debian/0000755000000000000000000000000013401577424007175 5ustar debian/changelog0000644000000000000000000004313213401577403011047 0ustar liblivemedia (2014.01.13-1+deb8u1build0.14.04.1) trusty-security; urgency=medium * fake sync from Debian -- Mike Salvatore Tue, 04 Dec 2018 17:26:11 -0500 liblivemedia (2014.01.13-1+deb8u1) jessie-security; urgency=high * Non-maintainer upload by the LTS Team. * CVE-2018-4013: stack-based buffer overflow in the HTTP packet-parsing functionality, potentially resulting in code execution. -- Hugo Lefeuvre Tue, 20 Nov 2018 16:12:02 +0100 liblivemedia (2014.01.13-1) unstable; urgency=medium * Team upload. * New upstream release. - Rewrote our MD5 implementation to fix license issue (Closes: #728419) * Update debian/copyright. * Bump Standards-Version to 3.9.5. * Update liblivemedia15 to liblivemedia23. * Remove outdated (and probably non-free) openRTSP.html. -- Benjamin Drung Mon, 13 Jan 2014 23:50:32 +0100 liblivemedia (2013.10.25-1) unstable; urgency=low * Team upload. * New upstream release. * Link shared libraries with g++ instead of gcc to fix build failure. * Refresh patches. * Update shared library versions. -- Benjamin Drung Wed, 30 Oct 2013 10:30:48 +0100 liblivemedia (2013.04.30-1) unstable; urgency=low * Team upload. * New upstream release. * Upload to unstable after the Debian 7.0 release. -- Benjamin Drung Sun, 05 May 2013 19:49:35 +0200 liblivemedia (2013.01.15-1) experimental; urgency=low * Team upload. * New upstream release. * Drop linker-flags.patch (accepted upstream). -- Benjamin Drung Wed, 16 Jan 2013 14:20:43 +0100 liblivemedia (2013.01.05-3) experimental; urgency=low * Team upload. * Add a pkg-config file for the shared libraries. -- Benjamin Drung Wed, 16 Jan 2013 02:24:14 +0100 liblivemedia (2013.01.05-2) experimental; urgency=low * Team upload. * Move example code into liblivemedia-dev package (where it belongs). * Add -fPIC -DPIC to CXXFLAGS in addition to CFLAGS to really build a static PIC version. -- Benjamin Drung Mon, 14 Jan 2013 09:00:35 +0100 liblivemedia (2013.01.05-1) experimental; urgency=low * Team upload. * New upstream release (supporting shared libraries). * Switch to short format debhelper 9. * Drop 010_propagate_cflags.diff and 301_hardening.patch (improved version accepted by upstream). * Remove the not DFSG-free upstream changelog and replace it with a URL. * Drop 022_synchronous_rtspclient.patch. * Add shared libraries. (Closes: #662774) -- Benjamin Drung Sat, 05 Jan 2013 11:57:46 +0100 liblivemedia (2012.11.30-1) experimental; urgency=low * Team upload. * New upstream release: - Fixed another bug in the "ProxyServerMediaSession" destructor. - Fixed a bug in "ProxyServerMediaSession" that would be triggered if an "RTSPServer" that uses such an object were deleted. (This also fixes a memory leak that would occur if a proxy's back-end server failed, but then restarted.) - Fixed a bug in "ProxyRTSPClient" that was causing some background tasks to not be halted when a "ProxyServerMediaSession" deleted. * Refresh debian/patches/301_hardening.patch, partially adopted upstream. * Update upstream changelog. -- Alessio Treglia Fri, 07 Dec 2012 14:29:31 +0000 liblivemedia (2012.11.16-1) experimental; urgency=low * Team upload. * Imported Upstream version 2012.11.16 * Refresh patches. * Update upstream changelog. * Enable hardening flags. * debian/patches/301_hardening.patch: - Prevent build failure when compiled with -Wformat -Werror=format-security. - Pass LDFLAGS to the linker. * Bump Standards. -- Alessio Treglia Thu, 22 Nov 2012 12:58:55 +0000 liblivemedia (2012.10.24-1) experimental; urgency=low * Team upload. * New upstream release. * Update upstream changelog. -- Alessio Treglia Sun, 04 Nov 2012 11:21:15 +0000 liblivemedia (2012.08.31-1) experimental; urgency=low * Team upload. * New upstream release. * Update upstream changelog. -- Alessio Treglia Thu, 06 Sep 2012 17:12:40 +0200 liblivemedia (2012.05.17-1) unstable; urgency=low * New upstream release. * Retrieve up-to-date upstream changelog. -- Alessio Treglia Wed, 06 Jun 2012 12:12:58 +0200 liblivemedia (2012.05.03-1) unstable; urgency=low * Team upload. * New upstream release. * Refresh patches. * Adjust dh_clean call to not modify upstream sources. -- Alessio Treglia Mon, 07 May 2012 11:38:26 +0200 liblivemedia (2012.04.21-1) unstable; urgency=low * Team upload. * New upstream release. * Refresh all patches. * Add the new live555ProxyServer to livemedia-utils. -- Alessio Treglia Tue, 24 Apr 2012 01:22:12 +0200 liblivemedia (2012.04.04-1) unstable; urgency=low * Team upload. [ Fabian Greffrath ] * Only rebuild the four libraries with PIC, not the entire source four times. [ Alessio Treglia ] * New upstream release. * Refresh patches. * Remove -XtestProgs/#cd# from dh_clean's options, it is no longer needed. * Update debian/copyright as per copyright format 1.0. -- Alessio Treglia Fri, 13 Apr 2012 01:39:53 +0200 liblivemedia (2012.02.29-2) unstable; urgency=low * Team upload. * Refresh upstream changelog. * Re-enable synchronous interface in RTSPClient to avoid API breakage. -- Alessio Treglia Mon, 05 Mar 2012 10:40:31 +0100 liblivemedia (2012.02.29-1) unstable; urgency=low * Team upload. * New upstream release. * Bump Standards. -- Alessio Treglia Fri, 02 Mar 2012 08:01:26 +0100 liblivemedia (2012.02.04-1) unstable; urgency=low * Team upload. * New upstream release. * Update debian/copyright. -- Alessio Treglia Fri, 17 Feb 2012 16:05:22 +0100 liblivemedia (2011.12.23-1) unstable; urgency=low * Team upload. * New upstream release (Closes: #652661). * Refresh patches and drop patches that are applied upstream in a similar way. * Pull latest upstream changelog. * We don't carry any GPL'd patches any more. The package license is back to LGPL. * Add build-arch and build-indep targets to make lintian happy. -- Benjamin Drung Fri, 30 Dec 2011 14:49:20 +0100 liblivemedia (2011.09.02-1) unstable; urgency=low * Team upload. * New upstream release: - Updated "MultiFramedRTPSource" to more cleanly handle the situation where the sender's SSRC changes. * Force close-on-exec flag (Closes: #639007), patch by Rémi Denis-Courmont. * Refresh patches. -- Alessio Treglia Sun, 04 Sep 2011 11:51:51 +0200 liblivemedia (2011.08.22-1) unstable; urgency=low * Team upload. * New upstream release:: - Updated the "RTSPServer" code to handle a rare condition whereby handleRequestBytes() gets called recursively. This can happen only when we handle a "DESCRIBE" by re-calling the event loop (e.g., to wait for SDP parameters to become available).) If this happens, we need to make sure that we don't delete the "RTSPClientSession" object until we leave the outermost call. -- Alessio Treglia Fri, 26 Aug 2011 17:17:25 +0200 liblivemedia (2011.07.21-1) unstable; urgency=low * Team upload. * New upstream release: - Changed some member variables from "private:" to "protected:", to make subclassing easier. - Added a sanity check to the "RTP-over-TCP" handling code in "RTPInterface.cpp" to alleviate a strange condition (perhaps a bug). -- Alessio Treglia Tue, 26 Jul 2011 10:42:46 +0200 liblivemedia (2011.07.08-1) unstable; urgency=low * Team upload. * New upstream release: - Updated the RTSP server implementation to check the "Content-Length:" header (if present) in incoming requests. Most commands don't include extra data after the , and thus don't need a "Content-Length:" header. However, two commands (GET_PARAMETER and SET_PARAMETER) include extra data, and thus have a "Content-Length:" header. We now check this value, to make sure that we've received all of the required data for each request. -- Alessio Treglia Mon, 11 Jul 2011 15:49:16 +0200 liblivemedia (2011.06.16-1) unstable; urgency=low * Team upload. * New upstream release: - Updated "AC3AudioRTPSink" and "AC3AudioRTPSource" to conform to RFC4184, which defines the RTP payload format for AC-3 audio. Previously, we were using a different, incompatible payload format (that had been defined by an initial draft document, but which differed from that defined in the final RFC. Unfortunately, this means that older clients that use our code - including existing binary versions of VLC and MPlayer - will no longer be able to play AC-3/RTP streams from our server (until they are rebuilt using this newest version of our library). - Updated "AC3AudioStreamFramer" - and added a new class "AC3AudioFileServerMediaSubsession" - to support streaming from an AC-3 audio file. We also added this support to the "testOnDemandRTSPServer" demo application, and to the "LIVE555 Media Server" (currently just the source