Описание
Security update for gstreamer-plugins-rs
This update for gstreamer-plugins-rs fixes the following issues:
- CVE-2022-31394: Fixed a potential denial of service in the HTTP/2 implementation (bsc#1208556).
Список пакетов
SUSE Linux Enterprise Module for Desktop Applications 15 SP5
gstreamer-plugins-rs-0.8.2-150400.3.3.1
gstreamer-plugins-rs-devel-0.8.2-150400.3.3.1
SUSE Linux Enterprise Real Time 15 SP4
gstreamer-plugins-rs-0.8.2-150400.3.3.1
gstreamer-plugins-rs-devel-0.8.2-150400.3.3.1
Ссылки
- Link for SUSE-SU-2024:0090-1
- E-Mail link for SUSE-SU-2024:0090-1
- SUSE Security Ratings
- SUSE Bug 1208556
- SUSE CVE CVE-2022-31394 page
Описание
Hyperium Hyper before 0.14.19 does not allow for customization of the max_header_list_size method in the H2 third-party software, allowing attackers to perform HTTP2 attacks.
Затронутые продукты
SUSE Linux Enterprise Module for Desktop Applications 15 SP5:gstreamer-plugins-rs-0.8.2-150400.3.3.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP5:gstreamer-plugins-rs-devel-0.8.2-150400.3.3.1
SUSE Linux Enterprise Real Time 15 SP4:gstreamer-plugins-rs-0.8.2-150400.3.3.1
SUSE Linux Enterprise Real Time 15 SP4:gstreamer-plugins-rs-devel-0.8.2-150400.3.3.1
Ссылки
- CVE-2022-31394
- SUSE Bug 1208551