media-plugins/gst-plugins-libav[libav] uses bundled copy of FFmpeg, because Libav is not supported by upstream. New versions of FFmpeg often contain security fixes. In order to make users of USE="libav" less vulnerable, I suggest that media-plugins/gst-plugins-libav[libav] use the newest compatible version FFmpeg. Implementation is simple and has been successfully tested: - Unpacking FFmpeg archive and replacing gst-libs/ext/libav directory (containing bundled copy of FFmpeg) with newer version of FFmpeg. - Versions of media-plugins/gst-plugins-libav ebuilds would have version of FFmpeg appended. (E.g. gst-plugins-libav-1.14.3.3.4.4.ebuild means gst-plugins-libav 1.14.3 and FFmpeg 3.4.4.)
Created attachment 547454 [details] gst-plugins-libav-1.14.3.3.4.4.ebuild
Created attachment 547456 [details, diff] Difference between ebuilds for easier review
Details about media-plugins/gst-plugins-libav-1.14.3: - Version of bundled copy of FFmpeg is 3.4.2. - Updating FFmpeg to 3.4.4 would provide the following fixes mentioned in Changelog file of FFmpeg: """ version 3.4.4: - avcodec/dvdsub_parser: Allocate input padding - avcodec/dvdsub_parser: Init output buf/size - avcodec/dirac_dwt_template: Fix signedness regression in interleave() - avformat/movenc: Write version 2 of audio atom if channels is not known - swresample/arm: rename labels to fix xcode build error - avcodec/imgconvert: fix possible null pointer dereference version 3.4.3: - avformat/movenc: Check input sample count - avcodec/mjpegdec: Check for odd progressive RGB - avformat/movenc: Check that frame_types other than EAC3_FRAME_TYPE_INDEPENDENT have a supported substream id - avcodec/vp8_parser: Do not leave data/size uninitialized - avformat/mms: Add missing chunksize check - avformat/pva: Check for EOF before retrying in read_part_of_packet() - avformat/rmdec: Do not pass mime type in rm_read_multi() to ff_rm_read_mdpr_codecdata() - avformat/asfdec_o: Check size_bmp more fully - avcodec/indeo4: Check for end of bitstream in decode_mb_info() - avcodec/shorten: Fix undefined addition in shorten_decode_frame() - avcodec/shorten: Fix undefined integer overflow - avcodec/jpeg2000dec: Fixes invalid shifts in jpeg2000_decode_packets_po_iteration() - avcodec/jpeg2000dec: Check that there are enough bytes for all tiles - avformat/movenc: Do not pass AVCodecParameters in avpriv_request_sample - avcodec/escape124: Fix spelling errors in comment - avcodec/ra144: Fix integer overflow in ff_eval_refl() - avcodec/cscd: Check output buffer size for lzo. - avcodec/escape124: Check buf_size against num_superblocks - avcodec/h264_parser: Reduce needed history for parsing mb index - avcodec/magicyuv: Check bits left in flags&1 branch - avcodec/mjpegdec: Check for end of bitstream in ljpeg_decode_rgb_scan() - avcodec/aacdec_fixed: Fix undefined integer overflow in apply_independent_coupling_fixed() - avcodec/dirac_dwt_template: Fix undefined behavior in interleave() - avutil/common: Fix undefined behavior in av_clip_uintp2_c() - fftools/ffmpeg: Fallback to duration if sample rate is unavailable - avformat/mov: Only set pkt->duration to non negative values - avcodec/h264_slice: Fix overflow in recovery_frame computation - avcodec/h264_ps: Move MAX_LOG2_MAX_FRAME_NUM to header so it can be used in h264_sei - avcodec/h264_mc_template: Only prefetch motion if the list is used. - avcodec/xwddec: Use ff_set_dimensions() - avcodec/wavpack: Fix overflow in adding tail - avcodec/shorten: Fix multiple integer overflows - avcodec/shorten: Fix undefined shift in fix_bitshift() - avcodec/shorten: Fix a negative left shift in shorten_decode_frame() - avcodec/shorten: Sanity