code; not the prebuilt binary versions). - Moved the definition of "class StreamState" from OnDemandServerMediaSubsession.cpp to OnDemandServerMediaSubsession.hh. Even though "class StreamState" is used only internally, in the implementation of "OnDemandServerMediaSubsession", moving its definition to the header file makes it possible for subclasses of "OnDemandServerMediaSubsession" to access it. -- Alessio Treglia Tue, 21 Jun 2011 11:42:15 +0200 liblivemedia (2011.05.25-1) unstable; urgency=low * Team upload. * New upstream bugfix release: - Fix a bug in "RTSPClient" which was causing clients to crash if servers returned a 401 error code, but without a "WWW-Authenticate:" header. -- Alessio Treglia Thu, 26 May 2011 13:00:25 +0200 liblivemedia (2011.03.14-1) unstable; urgency=low * Team upload. * Upload to unstable. [ Benjamin Drung ] * Revert "A bit of style: wrap lines and fix indentation." [ Alessio Treglia ] * New upstream release. * Update upstream ChangeLog. * Fix small typo in debian/rules. * debian/copyright: Update copyright years. * Bump Standards. * Refresh 022_safe_setlocale.diff patch. -- Alessio Treglia Sun, 24 Apr 2011 10:56:23 +0200 liblivemedia (2010.11.17-1) experimental; urgency=low [ Christophe Mutricy ] * New upstream version 2010.11.17 * Refresh patches * Update upstream ChangeLog * Set policy to 3.9.1 * Upload to experimental until Squeeze is released [ Benjamin Drung ] * Refresh patches. * Switch to dpkg-source 3.0 (quilt) format. [ Alessio Treglia ] * Correct team's name in the Maintainer field. * debian/control: Wrap long lines and shorten indentation. -- Christophe Mutricy Tue, 30 Nov 2010 22:55:53 +0100 liblivemedia (2010.04.09-1) unstable; urgency=medium * New upstream version 2010.04.09 * Correctly document that we use a GPL'd patch and so the package is GPL'd (Closes: #578161) * Explain the license change in NEWS * Set urgency to medium as it closes a RC bug * Refresh patches -- Christophe Mutricy Thu, 22 Apr 2010 12:21:42 +0200 liblivemedia (2010.02.10-1) unstable; urgency=low * New upstream version 2010.02.10 (Closes: #565473) * ip_mreq_source is defined in all glibc not just on kfreebsd. Fix hurd FTBFS * Add an helper in debian/rules to get upstream.changelog * Refresh patch * Update upstream changelog * Point to LGPL-2.1 and update a little bit debian/copyright * Set policy to 3.8.4 (no change needed) -- Christophe Mutricy Wed, 10 Feb 2010 11:02:43 +0100 liblivemedia (2009.11.27-1) unstable; urgency=low * New upstream release (Closes: #560729, LP: #227610) * Remove patches applied upstream * Refresh patches * Set policy to 3.8.3 * Move the packaging to Git * Update upstream changelog -- Christophe Mutricy Sat, 19 Dec 2009 12:17:36 +0100 liblivemedia (2008.07.25-2) unstable; urgency=low * rules: we need to patch before ./genMakefile * control: Xs-Vcs- -> Vcs- * add a watch file -- Christophe Mutricy Fri, 29 Aug 2008 19:49:40 +0200 liblivemedia (2008.07.25-1) unstable; urgency=low * New upstream release (Closes: #453449) * Add Homepage field * New patch by Remi Denis-Courmont to fix an unsafe use of setlocale() * Bump up Standards-Version to 3.8.0 * Don't ignore make clean error * Add myself as uploader * Install MPEG2TransportStreamIndexer (Closes: #453511) * Refresh patches and delete 020_cxx_headers.diff -- Christophe Mutricy Wed, 27 Aug 2008 00:40:51 +0200 liblivemedia (2007.02.20-2) unstable; urgency=low * debian/copyright: + Fixed upstream URL (Closes: #386739). -- Sam Hocevar (Debian packages) Sat, 17 Mar 2007 22:05:49 +0100 liblivemedia (2007.02.20-1) unstable; urgency=low * New upstream release (Closes: #386740). * Refreshed all patches. * debian/rules: + Ship new live555MediaServer binary. * debian/control: + Set pkg-multimedia-maintainers as main maintainer. + Added Vcs fields. * debian/compat: + Set compat to 5. -- Sam Hocevar (Debian packages) Fri, 16 Mar 2007 21:45:22 +0100 liblivemedia (2006.07.04-2) unstable; urgency=low * debian/control: + Set policy to 3.7.2. * 021_ip_mreq_source.diff: + kFreeBSD FTBFS patch courtesy of Petr Salinger (Closes: #399679). -- Sam Hocevar (Debian packages) Thu, 22 Feb 2007 00:59:00 +0100 liblivemedia (2006.07.04-1) unstable; urgency=low * New upstream release. -- Sam Hocevar (Debian packages) Thu, 3 Aug 2006 18:25:42 +0200 liblivemedia (2006.03.17-2) unstable; urgency=low * Switched patch system to quilt. * debian/control: + Build-depend on quilt. * 010_propagate_cflags.diff: (new patch from old diff.gz) properly propagate $(CFLAGS) when entering new directories. * 010_proper_link_order.diff: (new patch from old diff.gz) fixed order of libraries in the link line. * 010_static_link.diff: (new patch from old diff.gz) create static libraries instead of a shared one. * 020_cxx_headers.diff: (new patch from old diff.gz) fixed inclusion of C headers instead of C++. * 020_invalid_casts.diff: (new patch from old diff.gz) fixed invalid casts from integer to (void *). * 040_changelog.diff: (new patch from old diff.gz) added upstream changelog to the distribution. -- Sam Hocevar (Debian packages) Thu, 30 Mar 2006 15:59:49 +0200 liblivemedia (2006.03.17-1) unstable; urgency=low * New upstream release. * This release properly builds with gcc 4.1 (Closes: #356592). * debian/control: + Replaced occurrences of live.com to live555.com. * debian/openRTSP.html: + Included documentation from http://www.live555.com/openRTSP/ for the openRTSP binary (Closes: #345510). -- Sam Hocevar (Debian packages) Mon, 20 Mar 2006 10:41:50 +0100 liblivemedia (2005.10.05-1) unstable; urgency=low * New upstream release. * debian/rules: + Oops, fixed a bug that compiled both library versions as PIC. * debian/copyright: + Updated the FSF address. -- Sam Hocevar (Debian packages) Thu, 6 Oct 2005 21:42:46 +0200 liblivemedia (2005.07.21-1) unstable; urgency=low * New upstream release. -- Sam Hocevar (Debian packages) Thu, 21 Jul 2005 16:36:47 +0200 liblivemedia (2005.06.16-1) unstable; urgency=low * New upstream snapshot. * CXX transition upload. * debian/control: + Set policy to 3.6.2.1. + New livemedia-utils package containing the compiled example tools, including openRTSP (Closes: #267602, #271383). The source code for them is still in liblivemedia-dev as examples. + Mention "RTSP" in the short description, and tool names such as openRTSP in the long description (Closes: #304255). * Included upstream changelog in the package. -- Sam Hocevar (Debian packages) Fri, 15 Jul 2005 14:51:34 +0300 liblivemedia (2005.04.01-1) unstable; urgency=low * New upstream snapshot (Closes: #302319). -- Sam Hocevar (Debian packages) Fri, 1 Apr 2005 19:00:59 +0200 liblivemedia (2004.11.11a-1) unstable; urgency=low * New upstream snapshot. -- Sam Hocevar (Debian packages) Sun, 14 Nov 2004 23:50:17 +0100 liblivemedia (2004.11.02-1) unstable; urgency=low * New upstream snapshot. * debian/control: + Set policy to 3.6.1.1. * README.Debian: + Fixed CFLAGS indications. -- Sam Hocevar (Debian packages) Tue, 2 Nov 2004 14:49:03 +0100 liblivemedia (2004.04.23-1) unstable; urgency=low * New upstream release. -- Sam Hocevar (Debian packages) Mon, 26 Apr 2004 17:47:40 +0200 liblivemedia (2004.02.09-1) unstable; urgency=low * Initial release (Closes: #231954). * liveMedia/H263plusVideoRTPSink.cpp liveMedia/MPEG1or2Demux.cpp: + Removed invalid and useless int->void* casts. * groupsock/Groupsock.cpp groupsock/NetInterface.cpp: + Replaced includes with . -- Sam Hocevar (Debian packages) Mon, 9 Feb 2004 22:31:50 +0100 debian/upstream.changelog0000644000000000000000000000014312231732656012704 0ustar The upstream changelog is only available online: http://live555.com/liveMedia/public/changelog.txt debian/compat0000644000000000000000000000000212231732656010373 0ustar 9 debian/liblivemedia-dev.docs0000644000000000000000000000000712231732656013246 0ustar README debian/libusageenvironment1.install0000644000000000000000000000004512234150500014706 0ustar /usr/lib/*/libUsageEnvironment.so.1* debian/rules0000755000000000000000000000355612231732656010266 0ustar #!/usr/bin/make -f # Uncomment this to turn on verbose mode. #export DH_VERBOSE=1 CPPFLAGS := $(shell dpkg-buildflags --get CPPFLAGS) CFLAGS := $(shell dpkg-buildflags --get CFLAGS) CXXFLAGS := $(shell dpkg-buildflags --get CXXFLAGS) LDFLAGS := $(shell dpkg-buildflags --get LDFLAGS) DEB_HOST_MULTIARCH ?