SUSE-SU-2021:1944-1

Source
https://www.suse.com/support/update/announcement/2021/suse-su-20211944-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2021:1944-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2021:1944-1
Related
Published
2021-06-10T08:52:07Z
Modified
2021-06-10T08:52:07Z
Summary
Security update for gstreamer-plugins-bad
Details

This update for gstreamer-plugins-bad fixes the following issues:

  • Update to version 1.16.3:
    • CVE-2021-3185: buffer overflow in gsth264sliceparsedecrefpicmarking() (bsc#1181255)
    • amcvideodec: fix sync meta copying not taking a reference
    • audiobuffersplit: Perform discont tracking on running time
    • audiobuffersplit: Specify in the template caps that only interleaved audio is supported
    • audiobuffersplit: Unset DISCONT flag if not discontinuous
    • autoconvert: Fix lock-less exchange or free condition
    • autoconvert: fix compiler warnings with gatomic on recent GLib versions
    • avfvideosrc: element requests camera permissions even with capture-screen property is true
    • codecparsers: h264parser: guard against refpicmarkings overflow
    • dtlsconnection: Avoid segmentation fault when no srtp capabilities are negotiated
    • dtls/connection: fix EOF handling with openssl 1.1.1e
    • fdkaacdec: add support for mpegversion=2
    • hls: Check nettle version to ensure AES128 support
    • ipcpipeline: Rework compiler checks
    • interlace: Increment phaseindex before checking if we're at the end of the phase
    • h264parser: Do not allocate too large size of memory for registered user data SEI
    • ladspa: fix unbounded integer properties
    • modplug: avoid division by zero
    • msdkdec: Fix GstMsdkContext leak
    • msdkenc: fix leaks on windows
    • musepackdec: Don't fail all queries if no sample rate is known yet
    • openslessink: Allow openslessink to handle 48kHz streams.
    • opencv: allow compilation against 4.2.x
    • proxysink: eventfunction needs to handle the event when it is disconnecetd from proxysrc
    • vulkan: Drop use of VKRESULTBEGINRANGE
    • wasapi: added missing lock release in case of error in gstwasapixxxreset
    • wasapi: Fix possible deadlock while downwards state change
    • waylandsink: Clear window when pipeline is stopped
    • webrtc: Support non-trickle ICE candidates in the SDP
    • webrtc: Unmap all non-binary buffers received via the datachannel
References

Affected packages

SUSE:Linux Enterprise Module for Basesystem 15 SP3 / gstreamer-plugins-bad

Package

Name
gstreamer-plugins-bad
Purl
purl:rpm/suse/gstreamer-plugins-bad&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.16.3-9.3.1

Ecosystem specific

{
    "binaries": [
        {
            "libgstphotography-1_0-0": "1.16.3-9.3.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Desktop Applications 15 SP3 / gstreamer-plugins-bad

Package

Name
gstreamer-plugins-bad
Purl
purl:rpm/suse/gstreamer-plugins-bad&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.16.3-9.3.1

Ecosystem specific

{
    "binaries": [
        {
            "libgstplayer-1_0-0": "1.16.3-9.3.1",
            "libgstbadaudio-1_0-0": "1.16.3-9.3.1",
            "libgstcodecparsers-1_0-0": "1.16.3-9.3.1",
            "libgsturidownloader-1_0-0": "1.16.3-9.3.1",
            "typelib-1_0-GstInsertBin-1_0": "1.16.3-9.3.1",
            "gstreamer-plugins-bad-devel": "1.16.3-9.3.1",
            "libgstwayland-1_0-0": "1.16.3-9.3.1",
            "gstreamer-plugins-bad-chromaprint": "1.16.3-9.3.1",
            "typelib-1_0-GstPlayer-1_0": "1.16.3-9.3.1",
            "libgstisoff-1_0-0": "1.16.3-9.3.1",
            "gstreamer-plugins-bad": "1.16.3-9.3.1",
            "libgstbasecamerabinsrc-1_0-0": "1.16.3-9.3.1",
            "libgstwebrtc-1_0-0": "1.16.3-9.3.1",
            "libgstadaptivedemux-1_0-0": "1.16.3-9.3.1",
            "libgstmpegts-1_0-0": "1.16.3-9.3.1",
            "gstreamer-plugins-bad-lang": "1.16.3-9.3.1",
            "libgstinsertbin-1_0-0": "1.16.3-9.3.1",
            "typelib-1_0-GstMpegts-1_0": "1.16.3-9.3.1",
            "libgstsctp-1_0-0": "1.16.3-9.3.1",
            "typelib-1_0-GstWebRTC-1_0": "1.16.3-9.3.1"
        }
    ]
}