Overview

File _patchinfo of Package patchinfo.19901

<patchinfo incident="19901">
  <issue tracker="bnc" id="1181255">VUL-0: CVE-2021-3185: gstreamer-plugins-bad: buffer overflow in gst_h264_slice_parse_dec_ref_pic_marking</issue>
  <issue tracker="cve" id="2021-3185"/>
  <packager>zcjia</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for gstreamer-plugins-bad</summary>
  <description>This update for gstreamer-plugins-bad fixes the following issues:

- Update to version 1.16.3:
 - CVE-2021-3185: buffer overflow in gst_h264_slice_parse_dec_ref_pic_marking() (bsc#1181255)
 - amcvideodec: fix sync meta copying not taking a reference
 - audiobuffersplit: Perform discont tracking on running time
 - audiobuffersplit: Specify in the template caps that only interleaved audio is supported
 - audiobuffersplit: Unset DISCONT flag if not discontinuous
 - autoconvert: Fix lock-less exchange or free condition
 - autoconvert: fix compiler warnings with g_atomic on recent GLib versions
 - avfvideosrc: element requests camera permissions even with capture-screen property is true
 - codecparsers: h264parser: guard against ref_pic_markings overflow
 - dtlsconnection: Avoid segmentation fault when no srtp capabilities are negotiated
 - dtls/connection: fix EOF handling with openssl 1.1.1e
 - fdkaacdec: add support for mpegversion=2
 - hls: Check nettle version to ensure AES128 support
 - ipcpipeline: Rework compiler checks
 - interlace: Increment phase_index before checking if we're at the end of the phase
 - h264parser: Do not allocate too large size of memory for registered user data SEI
 - ladspa: fix unbounded integer properties
 - modplug: avoid division by zero
 - msdkdec: Fix GstMsdkContext leak
 - msdkenc: fix leaks on windows
 - musepackdec: Don't fail all queries if no sample rate is known yet
 - openslessink: Allow openslessink to handle 48kHz streams.
 - opencv: allow compilation against 4.2.x
 - proxysink: event_function needs to handle the event when it is disconnecetd from proxysrc
 - vulkan: Drop use of VK_RESULT_BEGIN_RANGE
 - wasapi: added missing lock release in case of error in gst_wasapi_xxx_reset
 - wasapi: Fix possible deadlock while downwards state change
 - waylandsink: Clear window when pipeline is stopped
 - webrtc: Support non-trickle ICE candidates in the SDP
 - webrtc: Unmap all non-binary buffers received via the datachannel
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places