From 2d5385f55a7d29975039692629bde3981e5d29cd Mon Sep 17 00:00:00 2001 From: Tim-Philipp Müller Date: Wed, 2 Feb 2022 15:06:15 +0000 Subject: Release 1.18.6 --- ChangeLog | 227 ++++++++++++++++++++++++++++++++++++++++++++++++++ NEWS | 191 ++++++++++++++++++++++++++++++++++++++---- RELEASE | 4 +- gst-plugins-base.doap | 10 +++ meson.build | 2 +- 5 files changed, 417 insertions(+), 17 deletions(-) diff --git a/ChangeLog b/ChangeLog index 78ababc0b..05f1617a1 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,230 @@ +=== release 1.18.6 === + +2022-02-02 15:06:15 +0000 Tim-Philipp Müller + + * ChangeLog: + * NEWS: + * RELEASE: + * gst-plugins-base.doap: + * meson.build: + Release 1.18.6 + +2021-11-21 17:52:48 -0500 Jeremy Cline + + * gst-libs/gst/tag/gsttagdemux.c: + tagdemux: Fix crash when presented with malformed files + There's a race condition in gsttagdemux.c between typefinding and the + end-of-stream event. If TYPE_FIND_MAX_SIZE is exceeded, + demux->priv->collect is set to NULL and an error is returned. However, + the end-of-stream event causes one last attempt at typefinding to occur. + This leads to gst_tag_demux_trim_buffer() being called with the NULL + demux->priv->collect buffer which it attempts to dereference, resulting + in a segfault. + The malicious MP3 can be created by: + printf "\x49\x44\x33\x04\x00\x00\x00\x00\x00\x00%s", \ + "$(dd if=/dev/urandom bs=1K count=200)" > malicious.mp3 + This creates a valid ID3 header which gets us as far as typefinding. The + crash can then be reproduced with the following pipeline: + gst-launch-1.0 -e filesrc location=malicious.mp3 ! queue ! decodebin ! audioconvert ! vorbisenc ! oggmux ! filesink location=malicious.ogg + Fixes https://gitlab.freedesktop.org/gstreamer/gst-plugins-base/-/issues/959 + Part-of: + +2021-04-20 11:06:09 +0300 Jordan Petridis + + * gst-libs/gst/video/gstvideoencoder.c: + gstvideoencoder: make sure the buffer is writable before modifying metadata + Similar to ae8d0cf3acfaf79d8479647a55bd44b8453d07df + Part-of: + +2021-12-10 20:09:42 +0900 Seungha Yang + + * gst-libs/gst/video/video-converter.c: + video-converter: Fix for broken gamma remap with high bitdepth YUV output + Scale down the matrix before calculating RGB -> YUV matrix + otherwise offset values will be wrong + Fixing pipeline + videotestsrc ! video/x-raw,format=ARGB ! videoconvert gamma-mode=remap ! \ + video/x-raw,format=P010_10LE,colorimetry="bt2020" + Part-of: + +2022-01-15 19:03:33 +0100 Tomasz Andrzejak + + * gst-libs/gst/sdp/gstsdpmessage.c: + * tests/check/libs/sdp.c: + Add FEC SDP message test + Part-of: + +2022-01-15 17:02:52 +0100 Tomasz Andrzejak + + * gst-libs/gst/sdp/gstsdpmessage.c: + sdpmessage: fix mapping single char fmtp params + Part-of: + +2021-06-08 14:55:36 +1000 Matthew Waters + + * ext/ogg/gstoggdemux.c: + oggdemux: fix a race in push mode when performing the duration seek + There may be two or more threads involved here however the important + interaction is the use of ogg->seeK_event_drop_till value that was only + set in the push-mode seek-event thread and could race with upstream + sending e.g. and EOS (or data). + Scenario is this: + 1. oggdemux performs a seek to near the end of the file to try and find + the duration. ogg->push_state is set to PUSH_DURATION. + 2. Seek is picked up by the dedicated seek event thread and sets + ogg->seek_event_drop_till to the seek event's seqnum. + 3. Most operations are blocked or dropped waiting on the duration to + be determined and processing continues until a duration is found. + 4. Two branching options for how this ultimately plays out + 4a. The source is too fast and we receive an EOS event which is dropped + because ogg->push_state == PUSH_DURATION. In this case everything + works. + 4b. We hit our 'almost at the end' check in + gst_ogg_pad_handle_push_mode_state() and attempt to seek back to the + beginning (or to a user-provided seek). This seek is marshalled to + the seek event thread without setting ogg->seek_event_drop_till but + with change ogg->push_state = PUSH_PLAYING. If an EOS event or + e.g. buffers arrive from upstream before the seek event thread has + picked up the seek event, then the EOS/data is processed as if it + came as a result of the seek event. This is the case that fails. + The fix is two-fold: + 1. Preemptively set ogg->seek_event_drop_till when setting the seek + event so that data and other events can be dropped correctly. + 2. In addition to dropping and EOS events while ogg->push_state == + PUSH_DURATION, also drop any EOS events that are received before the + seek event has been processed by also tracking the seqnum of the seek. + Part-of: + +2022-01-13 23:00:41 +0900 Seungha Yang + + * gst/playback/gsturidecodebin.c: + uridecodebin: Fix critical warnings + Don't pass non-GstObject object to there. + Part-of: + +2021-12-20 21:37:18 +0530 Nirbheek Chauhan + + * gst-libs/gst/audio/audio-converter.c: + * gst-libs/gst/audio/audio-resampler.c: + audio-converter: Fix resampling when there's nothing to output + Sometimes we can't output anything because we don't have enough + incoming frames. In that case, the resampler was trying to call + do_quantize() and do_resample() in a loop forever because there would + never be samples to output (so chain->samples would always be NULL). + Fix this by not calling chain->make_func() in a loop -- seems + completely unnecessary since calling it over and over won't change + anything if the make_func() can't output samples. + Also add some checks for the input and / or output being NULL when + doing conversion or quantization. This will happen when we have + nothing to output. + We can't bail early, because we need resampler->samples_avail to be + updated in gst_audio_resampler_resample(), so we must call that and + no-op everything along the way. + Part-of: + +2021-11-19 00:09:03 +0100 Thomas Klausner + + * gst/tcp/gstmultifdsink.c: + tcp: fix build on Solaris + Add missing header. + From Claes Nästén via http://gnats.netbsd.org/56509 + Part-of: + +2021-11-16 13:14:25 +0100 Víctor Manuel Jáquez Leal + + * gst/playback/gsturidecodebin3.c: + uridecodebin3: Nullify current item after all play items are freed. + There's a potential race condition with this sort of pipelines on + certain systems (depends on the processing load): + GST_DEBUG_DUMP_DOT_DIR=/tmp \ + gst-launch-1.0 uridecodebin3 uri=file://stream.mp4 ! glupload ! \ + glimagesink --gst-debug=*:4 + Right after the pipeline passes from PAUSED to READY, bin_to_dot_file + dumps uridecodebin3 properties, but current uri and suburi might be + already freed, causing a potential use-after-freed. + This patch makes NULL the current item right after all the play items + are freed. + Part-of: + +2021-11-12 18:26:58 +0530 Nirbheek Chauhan + + * gst-libs/gst/audio/audio-resampler.c: + audio-resampler: Fix segfault when we can't output any frames + Sometimes the resampler has enough space to store all the incoming + samples without outputting anything. When this happens, + gst_audio_resampler_get_out_frames() returns 0. + In that case, the resampler should consume samples and just return. + Otherwise, we get a segfault when gst_audio_resampler_resample() tries + to resample into a NULL 'out' pointer. + Part-of: + +2021-09-24 15:02:27 +1000 Matthew Waters + + * gst/playback/gstplaybin2.c: + * gst/playback/gstplaybin3.c: + playbin2/3: autoplug/caps: don't expand caps to ANY + Retrieving the pad template caps from a ghost pad returns ANY which when + merged with any other caps will return ANY. ANY is not very specific + and may cause suboptimal code paths in e.g. decoders that assume the + lowest common denominator when presented with ANY caps. + Fixes negotiating dma-buf with vaapidecodebin between glupload in the + video sink element. + Part-of: + +2021-10-09 05:39:38 +1100 Jan Schmidt + + * gst/playback/gsturidecodebin3.c: + * gst/playback/gsturisourcebin.c: + uridecodebin3/urisourcebin: Reusability fixes + Improvements to uridecodebin3 and urisourcebin so that they are + reusable across a PAUSED->READY->PAUSED transition. + Disconnect and release decodebin3 request pads when urisourcebin + removes src pads. + In urisourcebin, make sure to remove src pads that are exposed + directly (raw pads and static typefind srcpads) when + cleaning up. + Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/768 + Part-of: + +2021-04-21 22:40:35 -0400 Thibault Saunier + + * gst/playback/gsturisourcebin.c: + playback: Handle sources with dynamic pads and pads already present + In case we already have a pad but more might be added later we were + ignoring the new pads added later, we should track the element + new pads and expose them as they are added. + Part-of: + +2021-09-07 13:55:08 +0200 Tobias Ronge + + * gst-libs/gst/rtsp/gstrtspconnection.c: + rtspconnection: Only reset timeout when socket is unused + After sending or retrieving data, gstrtspconnection resets the socket's + timeout to 0 (infinite). This could cause problems if sending and + receiving at the same time. For example, if RTCP data is sent from the + streaming thread while gstrtspsrc is already retrieving data. + With this patch, timeout is only reset to 0 if there is no other + thread using the socket. + Part-of: + +2020-12-14 07:42:55 +0100 Fabrice Fontaine + + * gst-libs/gst/video/gstvideoaggregator.c: + gst-libs/gst/video/gstvideoaggregator.c: fix build with gcc 4.8 + Fix the following build failure with gcc 4.8 which has been added with + https://gitlab.freedesktop.org/gstreamer/gst-plugins-base/-/commit/d268c193ad39fb970351ed62898be806ebd0a71e: + ../gst-libs/gst/video/gstvideoaggregator.c: In function 'gst_video_aggregator_init': + ../gst-libs/gst/video/gstvideoaggregator.c:2762:3: error: 'for' loop initial declarations are only allowed in C99 mode + for (gint i = 0; i < gst_caps_get_size (src_template); i++) { + ^ + Signed-off-by: Fabrice Fontaine + Part-of: + +2021-09-09 00:12:33 +0100 Tim-Philipp Müller + + * meson.build: + Back to development + === release 1.18.5 === 2021-09-08 20:02:20 +0100 Tim-Philipp Müller diff --git a/NEWS b/NEWS index 17f17457b..d46aab467 100644 --- a/NEWS +++ b/NEWS @@ -2,13 +2,13 @@ GStreamer 1.18 Release Notes GStreamer 1.18.0 was originally released on 8 September 2020. -The latest bug-fix release in the 1.18 series is 1.18.5 and was released -on 8 September 2021. +The latest bug-fix release in the 1.18 series is 1.18.6 and was released +on 2 February 2022. See https://gstreamer.freedesktop.org/releases/1.18/ for the latest version of this document. -Last updated: Wednesday 8 September 2021, 11:00 UTC (log) +Last updated: Wednesday 2 February 2022, 11:30 UTC (log) Introduction @@ -2103,9 +2103,8 @@ Possibly Breaking Changes Known Issues - GStreamer 1.18 versions <= 1.18.4 would fail to build on Linux with - Meson 0.58 due to an issue with the include directories. Either - apply the patch or build with an older Meson version (<= 0.57) until - there is a GStreamer 1.18.5 release that includes the fix. + Meson 0.58 due to an issue with the include directories. + GStreamer >= 1.18.5 includes a fix for this. Contributors @@ -3183,16 +3182,180 @@ List of merge requests and issues fixed in 1.18.5 - List of Merge Requests applied in 1.18.5 - List of Issues fixed in 1.18.5 -Schedule for 1.20 +1.18.6 + +The sixth 1.18 bug-fix release (1.18.6) was released on 2 February 2022. + +This release only contains bugfixes and security fixes and it should be +safe to update from 1.18.x. + +Highlighted bugfixes in 1.18.6 + +- tagdemux: Fix crash when presented with malformed files (security + fix) +- video-converter: Fix broken gamma remap with high bitdepth YUV + output +- shout2send: Fix issues with libshout >= 2.4.2 +- mxfdemux: fix regression with VANC tracks that only contains packet + types we don’t handle +- Better plugin loading error reporting on Windows +- Fixes for deprecations in Python 3.10 +- build fixes, memory leak fixes, reliability fixes +- security fixes + +gstreamer + +- gstplugin: Fix for UWP build +- gstplugin: Better warnings on plugin load failure on Windows +- gst-ptp-helper: Do not disable multicast loopback +- concat: fix qos event handling +- pluginfeature: Fix object leak +- baseparse: fix invalid avg_bitrate after reset +- multiqueue: Fix query unref race on flush +- gst: Initialize optional event/message fields when parsing +- bitwriter: Fix the trailing bits lost when getting its data. +- multiqueue: never consider a queue that is not waiting +- input-selector: Use proper segments when cleaning cached buffers + +gst-plugins-base + +- tagdemux: Fix crash when presented with malformed files (security + fix) +- videoencoder: make sure the buffer is writable before modifying + metadata +- video-converter: Fix for broken gamma remap with high bitdepth YUV + output +- sdpmessage: fix mapping single char fmtp params +- oggdemux: fix a race in push mode when performing the duration seek +- uridecodebin: Fix critical warnings +- audio-converter: Fix resampling when there’s nothing to output +- tcp: fix build on Solaris +- uridecodebin3: Nullify current item after all play items are freed. +- audio-resampler: Fix segfault when we can’t output any frames +- urisourcebin: Handle sources with dynamic pads and pads already + present +- playbin2/3: autoplug/caps: don’t expand caps to ANY +- uridecodebin3/urisourcebin: Reusability fixes +- rtspconnection: Only reset timeout when socket is unused +- gstvideoaggregator.c: fix build with gcc 4.8 + +gst-plugins-good + +- rtspsrc: Fix critical while serializing timeout element message +- multifilesrc: fix caps leak +- shout2: Add compatibility for libshout >= 2.4.2 shout_open return + values +- v4l2: Update fmt if padded height is greater than fmt height +- v4l2bufferpool: set video alignment of video meta +- qtmux: fix deadlock in gst_qt_mux_prepare_moov_recovery +- matroska: Add support for muxing/demuxing ffv1 +- qtdemux: Try to build AAC codec-data whenever it’s possible + +gst-plugins-bad + +- interlace: Fix a double-unref on shutdown +- webrtcbin: Chain up to parent constructed method +- webrtc: fix log error message in function + gst_webrtc_bin_set_local_description +- mxfdemux: don’t error out if VANC track only contains packets we + don’t handle +- av1parser: Fix data type of film grain param +- assrender: Support RFC8081 mime types +- pitch: Specify layout as required for negotiation +- magicleap: update lumin_rt libraries names to the latest official + version +- codecs: h265decoder: Fix per-slice leak +- mpeg4videoparse: fix criticals trying to insert configs that don’t + exist yet +- webrtcbin: Always set SINK/SRC flags +- mpegtspacketizer: memcmp potentially seen_before data +- zxing: update to support version 1.1.1 + +gst-plugins-ugly + +- No changes + +gst-libav + +- avcodecmap: Add support for GBRA_10LE/BE + +gst-rtsp-server + +- rtsp-stream: fix get_rates raciness +- rtsp-media: Only unprepare a media if it was not already unpreparing + anyway +- rtsp-media: Unprepare suspended medias too +- rtsp-client: make sure sessmedia will not get freed while used +- rtsp-media: Also mark receive-only (RECORD) medias as prepared when + unsuspending +- rtsp-session: Don’t unref medias twice if it is removed inside… +- examples: Fix leak in appsrc2 example + +gstreamer-vaapi + +- libs: video-format: Check if formats map is not NULL +- vaapidecode: Autogenerate caps template +- vaapipostproc: copy over metadata also when using system allocated + buffer + +gst-python + +- Avoid treating float as int (fix for Python 3.10) + +gst-editing-services + +- meson: Remove duplicate definition of ‘examples’ option + +gst-devtools -Our next major feature release will be 1.20, and 1.19 will be the -unstable development version leading up to the stable 1.20 release. The -development of 1.19/1.20 will happen in the git master branch. +- No changes + +gst-integration-testsuites + +- No changes + +gst-build + +- env: Fix deprecations from python 3.10 +- Various fixes for macOS +- update FFmpeg wrap to 4.3.3 + +Cerbero build tool and packaging changes in 1.18.6 + +- Some fixes for Fedora 34 +- cerbero: Backport fix for removed loop param of PriorityQueue() +- cerbero: Fix support for Fedora 35 +- Add support for Visual Studio 2022 +- openssl.recipe: Fix crash on iOS TestFlight +- UnixBootstrapper: remove sudo as root user +- bzip2.recipe: bump version to 1.0.8 +- openssl.recipe: upgrade to version 1.1.1l + +Contributors to 1.18.6 + +Antonio Ospite, Célestin Marot, Dave Piché, Erlend Eriksen, Fabrice +Fontaine, Guillaume Desmottes, Haihua Hu, He Junyan, Jakub Adam, Jan +Alexander Steffens (heftig), Jan Schmidt, Jeremy Cline, Jordan Petridis, +Mathieu Duponchelle, Matthew Waters, Mengkejiergeli Ba, Michael Gruner, +Nirbheek Chauhan, Ognyan Tonchev, Pascal Hache, Rafał Dzięgiel, +Sebastian Dröge, Seungha Yang, Stéphane Cerveau, Teng En Ung,Thibault +Saunier, Thomas Klausner, Tim-Philipp Müller, Tobias Reineke, Tobias +Ronge, Tomasz Andrzejak, Trung Do, Víctor Manuel Jáquez Leal, Vivia +Nikolaidou, + +… and many others who have contributed bug reports, translations, sent +suggestions or helped testing. Thank you all! + +List of merge requests and issues fixed in 1.18.6 + +- List of Merge Requests applied in 1.18.6 +- List of Issues fixed in 1.18.6 + +Schedule for 1.20 -The plan for the 1.20 development cycle is yet to be confirmed, but it -is now expected that feature freeze will take place some time in -September/October 2021, with the first 1.20 stable release hopefully -towards the end of October 2021. +Our next major feature release will be 1.20, and will be released in +early February 2022. You can track its progress on the 1.20 Release +Notes page. 1.20 will be backwards-compatible to the stable 1.18, 1.16, 1.14, 1.12, 1.10, 1.8, 1.6, 1.4, 1.2 and 1.0 release series. diff --git a/RELEASE b/RELEASE index 14af7a345..c3e1f4311 100644 --- a/RELEASE +++ b/RELEASE @@ -1,4 +1,4 @@ -This is GStreamer gst-plugins-base 1.18.5. +This is GStreamer gst-plugins-base 1.18.6. The GStreamer team is thrilled to announce a new major feature release of your favourite cross-platform multimedia framework! @@ -82,7 +82,7 @@ for more details. For help and support, please subscribe to and send questions to the gstreamer-devel mailing list (see below for details). -There is also a #gstreamer IRC channel on the Freenode IRC network. +There is also a #gstreamer IRC channel on the OFTC IRC network. ==== Developers ==== diff --git a/gst-plugins-base.doap b/gst-plugins-base.doap index 06e35d62f..9c2d88042 100644 --- a/gst-plugins-base.doap +++ b/gst-plugins-base.doap @@ -34,6 +34,16 @@ A wide range of video and audio decoders, encoders, and filters are included. + + + 1.18.6 + 1.18 + + 2022-02-02 + + + + 1.18.5 diff --git a/meson.build b/meson.build index a4519259a..502e321cc 100644 --- a/meson.build +++ b/meson.build @@ -1,5 +1,5 @@ project('gst-plugins-base', 'c', - version : '1.18.5.1', + version : '1.18.6', meson_version : '>= 0.48', default_options : [ 'warning_level=1', 'buildtype=debugoptimized' ]) -- cgit v1.2.3