Overview

File _patchinfo of Package patchinfo.30421

<patchinfo incident="30421">
  <issue tracker="bnc" id="1213128">VUL-0: CVE-2023-37327: gstreamer-plugins-good,gstreamer-plugins-base,gstreamer-0_10-plugins-good: GStreamer FLAC File Parsing Integer Overflow Remote Code Execution Vulnerability</issue>
  <issue tracker="bnc" id="1213131">VUL-0: CVE-2023-37328: gstreamer-0_10-plugins-base,gstreamer-plugins-base: GStreamer SRT subtitle File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability</issue>
  <issue tracker="bnc" id="1185448">VUL-0: CVE-2021-3522: gstreamer-plugins-base: out-of-bounds read when handling certain ID3v2 tags</issue>
  <issue tracker="cve" id="2023-37327"/>
  <issue tracker="cve" id="2023-37328"/>
  <issue tracker="cve" id="2021-3522"/>
  <packager>alarrosa</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for gstreamer-plugins-base</summary>
  <description>This update for gstreamer-plugins-base fixes the following issues:

- CVE-2023-37327: Fixed FLAC file parsing integer overflow (bsc#1213128).
- CVE-2023-37328: Fixed PGS file parsing heap-based buffer overflow (bsc#1213131).
- CVE-2021-3522: Fixed frame size check and potential invalid reads (bsc#1185448).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places