SUSE-SU-2022:3907-1

Опубликовано: 08 нояб. 2022

Источник: suse-cvrf

Описание

Security update for gstreamer-plugins-base

This update for gstreamer-plugins-base fixes the following issues:

CVE-2021-3522: Fixed ID3v2 tag frame size check and potential invalid reads (bsc#1185448).

Список пакетов

SUSE Linux Enterprise Micro 5.2

gstreamer-plugins-base-1.16.3-150200.4.6.2

libgstallocators-1_0-0-1.16.3-150200.4.6.2

libgstapp-1_0-0-1.16.3-150200.4.6.2

libgstaudio-1_0-0-1.16.3-150200.4.6.2

libgstgl-1_0-0-1.16.3-150200.4.6.2

libgstpbutils-1_0-0-1.16.3-150200.4.6.2

libgstriff-1_0-0-1.16.3-150200.4.6.2

libgsttag-1_0-0-1.16.3-150200.4.6.2

libgstvideo-1_0-0-1.16.3-150200.4.6.2

SUSE Linux Enterprise Module for Basesystem 15 SP3

gstreamer-plugins-base-1.16.3-150200.4.6.2

gstreamer-plugins-base-devel-1.16.3-150200.4.6.2

gstreamer-plugins-base-lang-1.16.3-150200.4.6.2

libgstallocators-1_0-0-1.16.3-150200.4.6.2

libgstapp-1_0-0-1.16.3-150200.4.6.2

libgstaudio-1_0-0-1.16.3-150200.4.6.2

libgstfft-1_0-0-1.16.3-150200.4.6.2

libgstgl-1_0-0-1.16.3-150200.4.6.2

libgstpbutils-1_0-0-1.16.3-150200.4.6.2

libgstriff-1_0-0-1.16.3-150200.4.6.2

libgstrtp-1_0-0-1.16.3-150200.4.6.2

libgstrtsp-1_0-0-1.16.3-150200.4.6.2

libgstsdp-1_0-0-1.16.3-150200.4.6.2

libgsttag-1_0-0-1.16.3-150200.4.6.2

libgstvideo-1_0-0-1.16.3-150200.4.6.2

typelib-1_0-GstAllocators-1_0-1.16.3-150200.4.6.2

typelib-1_0-GstApp-1_0-1.16.3-150200.4.6.2

typelib-1_0-GstAudio-1_0-1.16.3-150200.4.6.2

typelib-1_0-GstGL-1_0-1.16.3-150200.4.6.2

typelib-1_0-GstPbutils-1_0-1.16.3-150200.4.6.2

typelib-1_0-GstRtp-1_0-1.16.3-150200.4.6.2

typelib-1_0-GstRtsp-1_0-1.16.3-150200.4.6.2

typelib-1_0-GstSdp-1_0-1.16.3-150200.4.6.2

typelib-1_0-GstTag-1_0-1.16.3-150200.4.6.2

typelib-1_0-GstVideo-1_0-1.16.3-150200.4.6.2

SUSE Linux Enterprise Module for Package Hub 15 SP3

libgstaudio-1_0-0-32bit-1.16.3-150200.4.6.2

libgsttag-1_0-0-32bit-1.16.3-150200.4.6.2

libgstvideo-1_0-0-32bit-1.16.3-150200.4.6.2

openSUSE Leap 15.3

gstreamer-plugins-base-1.16.3-150200.4.6.2

gstreamer-plugins-base-32bit-1.16.3-150200.4.6.2

gstreamer-plugins-base-devel-1.16.3-150200.4.6.2

gstreamer-plugins-base-devel-32bit-1.16.3-150200.4.6.2

gstreamer-plugins-base-doc-1.16.3-150200.4.6.2

gstreamer-plugins-base-lang-1.16.3-150200.4.6.2

libgstallocators-1_0-0-1.16.3-150200.4.6.2

libgstallocators-1_0-0-32bit-1.16.3-150200.4.6.2

libgstapp-1_0-0-1.16.3-150200.4.6.2

libgstapp-1_0-0-32bit-1.16.3-150200.4.6.2

libgstaudio-1_0-0-1.16.3-150200.4.6.2

libgstaudio-1_0-0-32bit-1.16.3-150200.4.6.2

libgstfft-1_0-0-1.16.3-150200.4.6.2

libgstfft-1_0-0-32bit-1.16.3-150200.4.6.2

libgstgl-1_0-0-1.16.3-150200.4.6.2

libgstgl-1_0-0-32bit-1.16.3-150200.4.6.2

