SUSE-SU-2024:1882-2

See a problem?
Please try reporting it to the source first.

Source

https://www.suse.com/support/update/announcement/2024/suse-su-20241882-2/

Import Source

https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2024:1882-2.json

JSON Data

https://api.osv.dev/v1/vulns/SUSE-SU-2024:1882-2

Related

CVE-2024-4453

Published

2024-05-31T06:46:41Z

Modified

2024-05-31T06:46:41Z

Summary

Security update for gstreamer-plugins-base

Details

This update for gstreamer-plugins-base fixes the following issues:

CVE-2024-4453: Fixed lack of proper validation of user-supplied data when parsing EXIF metadata (bsc#1224806)

References

Affected packages

SUSE:Linux Enterprise Micro 5.5 / gstreamer-plugins-base

Package

Name: gstreamer-plugins-base
Purl: purl:rpm/suse/gstreamer-plugins-base&distro=SUSE%20Linux%20Enterprise%20Micro%205.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.22.0-150500.3.8.2

Ecosystem specific

{
    "binaries": [
        {
            "libgstaudio-1_0-0": "1.22.0-150500.3.8.2",
            "libgstallocators-1_0-0": "1.22.0-150500.3.8.2",
            "gstreamer-plugins-base": "1.22.0-150500.3.8.2",
            "libgstriff-1_0-0": "1.22.0-150500.3.8.2",
            "libgstpbutils-1_0-0": "1.22.0-150500.3.8.2",
            "libgstvideo-1_0-0": "1.22.0-150500.3.8.2",
            "libgstapp-1_0-0": "1.22.0-150500.3.8.2",
            "libgsttag-1_0-0": "1.22.0-150500.3.8.2",
            "libgstgl-1_0-0": "1.22.0-150500.3.8.2"
        }
    ]
}