue
- speexdec: Crash when stopping the pipeline
- splitmuxsrc: Properly stop the loop if no part reader is present
- use gst_element_class_set_metadata when passing dynamic strings
- v4l2videodec: Increase internal bitstream pool size
- v4l2: fix crash when handling unsupported video format
- videocrop: allow properties to be animated by GstController
- videomixer: Don’t leak peer caps
- vp8enc/vp8enc: set 1 for the default value of VP8E_SET_STATIC_THRESHOLD
- wavenc: Fix writing of the channel mask with >2 channels
gstreamer-plugins-bad was updated to version 1.16.3 (bsc#1181255):
-
amcvideodec: fix sync meta copying not taking a reference
-
audiobuffersplit: Perform discont tracking on running time
-
audiobuffersplit: Specify in the template caps that only interleaved
audio is supported
-
audiobuffersplit: Unset DISCONT flag if not discontinuous
-
autoconvert: Fix lock-less exchange or free condition
-
autoconvert: fix compiler warnings with g_atomic on recent GLib versions
-
avfvideosrc: element requests camera permissions even with
capture-screen property is true
-
codecparsers: h264parser: guard against ref_pic_markings overflow
-
dtlsconnection: Avoid segmentation fault when no srtp capabilities are
negotiated
-
dtls/connection: fix EOF handling with openssl 1.1.1e
-
fdkaacdec: add support for mpegversion=2
-
hls: Check nettle version to ensure AES128 support
-
ipcpipeline: Rework compiler checks
-
interlace: Increment phase_index before checking if we’re at the end of
the phase
-
lv2: Make it build with -fno-common
-
h264parser: Do not allocate too large size of memory for registered user
data SEI
-
ladspa: fix unbounded integer properties
-
modplug: avoid division by zero
-
msdkdec: Fix GstMsdkContext leak
-
msdkenc: fix leaks on windows
-
musepackdec: Don’t fail all queries if no sample rate is known yet
-
openslessink: Allow openslessink to handle 48kHz streams.
-
opencv: allow compilation against 4.2.x
-
proxysink: event_function needs to handle the event when it is
disconnecetd from proxysrc
-
vulkan: Drop use of VK_RESULT_BEGIN_RANGE
-
wasapi: added missing lock release in case of error in
gst_wasapi_xxx_reset
-
wasapi: Fix possible deadlock while downwards state change
-
waylandsink: Clear window when pipeline is stopped
-
webrtc: Support non-trickle ICE candidates in the SDP
-
webrtc: Unmap all non-binary buffers received via the datachannel
-
meson: build with neon 0.31
-
Drop upstream fixed patch: gstreamer-h264parser-fix-overflow.patch
-
h264parser: guard against ref_pic_markings overflow (bsc#1181255
CVE-2021-3185)
-
Disable the kate/libtiger plugin. Kate streams for karaoke are not used
anymore, and the source tarball for libtiger is no longer available
upstream. (jsc#SLE-13843)
gstreamer-plugins-ugly was updated to version 1.16.3 (bsc#1181255):
- x264enc: corrected em_data value in CEA-708 CC SEI message
gstreamer-plugins-base was updated to version 1.16.3 (bsc#1181255):
- audioaggregator: Check all downstream allowed caps structures if they
support the upstream rate
- audioaggregator: Fix negotiation with downstream if there is no peer yet
- audioencoder: fix segment event leak
- discoverer: Fix caps handling in
pad-added
signal handler
- discoverer: Start discovering next URI from right thread
- fft: Update our kiss fft version, fixes thread-safety and concurrency
issues and misc other things
- gl: numerous memory fixes (use-after-free, leaks, missing NULL-ify)
- gl/display/egl: ensure debug category is initialized
- gstglwindow_x11: fix resize
- pbutils: Add latest H.264 level values
- rtpbuffer: fix header extension length validation
- video: Fix NV12_64Z32 number of component
- video-format: RGB16/15 are not 16 bit per component but only 5.333 and 5
- video: fix top/bottom field flags
- videodecoder: don’t copy interlace-mode from reference state
- appsrc/appsink: Make setting/replacing callbacks thread-safe
- compositor: Fix checkerboard filling for BGRx/RGBx and UYVY/YUY2/YVYU
- decodebin3: only force streams-selected seqnum after a select-streams
- glupload: Fix fallback from direct dmabuf to dmabuf upload method
- glvideomixer: perform
_get_highest_precision()
on the GL thread
- libvisual: use
gst_element_class_set_metadata()
when passing dynamic
strings
- oggstream: Workaround for broken PAR in VP8 BOS
- subparse: accept WebVTT timestamps without an hour component
- playbin: Handle error message with redirection indication
- textrender: Fix AYUV output.
- typefind: Consider MPEG-PS PSM to be a PES type
- uridecodebin3: default to non-0 buffer-size and buffer-duration,
otherwise it could potentially cause big memory allocations over time
- videoaggregator: Don’t configure NULL chroma-site/colorimetry
- videorate/videoscale/audioresample: Ensure that the caps returned from…
- build: Replace bashisms in configure for Wayland and GLES3
This update was imported from the SUSE:SLE-15-SP2:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product: