Описание
Security update for gstreamer-plugins-good
This update for gstreamer-plugins-good fixes the following issues:
- CVE-2021-3498: Matroskademux: initialize track context out parameter to NULL before parsing (bsc#1184735).
- CVE-2021-3497: Matroskademux: Fix extraction of multichannel WavPack (bsc#1184739).
Список пакетов
SUSE Linux Enterprise Module for Basesystem 15 SP2
gstreamer-plugins-good-1.16.3-3.6.1
gstreamer-plugins-good-lang-1.16.3-3.6.1
SUSE Linux Enterprise Module for Basesystem 15 SP3
gstreamer-plugins-good-1.16.3-3.6.1
gstreamer-plugins-good-lang-1.16.3-3.6.1
Ссылки
- Link for SUSE-SU-2021:2915-1
- E-Mail link for SUSE-SU-2021:2915-1
- SUSE Security Ratings
- SUSE Bug 1184735
- SUSE Bug 1184739
- SUSE CVE CVE-2021-3497 page
- SUSE CVE CVE-2021-3498 page
Описание
GStreamer before 1.18.4 might access already-freed memory in error code paths when demuxing certain malformed Matroska files.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP2:gstreamer-plugins-good-1.16.3-3.6.1
SUSE Linux Enterprise Module for Basesystem 15 SP2:gstreamer-plugins-good-lang-1.16.3-3.6.1
SUSE Linux Enterprise Module for Basesystem 15 SP3:gstreamer-plugins-good-1.16.3-3.6.1
SUSE Linux Enterprise Module for Basesystem 15 SP3:gstreamer-plugins-good-lang-1.16.3-3.6.1
Ссылки
- CVE-2021-3497
- SUSE Bug 1184739
Описание
GStreamer before 1.18.4 might cause heap corruption when parsing certain malformed Matroska files.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP2:gstreamer-plugins-good-1.16.3-3.6.1
SUSE Linux Enterprise Module for Basesystem 15 SP2:gstreamer-plugins-good-lang-1.16.3-3.6.1
SUSE Linux Enterprise Module for Basesystem 15 SP3:gstreamer-plugins-good-1.16.3-3.6.1
SUSE Linux Enterprise Module for Basesystem 15 SP3:gstreamer-plugins-good-lang-1.16.3-3.6.1
Ссылки
- CVE-2021-3498
- SUSE Bug 1184735