RLSA-2025:7243

Опубликовано: 04 окт. 2025

Источник: rocky

Оценка: Moderate

Описание

Moderate: gstreamer1-plugins-base security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-base packages contain a collection of well-maintained base plug-ins.

Security Fix(es):

gstreamer1-plugins-base: ID3v2 parser out-of-bounds read and NULL-pointer dereference (CVE-2024-47542)
gstreamer1-plugins-base: GStreamer has an out-of-bounds write in SSA subtitle parser (CVE-2024-47541)
gstreamer1-plugins-base: GStreamer has an OOB-read in format_channel_mask (CVE-2024-47600)
gstreamer1-plugins-base: NULL-pointer dereference in LRC subtitle parser (CVE-2024-47835)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Rocky Linux 9 Release Notes linked from the References section.

Затронутые продукты

Rocky Linux 9

Наименование	Архитектура	Релиз	RPM
gstreamer1-plugins-base	i686	4.el9	gstreamer1-plugins-base-1.22.12-4.el9.i686.rpm
gstreamer1-plugins-base	x86_64	4.el9	gstreamer1-plugins-base-1.22.12-4.el9.x86_64.rpm
gstreamer1-plugins-base-devel	i686	4.el9	gstreamer1-plugins-base-devel-1.22.12-4.el9.i686.rpm
gstreamer1-plugins-base-devel	x86_64	4.el9	gstreamer1-plugins-base-devel-1.22.12-4.el9.x86_64.rpm
gstreamer1-plugins-base-tools	x86_64	4.el9	gstreamer1-plugins-base-tools-1.22.12-4.el9.x86_64.rpm