libgstpbutils-1_0-0-1.16.3-150200.4.6.2

libgstpbutils-1_0-0-32bit-1.16.3-150200.4.6.2

libgstriff-1_0-0-1.16.3-150200.4.6.2

libgstriff-1_0-0-32bit-1.16.3-150200.4.6.2

libgstrtp-1_0-0-1.16.3-150200.4.6.2

libgstrtp-1_0-0-32bit-1.16.3-150200.4.6.2

libgstrtsp-1_0-0-1.16.3-150200.4.6.2

libgstrtsp-1_0-0-32bit-1.16.3-150200.4.6.2

libgstsdp-1_0-0-1.16.3-150200.4.6.2

libgstsdp-1_0-0-32bit-1.16.3-150200.4.6.2

libgsttag-1_0-0-1.16.3-150200.4.6.2

libgsttag-1_0-0-32bit-1.16.3-150200.4.6.2

libgstvideo-1_0-0-1.16.3-150200.4.6.2

libgstvideo-1_0-0-32bit-1.16.3-150200.4.6.2

typelib-1_0-GstAllocators-1_0-1.16.3-150200.4.6.2

typelib-1_0-GstApp-1_0-1.16.3-150200.4.6.2

typelib-1_0-GstAudio-1_0-1.16.3-150200.4.6.2

typelib-1_0-GstGL-1_0-1.16.3-150200.4.6.2

typelib-1_0-GstPbutils-1_0-1.16.3-150200.4.6.2

typelib-1_0-GstRtp-1_0-1.16.3-150200.4.6.2

typelib-1_0-GstRtsp-1_0-1.16.3-150200.4.6.2

typelib-1_0-GstSdp-1_0-1.16.3-150200.4.6.2

typelib-1_0-GstTag-1_0-1.16.3-150200.4.6.2

typelib-1_0-GstVideo-1_0-1.16.3-150200.4.6.2

openSUSE Leap 15.4

gstreamer-plugins-base-doc-1.16.3-150200.4.6.2

openSUSE Leap Micro 5.2

gstreamer-plugins-base-1.16.3-150200.4.6.2

libgstallocators-1_0-0-1.16.3-150200.4.6.2

libgstapp-1_0-0-1.16.3-150200.4.6.2

libgstaudio-1_0-0-1.16.3-150200.4.6.2

libgstgl-1_0-0-1.16.3-150200.4.6.2

libgstpbutils-1_0-0-1.16.3-150200.4.6.2

libgstriff-1_0-0-1.16.3-150200.4.6.2

libgsttag-1_0-0-1.16.3-150200.4.6.2

libgstvideo-1_0-0-1.16.3-150200.4.6.2

Ссылки

https://www.suse.com/support/update/announcement/2022/suse-su-20223907-1/
Link for SUSE-SU-2022:3907-1
https://lists.suse.com/pipermail/sle-security-updates/2022-November/012843.html
E-Mail link for SUSE-SU-2022:3907-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1185448
SUSE Bug 1185448
https://www.suse.com/security/cve/CVE-2021-3522/
SUSE CVE CVE-2021-3522 page

Описание

GStreamer before 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags.

Затронутые продукты

SUSE Linux Enterprise Micro 5.2:gstreamer-plugins-base-1.16.3-150200.4.6.2

SUSE Linux Enterprise Micro 5.2:libgstallocators-1_0-0-1.16.3-150200.4.6.2

SUSE Linux Enterprise Micro 5.2:libgstapp-1_0-0-1.16.3-150200.4.6.2

SUSE Linux Enterprise Micro 5.2:libgstaudio-1_0-0-1.16.3-150200.4.6.2

Ссылки

https://www.suse.com/security/cve/CVE-2021-3522.html
CVE-2021-3522
https://bugzilla.suse.com/1185448
SUSE Bug 1185448

SUSE-SU-2022:3907-1

Описание

Список пакетов

SUSE Linux Enterprise Micro 5.2

SUSE Linux Enterprise Module for Basesystem 15 SP3

SUSE Linux Enterprise Module for Package Hub 15 SP3

openSUSE Leap 15.3

openSUSE Leap 15.4

openSUSE Leap Micro 5.2

Ссылки

Уязвимость: CVE-2021-3522

Описание

Затронутые продукты

Ссылки