= $(shell dpkg-architecture -qDEB_HOST_MULTIARCH) CFLAGS += -Wall ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS))) CFLAGS += -O0 endif ifeq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS))) INSTALL_PROGRAM += -s endif ifneq (,$(filter parallel=%,$(DEB_BUILD_OPTIONS))) NUMJOBS := $(patsubst parallel=%,%,$(filter parallel=%,$(DEB_BUILD_OPTIONS))) else NUMJOBS := 1 endif %: dh $@ --parallel override_dh_auto_clean: dh_auto_clean rm -f *.a override_dh_auto_configure: ./genMakefiles linux override_dh_auto_build: for f in BasicUsageEnvironment UsageEnvironment liveMedia groupsock; do \ $(MAKE) CFLAGS="$(CFLAGS) -fPIC -DPIC" CXXFLAGS="$(CXXFLAGS) -fPIC -DPIC" \ CPPFLAGS="$(CPPFLAGS)" LDFLAGS="$(LDFLAGS)" -j $(NUMJOBS) -C $${f} || exit 1; \ mv "$${f}/lib$${f}.a" "lib$${f}_pic.a"; \ done $(MAKE) clean for f in BasicUsageEnvironment UsageEnvironment liveMedia groupsock; do \ $(MAKE) CFLAGS="$(CFLAGS)" CXXFLAGS="$(CXXFLAGS)" CPPFLAGS="$(CPPFLAGS)" \ LDFLAGS="$(LDFLAGS)" -j $(NUMJOBS) -C $${f} || exit 1; \ mv "$${f}/lib$${f}.a" "lib$${f}.a"; \ done $(MAKE) clean ./genMakefiles linux-with-shared-libraries dh_auto_build -- CFLAGS="$(CFLAGS)" CXXFLAGS="$(CXXFLAGS)" CPPFLAGS="$(CPPFLAGS)" LDFLAGS="$(LDFLAGS)" override_dh_auto_install: dh_auto_install -- PREFIX=/usr LIBDIR=/usr/lib/$(DEB_HOST_MULTIARCH) for f in BasicUsageEnvironment UsageEnvironment liveMedia groupsock; do \ install -m 644 lib$${f}.a lib$${f}_pic.a debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH); \ done override_dh_installchangelogs: dh_installchangelogs debian/upstream.changelog debian/patches/0000755000000000000000000000000013375022102010610 5ustar debian/patches/020_invalid_casts.patch0000644000000000000000000000230412265055620015044 0ustar Description: Fix invalid cast from (short) integers to void pointers. --- a/liveMedia/MPEG1or2Demux.cpp +++ b/liveMedia/MPEG1or2Demux.cpp @@ -161,7 +161,7 @@ // Make sure this stream is not already being read: if (out.isCurrentlyAwaitingData) { envir() << "MPEG1or2Demux::registerReadInterest(): attempt to read stream id " - << (void*)streamIdTag << " more than once!\n"; + << streamIdTag << " more than once!\n"; envir().internalError(); } @@ -460,7 +460,7 @@ skipBytes(pack_stuffing_length); } else { // unknown fUsingDemux->envir() << "StreamParser::parsePack() saw strange byte " - << (void*)nextByte + << nextByte << " following pack_start_code\n"; } --- a/liveMedia/H263plusVideoRTPSink.cpp +++ b/liveMedia/H263plusVideoRTPSink.cpp @@ -64,7 +64,7 @@ } if (frameStart[0] != 0 || frameStart[1] != 0) { envir() << "H263plusVideoRTPSink::doSpecialFrameHandling(): unexpected non-zero first two bytes: " - << (void*)(frameStart[0]) << "," << (void*)(frameStart[1]) << "\n"; + << (frameStart[0]) << "," << (frameStart[1]) << "\n"; } frameStart[0] = specialHeader>>8; frameStart[1] = (unsigned char)specialHeader; debian/patches/series0000644000000000000000000000017313375022102012026 0ustar 020_invalid_casts.patch 021_ip_mreq_source.patch add-pkgconfig-file.patch link-library-with-g++.patch CVE-2018-4013.patch debian/patches/021_ip_mreq_source.patch0000644000000000000000000000121112234147070015227 0ustar Description: ip_mreq_source is defined in all glibc not just on kfreebsd. Fix hurd FTBFS --- a/groupsock/GroupsockHelper.cpp +++ b/groupsock/GroupsockHelper.cpp @@ -457,12 +457,14 @@ // commands, and a special structure (ip_mreq_source). If the include files // didn't define these, we do so here: #if !defined(IP_ADD_SOURCE_MEMBERSHIP) +#ifndef __GLIBC__ struct ip_mreq_source { struct in_addr imr_multiaddr; /* IP multicast address of group */ struct in_addr imr_sourceaddr; /* IP address of source */ struct in_addr imr_interface; /* local IP address of interface */ }; #endif +#endif #ifndef IP_ADD_SOURCE_MEMBERSHIP debian/patches/link-library-with-g++.patch0000644000000000000000000000277412234146062015572 0ustar Description: Link shared libraries with g++ instead of gcc to fix build failure. Author: Benjamin Drung --- a/config.linux +++ b/config.linux @@ -1,12 +1,12 @@ COMPILE_OPTS = $(INCLUDES) -I. -O2 -DSOCKLEN_T=socklen_t -D_LARGEFILE_SOURCE=1 -D_FILE_OFFSET_BITS=64 C = c -C_COMPILER = cc +C_COMPILER = $(CC) C_FLAGS = $(COMPILE_OPTS) $(CPPFLAGS) $(CFLAGS) CPP = cpp -CPLUSPLUS_COMPILER = c++ +CPLUSPLUS_COMPILER = $(CXX) CPLUSPLUS_FLAGS = $(COMPILE_OPTS) -Wall -DBSD=1 $(CPPFLAGS) $(CXXFLAGS) OBJ = o -LINK = c++ -o +LINK = $(CXX) -o LINK_OPTS = -L. $(LDFLAGS) CONSOLE_LINK_OPTS = $(LINK_OPTS) LIBRARY_LINK = ar cr --- a/config.linux-with-shared-libraries +++ b/config.linux-with-shared-libraries @@ -26,16 +26,16 @@ COMPILE_OPTS = $(INCLUDES) -I. -O2 -DSOCKLEN_T=socklen_t -D_LARGEFILE_SOURCE=1 -D_FILE_OFFSET_BITS=64 -fPIC C = c -C_COMPILER = cc +C_COMPILER = $(CC) C_FLAGS = $(COMPILE_OPTS) $(CPPFLAGS) $(CFLAGS) CPP = cpp -CPLUSPLUS_COMPILER = c++ +CPLUSPLUS_COMPILER = $(CXX) CPLUSPLUS_FLAGS = $(COMPILE_OPTS) -Wall -DBSD=1 $(CPPFLAGS) $(CXXFLAGS) OBJ = o -LINK = c++ -o +LINK = $(CXX) -o LINK_OPTS = -L. $(LDFLAGS) CONSOLE_LINK_OPTS = $(LINK_OPTS) -LIBRARY_LINK = gcc -o +LIBRARY_LINK = $(CXX) -o SHORT_LIB_SUFFIX = so.