SUSE-SU-2022:3911-1

Опубликовано: 08 нояб. 2022

Источник: suse-cvrf

Описание

Security update for gstreamer-plugins-base

This update for gstreamer-plugins-base fixes the following issues:

CVE-2021-3522: Fixed frame size check and potential invalid reads (bsc#1185448).

Список пакетов

SUSE Linux Enterprise Server 12 SP5

gstreamer-plugins-base-1.8.3-13.6.1

gstreamer-plugins-base-lang-1.8.3-13.6.1

libgstallocators-1_0-0-1.8.3-13.6.1

libgstapp-1_0-0-1.8.3-13.6.1

libgstapp-1_0-0-32bit-1.8.3-13.6.1

libgstaudio-1_0-0-1.8.3-13.6.1

libgstaudio-1_0-0-32bit-1.8.3-13.6.1

libgstfft-1_0-0-1.8.3-13.6.1

libgstpbutils-1_0-0-1.8.3-13.6.1

libgstpbutils-1_0-0-32bit-1.8.3-13.6.1

libgstriff-1_0-0-1.8.3-13.6.1

libgstrtp-1_0-0-1.8.3-13.6.1

libgstrtsp-1_0-0-1.8.3-13.6.1

libgstsdp-1_0-0-1.8.3-13.6.1

libgsttag-1_0-0-1.8.3-13.6.1

libgsttag-1_0-0-32bit-1.8.3-13.6.1

libgstvideo-1_0-0-1.8.3-13.6.1

libgstvideo-1_0-0-32bit-1.8.3-13.6.1

SUSE Linux Enterprise Server for SAP Applications 12 SP5

gstreamer-plugins-base-1.8.3-13.6.1

gstreamer-plugins-base-lang-1.8.3-13.6.1

libgstallocators-1_0-0-1.8.3-13.6.1

libgstapp-1_0-0-1.8.3-13.6.1

libgstapp-1_0-0-32bit-1.8.3-13.6.1

libgstaudio-1_0-0-1.8.3-13.6.1

libgstaudio-1_0-0-32bit-1.8.3-13.6.1

libgstfft-1_0-0-1.8.3-13.6.1

libgstpbutils-1_0-0-1.8.3-13.6.1

libgstpbutils-1_0-0-32bit-1.8.3-13.6.1

libgstriff-1_0-0-1.8.3-13.6.1

libgstrtp-1_0-0-1.8.3-13.6.1

libgstrtsp-1_0-0-1.8.3-13.6.1

libgstsdp-1_0-0-1.8.3-13.6.1

libgsttag-1_0-0-1.8.3-13.6.1

libgsttag-1_0-0-32bit-1.8.3-13.6.1

libgstvideo-1_0-0-1.8.3-13.6.1

libgstvideo-1_0-0-32bit-1.8.3-13.6.1

SUSE Linux Enterprise Software Development Kit 12 SP5

gstreamer-plugins-base-devel-1.8.3-13.6.1

typelib-1_0-GstAllocators-1_0-1.8.3-13.6.1

typelib-1_0-GstApp-1_0-1.8.3-13.6.1

typelib-1_0-GstAudio-1_0-1.8.3-13.6.1

typelib-1_0-GstFft-1_0-1.8.3-13.6.1

typelib-1_0-GstPbutils-1_0-1.8.3-13.6.1

typelib-1_0-GstRtp-1_0-1.8.3-13.6.1

typelib-1_0-GstRtsp-1_0-1.8.3-13.6.1

typelib-1_0-GstSdp-1_0-1.8.3-13.6.1

typelib-1_0-GstTag-1_0-1.8.3-13.6.1

typelib-1_0-GstVideo-1_0-1.8.3-13.6.1

SUSE Linux Enterprise Workstation Extension 12 SP5

libgstfft-1_0-0-32bit-1.8.3-13.6.1

typelib-1_0-GstAudio-1_0-1.8.3-13.6.1

typelib-1_0-GstPbutils-1_0-1.8.3-13.6.1

typelib-1_0-GstTag-1_0-1.8.3-13.6.1

typelib-1_0-GstVideo-1_0-1.8.3-13.6.1

Ссылки

https://www.suse.com/support/update/announcement/2022/suse-su-20223911-1/
Link for SUSE-SU-2022:3911-1
https://lists.suse.com/pipermail/sle-security-updates/2022-November/012845.html
E-Mail link for SUSE-SU-2022:3911-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1185448
SUSE Bug 1185448
https://www.suse.com/security/cve/CVE-2021-3522/
SUSE CVE CVE-2021-3522 page

Описание

GStreamer before 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags.

Затронутые продукты

SUSE Linux Enterprise Server 12 SP5:gstreamer-plugins-base-1.8.3-13.6.1

SUSE Linux Enterprise Server 12 SP5:gstreamer-plugins-base-lang-1.8.3-13.6.1

SUSE Linux Enterprise Server 12 SP5:libgstallocators-1_0-0-1.8.3-13.6.1

SUSE Linux Enterprise Server 12 SP5:libgstapp-1_0-0-1.8.3-13.6.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-3522.html
CVE-2021-3522
https://bugzilla.suse.com/1185448
SUSE Bug 1185448

SUSE-SU-2022:3911-1

Описание

Список пакетов

SUSE Linux Enterprise Server 12 SP5

SUSE Linux Enterprise Server for SAP Applications 12 SP5

SUSE Linux Enterprise Software Development Kit 12 SP5

SUSE Linux Enterprise Workstation Extension 12 SP5

Ссылки

Уязвимость: CVE-2021-3522

Описание

Затронутые продукты

Ссылки