check nmeans - avcodec/shorten: Check non COMM chunk len before skip in decode_aiff_header() - avcodec/mjpegdec: Fix integer overflow in ljpeg_decode_rgb_scan() - avcodec/truemotion2: Fix overflow in tm2_apply_deltas() - avcodec/opus_silk: Change silk_lsf2lpc() slightly toward silk/NLSF2A.c - avcodec/amrwbdec: Fix division by 0 in find_hb_gain() - avformat/mov: replace a value error by clipping into valid range in mov_read_stsc() - avformat/mov: Break out early if chunk_count is 0 in mov_build_index() - avcodec/fic: Avoid some magic numbers related to cursors - avcodec/g2meet: ask for sample with overflowing RGB - avcodec/aacdec_fixed: use 64bit to avoid overflow in rounding in apply_dependent_coupling_fixed() - oavcodec/aacpsdsp_template: Use unsigned for hs0X to prevent undefined behavior - avcodec/g723_1dec: Clip bits2 in both directions - avcodec/mpeg4videoenc: Use 64 bit for times in mpeg4_encode_gop_header() - avcodec/mlpdec: Only change noise_type if the related fields are valid - indeo4: Decode all or nothing of a band header. - avformat/mov: Only fail for STCO/STSC contradictions if both exist - avcodec/dirac_dwt: Fix integer overflow in COMPOSE_DD97iH0 / COMPOSE_DD137iL0 - avcodec/fic: Check available input space for cursor - avcodec/g2meet: Check RGB upper limit - avcodec/jpeg2000dec: Fix undefined shift in the jpeg2000_decode_packets_po_iteration() CPRL case - avcodec/jpeg2000dec: Skip init for component in CPRL if nothing is to be done - avcodec/g2meet: Change order of operations to avoid undefined behavior - avcodec/flac_parser: Fix infinite loop - avcodec/wavpack: Fix integer overflow in DEC_MED() / INC_MED() - avcodec/wavpack: Fix integer overflow in wv_unpack_stereo() - avcodec/error_resilience: Fix integer overflow in filter181() - avcodec/h263dec: Check slice_ret in mspeg4 slice loop - avcodec/elsdec: Fix memleaks - avcodec/vc1_block: simplify ac_val computation - avcodec/ffv1enc: Check that the crc + version combination is supported - lavf/http.c: Free allocated client URLContext in case of error. - avcodec/dsicinvideo: Fail if there is only a small fraction of the data available that comprises a full frame - avcodec/dsicinvideo: Propagate errors from cin_decode_rle() - avcodec/dfa: Check dimension against maximum - avcodec/cinepak: Skip empty frames - avcodec/cinepak: move some checks prior to frame allocation - swresample/arm: remove unintentional relocation. - doc/APIchanges: Fix typos in hashes - avformat/utils: Check cur_dts in update_initial_timestamps() more - avcodec/utils: Enforce minimum width also for VP5/6 - avcodec/truemotion2: Propagate out of bounds error from GET_TOK() - avformat/utils: Fix integer overflow in end time calculation in update_stream_timings() - avcodec/mjpegdec: Check input buffer size. - avcodec/h264_slice: Fix integer overflow with last_poc - avformat/mov: Fix extradata memleak - lavc/libopusdec: Allow avcodec_open2 to call .close - avcodec/movtextdec: Check style_start/end - avcodec/aacsbr_fixed: Fix integer overflow in sbr_hf_assemble() - libavcodec/rv34: error out earlier on missing references - swresample/swresample: Fix for seg fault in swr_convert_internal() -> sum2_float during dithering. - avcodec/aacdec_fixed: Fix integer overflow in apply_independent_coupling_fixed() - avcodec/cscd: Error out when LZ* decompression fails - avcodec/imgconvert: Fix loss mask bug in avcodec_find_best_pix_fmt_of_list() - avfilter/vf_signature: use av_strlcpy() - avcodec/utvideodec: Set pro flag based on fourcc - avcodec/wmalosslessdec: Fix null pointer dereference in decode_frame() - avcodec/tableprint_vlc: Fix build failure with --enable-hardcoded-tables - avformat/mov: Move +1 in check to avoid hypothetical overflow in add_ctts_entry() - avcodec/get_bits: Make sure the input bitstream with padding can be addressed - avformat/mov: Check STSC and remove invalid entries - avcodec/nuv: rtjpeg with dimensions less than 16 would result in no decoded pixels thus reject it - avcodec/nuv: Check for minimum input size for uncomprssed and rtjpeg - avcodec/wmalosslessdec: Reset num_saved_bits on error path - avformat/mov: Fix integer overflows related to sample_duration - avformat/img2dec: fix infinite loop - avformat/oggparsedaala: Do not adjust AV_NOPTS_VALUE - avformat/oggparseogm: Check lb against psize - avformat/oggparseogm: Fix undefined shift in ogm_packet() - avformat/avidec: Fix integer overflow in cum_len check - avformat/oggparsetheora: Do not adjust AV_NOPTS_VALUE - avformat/utils: Fix integer overflow of fps_first/last_dts - avformat/oggdec: Fix metadata memleak on multiple headers - libavformat/oggparsevorbis: Fix memleak on multiple headers - avformat/mov: Fix integer overflow in mov_get_stsc_samples() - avcodec/truemotion2rt: Check input buffer size - avcodec/g2meet: Check tile dimensions with av_image_check_size2() - avcodec/exr: fix invalid shift in unpack_14() - avcodec/bintext: sanity check dimensions - avcodec/utvideodec: Check subsample factors - avcodec/smc: Check input packet size - avcodec/cavsdec: Check alpha/beta offset - avcodec/diracdec: Fix integer overflow in mv computation - avcodec/h264_parse: Clear invalid chroma weights in ff_h264_pred_weight_table() - avcodec/aacdec_templat: Fix integer overflow in apply_ltp() - avcodec/jpeg2000dwt: Fix integer overflows in sr_1d53() - avcodec/diracdec: Use int64 in global mv to prevent overflow - avcodec/dxtory: Remove code that corrupts dimensions - avcodec/dirac_dwt_template: Fix Integer overflow in horizontal_compose_dd137i() - avcodec/hevcdec: Check luma/chroma_log2_weight_denom - avcodec/jpeg2000dec: Use av_image_check_size2() - avcodec/vp8: Check for bitstream end before vp7_fade_frame() - avcodec/exr: Check remaining bits in last get code loop - avutil/common: Fix integer overflow in av_clip_uint8_c() and av_clip_uint16_c() - avdevice/decklink_dec: Fix ;; - avcodec/h264_cabac: Tighten allowed coeff_abs range - avcodec/h264_cavlc: Set valid qscale value in ff_h264_decode_mb_cavlc() - avdevice/iec61883: free the private context at the end - avdevice/iec61883: return reference counted packets - configure: add nvcc to CMDLINE_SET - avcodec/mpeg4_unpack_bframes: make sure the packet is writable when data needs to be changed - avcodec/mp3_header_decompress: don't free the user provided packet on error - avcodec/extract_extradata: zero initalize the padding bytes in all allocated buffers - avformat/hvcc: zero initialize the nal buffers past the last written byte - swresample/rematrix: fix update of channel matrix if input or output layout is undefined - avformat/matroskadec: ignore CodecPrivate if the stream is VP9 """
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8f125f43d325cb7faeaa9caab630768d7643ebae commit 8f125f43d325cb7faeaa9caab630768d7643ebae Author: Arfrever Frehtes Taifersar Arahesis <arfrever.fta@gmail.com> AuthorDate: 2018-11-23 09:29:04 +0000 Commit: Mart Raudsepp <leio@gentoo.org> CommitDate: 2018-11-23 09:48:03 +0000 media-plugins/gst-plugins-libav: Update ffmpeg version with USE=libav Closes: https://bugs.gentoo.org/666674 Signed-off-by: Mart Raudsepp <leio@gentoo.org> Package-Manager: Portage-2.3.49, Repoman-2.3.11 media-plugins/gst-plugins-libav/Manifest | 2 + .../gst-plugins-libav-1.14.4.3.4.4.ebuild | 91 ++++++++++++++++++++++ 2 files changed, 93 insertions(+)