Описание
Security update for gstreamer-plugins-good
This update for gstreamer-plugins-good fixes the following issues:
- CVE-2021-3498: Matroskademux: initialize track context out parameter to NULL before parsing (bsc#1184735).
- CVE-2021-3497: Matroskademux: Fix extraction of multichannel WavPack (bsc#1184739).
Список пакетов
openSUSE Leap 15.3
gstreamer-plugins-good-1.16.3-3.6.1
gstreamer-plugins-good-32bit-1.16.3-3.6.1
gstreamer-plugins-good-doc-1.16.3-3.6.1
gstreamer-plugins-good-extra-1.16.3-3.6.1
gstreamer-plugins-good-extra-32bit-1.16.3-3.6.1
gstreamer-plugins-good-gtk-1.16.3-3.6.1
gstreamer-plugins-good-jack-1.16.3-3.6.1
gstreamer-plugins-good-jack-32bit-1.16.3-3.6.1
gstreamer-plugins-good-lang-1.16.3-3.6.1
gstreamer-plugins-good-qtqml-1.16.3-3.6.1
Ссылки
- E-Mail link for openSUSE-SU-2021:2915-1
- SUSE Security Ratings
- SUSE Bug 1184735
- SUSE Bug 1184739
- SUSE CVE CVE-2021-3497 page
- SUSE CVE CVE-2021-3498 page
Описание
GStreamer before 1.18.4 might access already-freed memory in error code paths when demuxing certain malformed Matroska files.
Затронутые продукты
openSUSE Leap 15.3:gstreamer-plugins-good-1.16.3-3.6.1
openSUSE Leap 15.3:gstreamer-plugins-good-32bit-1.16.3-3.6.1
openSUSE Leap 15.3:gstreamer-plugins-good-doc-1.16.3-3.6.1
openSUSE Leap 15.3:gstreamer-plugins-good-extra-1.16.3-3.6.1
Ссылки
- CVE-2021-3497
- SUSE Bug 1184739
Описание
GStreamer before 1.18.4 might cause heap corruption when parsing certain malformed Matroska files.
Затронутые продукты
openSUSE Leap 15.3:gstreamer-plugins-good-1.16.3-3.6.1
openSUSE Leap 15.3:gstreamer-plugins-good-32bit-1.16.3-3.6.1
openSUSE Leap 15.3:gstreamer-plugins-good-doc-1.16.3-3.6.1
openSUSE Leap 15.3:gstreamer-plugins-good-extra-1.16.3-3.6.1
Ссылки
- CVE-2021-3498
- SUSE Bug 1184735