gnu: gst-plugins-ugly: Update to 1.18.5.

* gnu/packages/gstreamer.scm (gst-plugins-ugly): Update to 1.18.5.
[source]: Remove patches.
* gnu/packages/patches/gst-plugins-ugly-fix-out-of-bound-reads.patch: Delete file.
* gnu/local.mk: De-register it.

gnu/local.mk

@@ -1217,7 +1217,6 @@ dist_patch_DATA =						\
   %D%/packages/patches/gspell-dash-test.patch			\
   %D%/packages/patches/gst-libav-64channels-stack-corruption.patch	\
   %D%/packages/patches/gst-plugins-good-fix-test.patch		\
-  %D%/packages/patches/gst-plugins-ugly-fix-out-of-bound-reads.patch	\
   %D%/packages/patches/guile-1.8-cpp-4.5.patch			\
   %D%/packages/patches/guile-2.2-skip-oom-test.patch            \
   %D%/packages/patches/guile-2.2-skip-so-test.patch             \

gnu/packages/gstreamer.scm

@@ -902,16 +902,15 @@ par compared to the rest.")
 (define-public gst-plugins-ugly
   (package
     (name "gst-plugins-ugly")
-    (version "1.18.4")
+    (version "1.18.5")
     (source
      (origin
        (method url-fetch)
        (uri
         (string-append "https://gstreamer.freedesktop.org/src/"
                        name "/" name "-" version ".tar.xz"))
-       (patches (search-patches "gst-plugins-ugly-fix-out-of-bound-reads.patch"))
        (sha256
-        (base32 "0g6i4db1883q3j0l2gdv46fcqwiiaw63n6mhvsfcms1i1p7g1391"))))
+        (base32 "1nb6kz3gbn8r0sld6xkm16qpgyb2bvhafb7sff9rgagqk0z80cnz"))))
     (build-system meson-build-system)
     (arguments
      `(#:glib-or-gtk? #t     ; To wrap binaries and/or compile schemas
@@ -928,8 +927,7 @@ par compared to the rest.")
              ;; Tests look for $XDG_RUNTIME_DIR.
              (setenv "XDG_RUNTIME_DIR" (getcwd))
              ;; For missing '/etc/machine-id'.
-             (setenv "DBUS_FATAL_WARNINGS" "0")
+             (setenv "DBUS_FATAL_WARNINGS" "0"))))))
-             #t)))))
     (native-inputs
      `(("gettext" ,gettext-minimal)
        ("glib:bin" ,glib "bin")

gnu/packages/patches/gst-plugins-ugly-fix-out-of-bound-reads.patch

@@ -1,119 +0,0 @@
-Fix out of bounds reads when parsing audio and video packets:
-
-https://security-tracker.debian.org/tracker/TEMP-0000000-4DAA44
-https://gitlab.freedesktop.org/gstreamer/gst-plugins-ugly/-/issues/37
-
-Patch copied from upstream source repository:
-
-https://gitlab.freedesktop.org/gstreamer/gst-plugins-ugly/-/commit/3aba7d1e625554b2407bc77b3d09b4928b937d5f
-From 3aba7d1e625554b2407bc77b3d09b4928b937d5f Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
-Date: Wed, 3 Mar 2021 11:05:14 +0200
-Subject: [PATCH] rmdemux: Make sure we have enough data available when parsing
- audio/video packets
-
-Otherwise there will be out-of-bounds reads and potential crashes.
-
-Thanks to Natalie Silvanovich for reporting.
-
-Fixes https://gitlab.freedesktop.org/gstreamer/gst-plugins-ugly/-/issues/37
-
-Part-of: <https://gitlab.freedesktop.org/gstreamer/gst-plugins-ugly/-/merge_requests/74>
----
- gst/realmedia/rmdemux.c | 35 +++++++++++++++++++++++++++++++++++
- 1 file changed, 35 insertions(+)
-
-diff --git a/gst/realmedia/rmdemux.c b/gst/realmedia/rmdemux.c
-index 6cc659a1..68b0736b 100644
---- a/gst/realmedia/rmdemux.c
-+++ b/gst/realmedia/rmdemux.c
-@@ -2223,6 +2223,9 @@ gst_rmdemux_parse_video_packet (GstRMDemux * rmdemux, GstRMDemuxStream * stream,
- 
-   gst_buffer_map (in, &map, GST_MAP_READ);
- 
-+  if (map.size < offset)
-+    goto not_enough_data;
-+
-   data = map.data + offset;
-   size = map.size - offset;
- 
-@@ -2289,6 +2292,9 @@ gst_rmdemux_parse_video_packet (GstRMDemux * rmdemux, GstRMDemuxStream * stream,
-     }
-     GST_DEBUG_OBJECT (rmdemux, "fragment size %d", fragment_size);
- 
-+    if (map.size < (data - map.data) + fragment_size)
-+      goto not_enough_data;
-+
-     /* get the fragment */
-     fragment =
-         gst_buffer_copy_region (in, GST_BUFFER_COPY_ALL, data - map.data,
-@@ -2437,6 +2443,9 @@ gst_rmdemux_parse_audio_packet (GstRMDemux * rmdemux, GstRMDemuxStream * stream,
-   GstFlowReturn ret;
-   GstBuffer *buffer;
- 
-+  if (gst_buffer_get_size (in) < offset)
-+    goto not_enough_data;
-+
-   buffer = gst_buffer_copy_region (in, GST_BUFFER_COPY_MEMORY, offset, -1);
- 
-   if (rmdemux->first_ts != -1 && timestamp > rmdemux->first_ts)
-@@ -2467,9 +2476,19 @@ gst_rmdemux_parse_audio_packet (GstRMDemux * rmdemux, GstRMDemuxStream * stream,
-     ret = gst_pad_push (stream->pad, buffer);
-   }
- 
-+done:
-   gst_buffer_unref (in);
- 
-   return ret;
-+
-+  /* ERRORS */
-+not_enough_data:
-+  {
-+    GST_ELEMENT_WARNING (rmdemux, STREAM, DECODE, ("Skipping bad packet."),
-+        (NULL));
-+    ret = GST_FLOW_OK;
-+    goto done;
-+  }
- }
- 
- static GstFlowReturn
-@@ -2490,6 +2509,9 @@ gst_rmdemux_parse_packet (GstRMDemux * rmdemux, GstBuffer * in, guint16 version)
-   data = map.data;
-   size = map.size;
- 
-+  if (size < 4 + 6 + 1 + 2)
-+    goto not_enough_data;
-+
-   /* stream number */
-   id = RMDEMUX_GUINT16_GET (data);
- 
-@@ -2525,6 +2547,9 @@ gst_rmdemux_parse_packet (GstRMDemux * rmdemux, GstBuffer * in, guint16 version)
- 
-   /* version 1 has an extra byte */
-   if (version == 1) {
-+    if (size < 1)
-+      goto not_enough_data;
-+
-     data += 1;
-     size -= 1;
-   }
-@@ -2596,6 +2621,16 @@ unknown_stream:
-     gst_buffer_unref (in);
-     return GST_FLOW_OK;
-   }
-+
-+  /* ERRORS */
-+not_enough_data:
-+  {
-+    GST_ELEMENT_WARNING (rmdemux, STREAM, DECODE, ("Skipping bad packet."),
-+        (NULL));
-+    gst_buffer_unmap (in, &map);
-+    gst_buffer_unref (in);
-+    return GST_FLOW_OK;
-+  }
- }
- 
- gboolean
--- 
-2.31.1
-