Описание
Security update for gstreamer-plugins-good
This update for gstreamer-plugins-good fixes the following issues:
- CVE-2021-3498: Matroskademux: initialize track context out parameter to NULL before parsing (bsc#1184735).
- CVE-2021-3497: Matroskademux: Fix extraction of multichannel WavPack (bsc#1184739).
This update was imported from the SUSE:SLE-15-SP2:Update update project.
Список пакетов
openSUSE Leap 15.2
gstreamer-plugins-good-1.16.3-lp152.2.6.1
gstreamer-plugins-good-32bit-1.16.3-lp152.2.6.1
gstreamer-plugins-good-doc-1.16.3-lp152.2.6.1
gstreamer-plugins-good-extra-1.16.3-lp152.2.6.1
gstreamer-plugins-good-extra-32bit-1.16.3-lp152.2.6.1
gstreamer-plugins-good-gtk-1.16.3-lp152.2.6.1
gstreamer-plugins-good-jack-1.16.3-lp152.2.6.1
gstreamer-plugins-good-jack-32bit-1.16.3-lp152.2.6.1
gstreamer-plugins-good-lang-1.16.3-lp152.2.6.1
gstreamer-plugins-good-qtqml-1.16.3-lp152.2.6.1
Ссылки
- E-Mail link for openSUSE-SU-2021:1230-1
- SUSE Security Ratings
- SUSE Bug 1184735
- SUSE Bug 1184739
- SUSE CVE CVE-2021-3497 page
- SUSE CVE CVE-2021-3498 page
Описание
GStreamer before 1.18.4 might access already-freed memory in error code paths when demuxing certain malformed Matroska files.
Затронутые продукты
openSUSE Leap 15.2:gstreamer-plugins-good-1.16.3-lp152.2.6.1
openSUSE Leap 15.2:gstreamer-plugins-good-32bit-1.16.3-lp152.2.6.1
openSUSE Leap 15.2:gstreamer-plugins-good-doc-1.16.3-lp152.2.6.1
openSUSE Leap 15.2:gstreamer-plugins-good-extra-1.16.3-lp152.2.6.1
Ссылки
- CVE-2021-3497
- SUSE Bug 1184739
Описание
GStreamer before 1.18.4 might cause heap corruption when parsing certain malformed Matroska files.
Затронутые продукты
openSUSE Leap 15.2:gstreamer-plugins-good-1.16.3-lp152.2.6.1
openSUSE Leap 15.2:gstreamer-plugins-good-32bit-1.16.3-lp152.2.6.1
openSUSE Leap 15.2:gstreamer-plugins-good-doc-1.16.3-lp152.2.6.1
openSUSE Leap 15.2:gstreamer-plugins-good-extra-1.16.3-lp152.2.6.1
Ссылки
- CVE-2021-3498
- SUSE Bug 1184735