Описание
Moderate: gstreamer1-plugins-good security update
GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-good packages contain a collection of well-supported plug-ins of good quality and under the LGPL license.
Security Fix(es):
-
gstreamer1-plugins-good: OOB-read in qtdemux_parse_container (CVE-2024-47543)
-
gstreamer1-plugins-good: GStreamer has an OOB-read in gst_avi_subtitle_parse_gab2_chunk (CVE-2024-47774)
-
gstreamer1-plugins-good: OOB-read in gst_wavparse_smpl_chunk (CVE-2024-47777)
-
gstreamer1-plugins-good: OOB-read in gst_wavparse_adtl_chunk (CVE-2024-47778)
-
gstreamer1-plugins-good: OOB-read in parse_ds64 (CVE-2024-47775)
-
gstreamer1-plugins-good: OOB-read in FOURCC_SMI_ parsing (CVE-2024-47596)
-
gstreamer1-plugins-good: insufficient error handling in JPEG decoder that can lead to NULL-pointer dereferences (CVE-2024-47599)
-
gstreamer1-plugins-good: Use-After-Free read in Matroska CodecPrivate (CVE-2024-47834)
-
gstreamer1-plugins-good: OOB-read in gst_wavparse_cue_chunk (CVE-2024-47776)
-
gstreamer1-plugins-good: NULL-pointer dereferences in MP4/MOV demuxer CENC handling (CVE-2024-47544)
-
gstreamer1-plugins-good: NULL-pointer dereference in Matroska/WebM demuxer (CVE-2024-47601)
-
gstreamer1-plugins-good: OOB-read in qtdemux_parse_samples (CVE-2024-47597)
-
gstreamer1-plugins-good: integer underflow in extract_cc_from_data leading to OOB-read (CVE-2024-47546)
-
gstreamer1-plugins-good: NULL-pointer dereferences and out-of-bounds reads in Matroska/WebM demuxer (CVE-2024-47602)
-
gstreamer1-plugins-good: OOB-read in qtdemux_merge_sample_table (CVE-2024-47598)
-
gstreamer1-plugins-good: NULL-pointer dereference in Matroska/WebM demuxer (CVE-2024-47603)
-
gstreamer1-plugins-good: integer underflow in FOURCC_strf parsing leading to OOB-read (CVE-2024-47545)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Rocky Linux 9 Release Notes linked from the References section.
Затронутые продукты
Rocky Linux 9
Ссылки на источники
Исправления
- Red Hat - 2331723
- Red Hat - 2331739
- Red Hat - 2331741
- Red Hat - 2331743
- Red Hat - 2331744
- Red Hat - 2331747
- Red Hat - 2331748
- Red Hat - 2331749
- Red Hat - 2331750
- Red Hat - 2331751
- Red Hat - 2331752
- Red Hat - 2331755
- Red Hat - 2331756
- Red Hat - 2331759
- Red Hat - 2331761
- Red Hat - 2331762
- Red Hat - 2331763
