SUSE-SU-2021:1944-1: important: Security update for gstreamer-plugins-bad
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Thu Jun 10 13:50:40 UTC 2021
SUSE Security Update: Security update for gstreamer-plugins-bad
______________________________________________________________________________
Announcement ID: SUSE-SU-2021:1944-1
Rating: important
References: #1181255
Cross-References: CVE-2021-3185
CVSS scores:
CVE-2021-3185 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-3185 (SUSE): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Affected Products:
SUSE Linux Enterprise Module for Desktop Applications 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for gstreamer-plugins-bad fixes the following issues:
- Update to version 1.16.3:
- CVE-2021-3185: buffer overflow in
gst_h264_slice_parse_dec_ref_pic_marking() (bsc#1181255)
- amcvideodec: fix sync meta copying not taking a reference
- audiobuffersplit: Perform discont tracking on running time
- audiobuffersplit: Specify in the template caps that only interleaved
audio is supported
- audiobuffersplit: Unset DISCONT flag if not discontinuous
- autoconvert: Fix lock-less exchange or free condition
- autoconvert: fix compiler warnings with g_atomic on recent GLib versions
- avfvideosrc: element requests camera permissions even with
capture-screen property is true
- codecparsers: h264parser: guard against ref_pic_markings overflow
- dtlsconnection: Avoid segmentation fault when no srtp capabilities are
negotiated
- dtls/connection: fix EOF handling with openssl 1.1.1e
- fdkaacdec: add support for mpegversion=2
- hls: Check nettle version to ensure AES128 support
- ipcpipeline: Rework compiler checks
- interlace: Increment phase_index before checking if we're at the end of
the phase
- h264parser: Do not allocate too large size of memory for registered
user data SEI
- ladspa: fix unbounded integer properties
- modplug: avoid division by zero
- msdkdec: Fix GstMsdkContext leak
- msdkenc: fix leaks on windows
- musepackdec: Don't fail all queries if no sample rate is known yet
- openslessink: Allow openslessink to handle 48kHz streams.
- opencv: allow compilation against 4.2.x
- proxysink: event_function needs to handle the event when it is
disconnecetd from proxysrc
- vulkan: Drop use of VK_RESULT_BEGIN_RANGE
- wasapi: added missing lock release in case of error in
gst_wasapi_xxx_reset
- wasapi: Fix possible deadlock while downwards state change
- waylandsink: Clear window when pipeline is stopped
- webrtc: Support non-trickle ICE candidates in the SDP
- webrtc: Unmap all non-binary buffers received via the datachannel
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP3-2021-1944=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2021-1944=1
Package List:
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
gstreamer-plugins-bad-1.16.3-9.3.1
gstreamer-plugins-bad-chromaprint-1.16.3-9.3.1
gstreamer-plugins-bad-chromaprint-debuginfo-1.16.3-9.3.1
gstreamer-plugins-bad-debuginfo-1.16.3-9.3.1
gstreamer-plugins-bad-debugsource-1.16.3-9.3.1
gstreamer-plugins-bad-devel-1.16.3-9.3.1
libgstadaptivedemux-1_0-0-1.16.3-9.3.1
libgstadaptivedemux-1_0-0-debuginfo-1.16.3-9.3.1
libgstbadaudio-1_0-0-1.16.3-9.3.1
libgstbadaudio-1_0-0-debuginfo-1.16.3-9.3.1
libgstbasecamerabinsrc-1_0-0-1.16.3-9.3.1
libgstbasecamerabinsrc-1_0-0-debuginfo-1.16.3-9.3.1
libgstcodecparsers-1_0-0-1.16.3-9.3.1
libgstcodecparsers-1_0-0-debuginfo-1.16.3-9.3.1
libgstinsertbin-1_0-0-1.16.3-9.3.1
libgstinsertbin-1_0-0-debuginfo-1.16.3-9.3.1
libgstisoff-1_0-0-1.16.3-9.3.1
libgstisoff-1_0-0-debuginfo-1.16.3-9.3.1
libgstmpegts-1_0-0-1.16.3-9.3.1
libgstmpegts-1_0-0-debuginfo-1.16.3-9.3.1
libgstplayer-1_0-0-1.16.3-9.3.1
libgstplayer-1_0-0-debuginfo-1.16.3-9.3.1
libgstsctp-1_0-0-1.16.3-9.3.1
libgstsctp-1_0-0-debuginfo-1.16.3-9.3.1
libgsturidownloader-1_0-0-1.16.3-9.3.1
libgsturidownloader-1_0-0-debuginfo-1.16.3-9.3.1
libgstwayland-1_0-0-1.16.3-9.3.1
libgstwayland-1_0-0-debuginfo-1.16.3-9.3.1
libgstwebrtc-1_0-0-1.16.3-9.3.1
libgstwebrtc-1_0-0-debuginfo-1.16.3-9.3.1
typelib-1_0-GstInsertBin-1_0-1.16.3-9.3.1
typelib-1_0-GstMpegts-1_0-1.16.3-9.3.1
typelib-1_0-GstPlayer-1_0-1.16.3-9.3.1
typelib-1_0-GstWebRTC-1_0-1.16.3-9.3.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (noarch):
gstreamer-plugins-bad-lang-1.16.3-9.3.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
gstreamer-plugins-bad-debuginfo-1.16.3-9.3.1
gstreamer-plugins-bad-debugsource-1.16.3-9.3.1
libgstphotography-1_0-0-1.16.3-9.3.1
libgstphotography-1_0-0-debuginfo-1.16.3-9.3.1
References:
https://www.suse.com/security/cve/CVE-2021-3185.html
https://bugzilla.suse.com/1181255
More information about the sle-security-updates
mailing list