MGASA-2026-0222

Updated gstreamer1.0-plugins-bad, gstreamer1.0-plugins-base, gstreamer1.0-plugins-good & gstreamer1.0-plugins-ugly packages fix security vulnerabilities

Details

CVE-2026-2921, GStreamer RIFF Palette Integer Overflow Remote Code Execution Vulnerability CVE-2026-2923.GStreamer DVB Subtitles Out-Of-Bounds Write Remote Code Execution Vulnerability CVE-2026-3082, GStreamer JPEG Parser Heap-based Buffer Overflow Remote Code Execution Vulnerability CVE-2026-3085, GStreamer rtpqdm2depay Heap-based Buffer Overflow Remote Code Execution Vulnerability CVE-2026-2920, GStreamer ASF Demuxer Heap-based Buffer Overflow Remote Code Execution Vulnerability CVE-2026-2922, GStreamer ASF Demuxer Heap-based Buffer Overflow Remote Code Execution Vulnerability CVE-2026-1940, Gstreamer: incomplete fix of CVE-2026-1940

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:9

gstreamer1.0-plugins-bad

Package

Name: gstreamer1.0-plugins-bad
Purl: pkg:rpm/mageia/gstreamer1.0-plugins-bad?arch=source&distro=mageia-9

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.22.11-1.2.mga9

Ecosystem specific

{
    "section": "core"
}

Database specific

source

"https://advisories.mageia.org/MGASA-2026-0222.json"

gstreamer1.0-plugins-base

Package

Name: gstreamer1.0-plugins-base
Purl: pkg:rpm/mageia/gstreamer1.0-plugins-base?arch=source&distro=mageia-9

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.22.11-1.3.mga9

Ecosystem specific

{
    "section": "core"
}

Database specific

source

"https://advisories.mageia.org/MGASA-2026-0222.json"

gstreamer1.0-plugins-good

Package

Name: gstreamer1.0-plugins-good
Purl: pkg:rpm/mageia/gstreamer1.0-plugins-good?arch=source&distro=mageia-9

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.22.11-1.2.mga9

Ecosystem specific

{
    "section": "core"
}

Database specific

source

"https://advisories.mageia.org/MGASA-2026-0222.json"

gstreamer1.0-plugins-ugly

Package

Name: gstreamer1.0-plugins-ugly
Purl: pkg:rpm/mageia/gstreamer1.0-plugins-ugly?arch=source&distro=mageia-9

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.22.11-1.1.mga9

Ecosystem specific

{
    "section": "core"
}

Database specific

source

"https://advisories.mageia.org/MGASA-2026-0222.json"

gstreamer1.0-plugins-bad

Package

Name: gstreamer1.0-plugins-bad
Purl: pkg:rpm/mageia/gstreamer1.0-plugins-bad?arch=source&distro=mageia-9

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.22.11-1.2.mga9.tainted

Ecosystem specific

{
    "section": "tainted"
}

Database specific

source

"https://advisories.mageia.org/MGASA-2026-0222.json"

gstreamer1.0-plugins-ugly

Package

Name: gstreamer1.0-plugins-ugly
Purl: pkg:rpm/mageia/gstreamer1.0-plugins-ugly?arch=source&distro=mageia-9

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.22.11-1.1.mga9.tainted

Ecosystem specific

{
    "section": "tainted"
}

Database specific

source

"https://advisories.mageia.org/MGASA-2026-0222.json"