Описание
Security update for gstreamer-0_10-plugins-base
This update for gstreamer-0_10-plugins-base fixes the following issues:
- CVE-2025-47808: Fixed stack buffer overflow in SubRip subtitle parser (bsc#1244404)
- CVE-2025-47807: Fixed NULL-pointer dereference in TMPlayer subtitle parser (bsc#1244403)
- CVE-2025-47806: Fixed NULL-pointer dereference in SubRip subtitle parser (bsc#1244407)
Список пакетов
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5
gstreamer-0_10-plugins-base-devel-0.10.36-18.9.1
Ссылки
- Link for SUSE-SU-2025:02919-1
- E-Mail link for SUSE-SU-2025:02919-1
- SUSE Security Ratings
- SUSE Bug 1244403
- SUSE Bug 1244404
- SUSE Bug 1244407
- SUSE CVE CVE-2025-47806 page
- SUSE CVE CVE-2025-47807 page
- SUSE CVE CVE-2025-47808 page
Описание
In GStreamer through 1.26.1, the subparse plugin's parse_subrip_time function may write data past the bounds of a stack buffer, leading to a crash.
Затронутые продукты
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gstreamer-0_10-plugins-base-devel-0.10.36-18.9.1
Ссылки
- CVE-2025-47806
- SUSE Bug 1244407
Описание
In GStreamer through 1.26.1, the subparse plugin's subrip_unescape_formatting function may dereference a NULL pointer while parsing a subtitle file, leading to a crash.
Затронутые продукты
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gstreamer-0_10-plugins-base-devel-0.10.36-18.9.1
Ссылки
- CVE-2025-47807
- SUSE Bug 1244403
Описание
In GStreamer through 1.26.1, the subparse plugin's tmplayer_parse_line function may dereference a NULL pointer while parsing a subtitle file, leading to a crash.
Затронутые продукты
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gstreamer-0_10-plugins-base-devel-0.10.36-18.9.1
Ссылки
- CVE-2025-47808
- SUSE Bug 1244404