$(shell expr $($(NAME)_VERSION_CURRENT) - $($(NAME)_VERSION_AGE)) LIB_SUFFIX = $(SHORT_LIB_SUFFIX).$($(NAME)_VERSION_AGE).$($(NAME)_VERSION_REVISION) LIBRARY_LINK_OPTS = -shared -Wl,-soname,$(NAME).$(SHORT_LIB_SUFFIX) $(LDFLAGS) debian/patches/CVE-2018-4013.patch0000644000000000000000000000220513375022102013222 0ustar Description: fix stack-based buffer overflow during HTTP packet-parsing The lookForHeader function is affected by a bug which allows unlimited writing to the result buffer by providing multiple "Accept" or "x-session-cookie" strings. An attacker can send a packet to trigger this vulnerability and cause oob stack write, potentially resulting in code execution. . This patch limits the number of processed "Accept" or "x-session-cookie" strings to one, fixing the issue. Origin: upstream --- a/liveMedia/RTSPServer.cpp 2014-01-13 20:57:14.000000000 +0100 +++ b/liveMedia/RTSPServer.cpp 2018-11-20 16:18:03.358547811 +0100 @@ -561,12 +561,12 @@ for (unsigned j = i; j < sourceLen; ++j) { if (source[j] == '\r' || source[j] == '\n') { // We've found the end of the line. Copy it to the result (if it will fit): - if (j-i+1 > resultMaxSize) break; + if (j-i+1 > resultMaxSize) return; // it wouldn't fit char const* resultSource = &source[i]; char const* resultSourceEnd = &source[j]; while (resultSource < resultSourceEnd) *resultStr++ = *resultSource++; *resultStr = '\0'; - break; + return; } } } debian/patches/add-pkgconfig-file.patch0000644000000000000000000000250412231732656015260 0ustar Description: Add a pkg-config file for the shared libraries. Author: Benjamin Drung --- a/Makefile.head +++ b/Makefile.head @@ -1 +1,4 @@ +PREFIX = /usr/local +LIBDIR = /usr/local/lib +VERSION = $(shell grep LIVEMEDIA_LIBRARY_VERSION_STRING liveMedia/include/liveMedia_version.hh | sed 's/.*"\([^"]*\)".*/\1/') ##### Change the following for your environment: --- /dev/null +++ b/live555.pc.in @@ -0,0 +1,9 @@ +prefix=@PREFIX@ +libdir=@LIBDIR@ +includedir=${prefix}/include + +Name: live555 +Description: multimedia RTSP streaming library +Version: @VERSION@ +Cflags: -I${includedir}/liveMedia -I${includedir}/groupsock -I${includedir}/BasicUsageEnvironment -I${includedir}/UsageEnvironment +Libs: -L${libdir} -lliveMedia -lgroupsock -lBasicUsageEnvironment -lUsageEnvironment --- a/Makefile.tail +++ b/Makefile.tail @@ -20,7 +20,12 @@ cd $(MEDIA_SERVER_DIR) ; $(MAKE) cd $(PROXY_SERVER_DIR) ; $(MAKE) -install: +install_shared_libraries: + install -d $(DESTDIR)$(LIBDIR)/pkgconfig + sed "s#@PREFIX@#$(PREFIX)#;s#@LIBDIR@#$(LIBDIR)#;s#@VERSION@#$(VERSION)#" live555.pc.in > $(DESTDIR)$(LIBDIR)/pkgconfig/live555.pc + chmod 644 $(DESTDIR)$(LIBDIR)/pkgconfig/live555.pc + +install: $(INSTALL2) cd $(LIVEMEDIA_DIR) ; $(MAKE) install cd $(GROUPSOCK_DIR) ; $(MAKE) install cd $(USAGE_ENVIRONMENT_DIR) ; $(MAKE) install debian/liblivemedia-dev.install0000644000000000000000000000007512231732656013771 0ustar usr/include usr/lib/*/*.a usr/lib/*/*.so usr/lib/*/pkgconfig debian/livemedia-utils.docs0000644000000000000000000000000712231732656013141 0ustar README debian/gbp.conf0000644000000000000000000000006512231732656010615 0ustar [DEFAULT] pristine-tar = True [git-dch] meta = True debian/control0000644000000000000000000001412712265055577010614 0ustar Source: liblivemedia Section: libs Priority: optional Maintainer: Debian Multimedia Maintainers Uploaders: Reinhard Tartler , Sam Hocevar (Debian packages) , Christophe Mutricy Build-Depends: debhelper (>= 9) Standards-Version: 3.9.5 Homepage: http://www.live555.com/liveMedia/ Vcs-Git: git://anonscm.debian.org/pkg-multimedia/liblivemedia.git Vcs-Browser: http://anonscm.debian.org/gitweb/?p=pkg-multimedia/liblivemedia.git Package: liblivemedia-dev Section: libdevel Architecture: any Depends: libbasicusageenvironment0 (= ${binary:Version}), libgroupsock1 (= ${binary:Version}), liblivemedia23 (= ${binary:Version}), libusageenvironment1 (= ${binary:Version}), ${misc:Depends} Description: multimedia RTSP streaming library (development files) The live555.com streaming media code is a set of C++ libraries for multimedia streaming, using open standard protocols (RTP/RTCP, RTSP, SIP). These libraries can be used to build applications to stream, receive and process MPEG, H.263+ or JPEG video, several audio codecs, and can easily be extended to support additional codecs. They can also be used to build basic RTSP (Real Time Streaming Protocol) or SIP (Session Initiation Protocol) clients and servers. . This package contains the headers and static libraries required to build applications that use live555.com. Package: libbasicusageenvironment0 Architecture: any Pre-Depends: ${misc:Pre-Depends} Depends: ${misc:Depends}, ${shlibs:Depends} Description: multimedia RTSP streaming library (BasicUsageEnvironment class) The live555.com streaming media code is a set of C++ libraries for multimedia streaming, using open standard protocols (RTP/RTCP, RTSP, SIP). These libraries can be used to build applications to stream, receive and process MPEG, H.263+ or JPEG video, several audio codecs, and can easily be extended to support additional codecs. They can also be used to build basic RTSP (Real Time Streaming Protocol) or SIP (Session Initiation Protocol) clients and servers. . This package contains the BasicUsageEnvironment library which defines one concrete implementation (i.e., subclasses) of the "UsageEnvironment" classes, for use in simple, console applications. Read events and delayed operations are handled using a select() loop. Package: libgroupsock1 Architecture: any Pre-Depends: ${misc:Pre-Depends} Depends: ${misc:Depends}, ${shlibs:Depends} Description: multimedia RTSP streaming library (network interfaces and sockets) The live555.com streaming media code is a set of C++ libraries for multimedia streaming, using open standard protocols (RTP/RTCP, RTSP, SIP). These libraries can be used to build applications to stream, receive and process MPEG, H.263+ or JPEG video, several audio codecs, and can easily be extended to support additional codecs. They can also be used to build basic RTSP (Real Time Streaming Protocol) or SIP (Session Initiation Protocol) clients and servers. . This package contains the groupsock library. The classes in this library encapsulate network interfaces and sockets. In particular, the "Groupsock" class encapsulates a socket for sending (and/or receiving) multicast datagrams. Package: liblivemedia23 Architecture: any Pre-Depends: ${misc:Pre-Depends} Depends: ${misc:Depends}, ${shlibs:Depends} Description: multimedia RTSP streaming library The live555.com streaming media code is a set of C++ libraries for multimedia streaming, using open standard protocols (RTP/RTCP, RTSP, SIP). These libraries can be used to build applications to stream, receive and process MPEG, H.263+ or JPEG video, several audio codecs, and can easily be extended to support additional codecs. They can also be used to build basic RTSP (Real Time Streaming Protocol) or SIP (Session Initiation Protocol) clients and servers. . This package contains the liveMedia library which defines a class hierarchy - rooted in the "Medium" class - for a variety of streaming media types and codecs. Package: libusageenvironment1 Architecture: any Pre-Depends: ${misc:Pre-Depends} Depends: ${misc:Depends}, ${shlibs:Depends} Description: multimedia RTSP streaming library (UsageEnvironment classes) The live555.com streaming media code is a set of C++ libraries for multimedia streaming, using open standard protocols (RTP/RTCP, RTSP, SIP). These libraries can be used to build applications to stream, receive and process MPEG, H.263+ or JPEG video, several audio codecs, and can easily be extended to support additional codecs. They can also be used to build basic RTSP (Real Time Streaming Protocol) or SIP (Session Initiation Protocol) clients and servers. . This package contains the UsageEnvironment library. The "UsageEnvironment" and "TaskScheduler" classes are used for scheduling deferred events, for assigning handlers for asynchronous read events, and for outputting error/warning messages. Also, the "HashTable" class defines the interface to a generic hash table, used by the rest of the code. . These are all abstract base classes; they must be subclassed for use in an implementation. These subclasses can exploit the particular properties of the environment in which the program will run - e.g., its GUI and/or scripting environment. Package: livemedia-utils Section: net Architecture: any Depends: ${misc:Depends}, ${shlibs:Depends} Description: multimedia RTSP streaming tools The live555.com streaming media code is a set of C++ libraries for multimedia streaming, using open standard protocols (RTP/RTCP, RTSP, SIP). These libraries can be used to build applications to stream, receive and process MPEG, H.263+ or JPEG video, several audio codecs, and can easily be extended to support additional codecs. They can also be used to build basic RTSP (Real Time Streaming Protocol) or SIP (Session Initiation Protocol) clients and servers. . This package contains the live555.com streaming servers (live555MediaServer and live555ProxyServer), the example programs (openRTSP, playSIP, sapWatch, vobStreamer) and a variety of test tools. debian/source/0000755000000000000000000000000012231732656010475 5ustar debian/source/format0000644000000000000000000000001412231732656011703 0ustar 3.0 (quilt) debian/libbasicusageenvironment0.install0000644000000000000000000000005212231732656015724 0ustar /usr/lib/*/libBasicUsageEnvironment.so.0* debian/libgroupsock1.install0000644000000000000000000000003612234147507013346 0ustar /usr/lib/*/libgroupsock.so.1* debian/README.Debian0000644000000000000000000000133312231732656011236 0ustar Using libliveMedia et al. o Use these flags in CPPFLAGS or CFLAGS/CXXFLAGS: -I/usr/include/liveMedia -I/usr/include/groupsock -I/usr/include/BasicUsageEnvironment -I/usr/include/UsageEnvironment o If you are building a binary object, use these LIBS: -lliveMedia -lgroupsock -lBasicUsageEnvironment -lUsageEnvironment o If you are building a PIC plug-in that uses libliveMedia, but NOT a library that uses libliveMedia (in that case, link your application with the above flags and use -rdynamic), use these LIBS: -lliveMedia_pic -lgroupsock_pic -lBasicUsageEnvironment_pic -lUsageEnvironment_pic -- Sam Hocevar Tue, 10 Feb 2004 15:04:07 +0100 debian/liblivemedia23.install0000644000000000000000000000003712265055553013361 0ustar /usr/lib/*/libliveMedia.so.23* debian/copyright0000644000000000000000000000245112265055154011130 0ustar Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ Upstream-Name: LIVE555 Streaming Media Upstream-Contact: live-devel@lists.live555.com Source: http://live555.com/liveMedia/public/ Files: * Copyright: 1996-2014 Live Networks, Inc. All rights reserved. License: LGPL-2.1+ Files: debian/* Copyright: 2012 Alessio Treglia 2008 Christophe Mutricy 2013-2014 Benjamin Drung License: LGPL-2.1+ License: LGPL-2.1+ This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. . This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. Comment: On Debian GNU/Linux systems, the complete text of the GNU Lesser General Public License can be found in `/usr/share/common-licenses/LGPL-2.1'. . You should have received a copy of the GNU Lesser General Public License along with this library. If not, see . debian/watch0000644000000000000000000000010212231732656010217 0ustar version=3 http://live555.com/liveMedia/public/live\.(.*)\.tar\.gz debian/livemedia-utils.install0000644000000000000000000000001012265057753013656 0ustar usr/bin debian/examples0000644000000000000000000000002012231732656010726 0ustar testProgs/*.cpp debian/NEWS0000644000000000000000000000132312231732656007673 0ustar liblivemedia (2011.12.23-1) unstable; urgency=low Note that the license of this package has changed back from GPL to LGPL. This change is effective since this liblivemedia version. -- Benjamin Drung Fri, 30 Dec 2011 14:49:20 +0100 liblivemedia (2010.04.09-1) unstable; urgency=medium Note that the license of this package has changed from LGPL to GPL. This change is effective since liblivemedia 2008.07.25-1. If you need to build and distribute non-GPL'd application with liblivemedia you need to recompile this package without debian/patches/022_safe_setlocale.diff. But you will loose thread safety. -- Christophe Mutricy Tue, 20 Apr 2010 23:55:12 +0100