RLSA-2024:11123

Опубликовано: 17 мар. 2025

Источник: rocky

Оценка: Important

Описание

Important: gstreamer1-plugins-base security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-base packages contain a collection of well-maintained base plug-ins.

Security Fix(es):

gstreamer1-plugins-base: GStreamer has a stack-buffer overflow in vorbis_handle_identification_packet (CVE-2024-47538)
gstreamer1-plugins-base: out-of-bounds write in Ogg demuxer (CVE-2024-47615)
gstreamer1-plugins-base: stack-buffer overflow in gst_opus_dec_parse_header (CVE-2024-47607)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

Rocky Linux 9

Наименование	Архитектура	Релиз	RPM
gstreamer1-plugins-base	i686	3.el9_5	gstreamer1-plugins-base-1.22.1-3.el9_5.i686.rpm
gstreamer1-plugins-base	x86_64	3.el9_5	gstreamer1-plugins-base-1.22.1-3.el9_5.x86_64.rpm
gstreamer1-plugins-base-devel	i686	3.el9_5	gstreamer1-plugins-base-devel-1.22.1-3.el9_5.i686.rpm
gstreamer1-plugins-base-devel	x86_64	3.el9_5	gstreamer1-plugins-base-devel-1.22.1-3.el9_5.x86_64.rpm
gstreamer1-plugins-base-tools	x86_64	3.el9_5	gstreamer1-plugins-base-tools-1.22.1-3.el9_5.x86_64.rpm