`lib/gstreamer-1.0/libgstrtpmanager.so` includes `${gstreamer.dev}/include/gstreamer-1.0/gst/base/gstbitwriter.h` in their .rodata section, increasing the runtime closure unnecessarily. This happens because `gstbitwriter.h` header uses GLib’s `g_assert` macro, which wants to print `__FILE__` on assertion failure.
The assertions can and should be disabled on stable releases (ce64f0e0e0) so let’s do that.
continuation of #109595
pkgconfig was aliased in 2018, however, it remained in
all-packages.nix due to its wide usage. This cleans
up the remaining references to pkgs.pkgsconfig and
moves the entry to aliases.nix.
python3Packages.pkgconfig remained unchanged because
it's the canonical name of the upstream package
on pypi.
Fixes#98769.
Important changes from https://gstreamer.freedesktop.org/releases/1.18/:
* `gst-validate` was renamed to `gst-devtools` upstream:
> * the `gst-validate` tarball has been superseded by
> the `gst-devtools` tarball for consistency with the git module name.
* `gst-python` is now Python 3 only:
> * Python 2.x is no longer supported
On Linux this adds two dependencies to the closure, libjack2 and celt, which
increases its size from 163.5 MB to 164.4 MB.
This should not cause any issues on macOS since jack supports it.
Commit be382109ad broke evaluation
on Darwin because it added these unconditional buildInputs
that don't evaluate on Darwin:
libnice librdf lilv lv2 serd sord sratom
This commit fixes it, and also fixes recently-added new dependencies
for other packages accordingly.
It further fixes the build of many gstreamer packages on Darwin.
Changes needed:
* core: dbghelp disabled as it's not needed
* core: Fixed script not being executable and skipped by patchShebangs
* base: gtk_doc disabled because of wayland symbol error
* ges: Patch removed that was merged upstream:
https://bugzilla.gnome.org/show_bug.cgi?id=794856#c16
During the 1.14 -> 1.15 upgrade, lots of stuff stopped working because
gstreamer changed what features are enabled by default and which ones are
automatically turned on/off via pkgconfig dependency detection.
This resulted in the `gstreamer` ("core" attribute in nixpkgs) package
to have only 15 of its previous 163 build targets enabled, and downstream
packages breaking correspondingly.
To ease maintainability and to ensure users will find the expected features
available (and when not, will see in the nix file why not), we now pass
the `-Dauto_features=enabled` Meson build flag to all gstreamer builds,
which sets all `auto` dependencies to `enabled`, and we explicitly disable
those that we can't build.
This means in particular that `gst-plugins-bad` now has vastly more integrations
(namely all for which nixpkgs has libraries available).
gst-plugins-bad:
From the Arch Linux advisory:
- CVE-2017-5843 (arbitrary code execution): A double-free issue has
been found in gstreamer before 1.10.3, in
gst_mxf_demux_update_essence_tracks.
- CVE-2017-5848 (denial of service): An out-of-bounds read has been
found in gstreamer before 1.10.3, in gst_ps_demux_parse_psm.
More: https://lwn.net/Vulnerabilities/713772/
gst-plugins-base:
From the Arch Linux advisory:
- CVE-2017-5837 (denial of service): A floating point exception issue
has been found in gstreamer before 1.10.3, in
gst_riff_create_audio_caps.
- CVE-2017-5839 (denial of service): An endless recursion issue
leading to stack overflow has been found in gstreamer before 1.10.3,
in gst_riff_create_audio_caps.
- CVE-2017-5842 (arbitrary code execution): An off-by-one write has
been found in gstreamer before 1.10.3, in
html_context_handle_element.
- CVE-2017-5844 (denial of service): A floating point exception issue
has been found in gstreamer before 1.10.3, in
gst_riff_create_audio_caps.
More: https://lwn.net/Vulnerabilities/713773/
gst-plugins-good:
From the Arch Linux advisory:
- CVE-2016-10198 (denial of service): An invalid memory read flaw has
been found in gstreamer before 1.10.3, in
gst_aac_parse_sink_setcaps.
- CVE-2016-10199 (denial of service): An out of bounds read has been
found in gstreamer before 1.10.3, in qtdemux_tag_add_str_full.
- CVE-2017-5840 (denial of service): An out-of-bounds read has been
found in gstreamer before 1.10.3, in qtdemux_parse_samples.
- CVE-2017-5841 (denial of service): An out-of-bounds read has been
found in gstreamer before 1.10.3, in gst_avi_demux_parse_ncdt.
- CVE-2017-5845 (denial of service): An out-of-bounds read has been
found in gstreamer before 1.10.3, in gst_avi_demux_parse_ncdt.
More: https://lwn.net/Vulnerabilities/713774/
gst-plugins-ugly:
From the Arch Linux advisory:
- CVE-2017-5846 (denial of service): An out-of-bounds read has been
found in gstreamer before 1.10.3, in
gst_asf_demux_process_ext_stream_props.
- CVE-2017-5847 (denial of service): An out-of-bounds read has been
found in gstreamer before 1.10.3, in
gst_asf_demux_process_ext_content_desc.
More: https://lwn.net/Vulnerabilities/713775/
gstreamer:
From the Arch Linux advisory:
An out of bounds read has been found in gstreamer before 1.10.3, in
gst_date_time_new_from_iso8601_string.
More: https://lwn.net/Vulnerabilities/713776/
