Description:
GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-good packages contain a collection of well-supported plug-ins of good quality and under the LGPL license.
Security Fix(es):
* gstreamer1-plugins-good: OOB-read in qtdemux_parse_container (CVE-2024-47543)
* gstreamer1-plugins-good: GStreamer has an OOB-read in gst_avi_subtitle_parse_gab2_chunk (CVE-2024-47774)
* gstreamer1-plugins-good: OOB-read in gst_wavparse_smpl_chunk (CVE-2024-47777)
* gstreamer1-plugins-good: OOB-read in gst_wavparse_adtl_chunk (CVE-2024-47778)
* gstreamer1-plugins-good: OOB-read in parse_ds64 (CVE-2024-47775)
* gstreamer1-plugins-good: OOB-read in FOURCC_SMI_ parsing (CVE-2024-47596)
* gstreamer1-plugins-good: insufficient error handling in JPEG decoder that can lead to NULL-pointer dereferences (CVE-2024-47599)
* gstreamer1-plugins-good: Use-After-Free read in Matroska CodecPrivate (CVE-2024-47834)
* gstreamer1-plugins-good: OOB-read in gst_wavparse_cue_chunk (CVE-2024-47776)
* gstreamer1-plugins-good: NULL-pointer dereferences in MP4/MOV demuxer CENC handling (CVE-2024-47544)
* gstreamer1-plugins-good: NULL-pointer dereference in Matroska/WebM demuxer (CVE-2024-47601)
* gstreamer1-plugins-good: OOB-read in qtdemux_parse_samples (CVE-2024-47597)
* gstreamer1-plugins-good: integer underflow in extract_cc_from_data leading to OOB-read (CVE-2024-47546)
* gstreamer1-plugins-good: NULL-pointer dereferences and out-of-bounds reads in Matroska/WebM demuxer (CVE-2024-47602)
* gstreamer1-plugins-good: OOB-read in qtdemux_merge_sample_table (CVE-2024-47598)
* gstreamer1-plugins-good: NULL-pointer dereference in Matroska/WebM demuxer (CVE-2024-47603)
* gstreamer1-plugins-good: integer underflow in FOURCC_strf parsing leading to OOB-read (CVE-2024-47545)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinuxRelease Notes linked from the References section.
Updated packages listed below:
| Architecture |
Package |
Checksum |
| aarch64 |
gstreamer1-plugins-good-1.22.12-4.el9.aarch64.rpm |
5b5633481ba3f21d639b3c90e1adf76dffc4cf4da1cf9affa9be133e8c6860dc |
| aarch64 |
gstreamer1-plugins-good-gtk-1.22.12-4.el9.aarch64.rpm |
9cba9278d12eabf8f762a5f289191701841f9b262cb03e97c7adc55d24945c3a |
| i686 |
gstreamer1-plugins-good-1.22.12-4.el9.i686.rpm |
3bda2e114790b0dde3041df033f5658c1ba7c63fb217df7d57bf80c8d2a06c45 |
| i686 |
gstreamer1-plugins-good-gtk-1.22.12-4.el9.i686.rpm |
d4659d46127f89526ba95a8539fb5a054372971d690c54ec495370f1e2cabf4e |
| ppc64le |
gstreamer1-plugins-good-1.22.12-4.el9.ppc64le.rpm |
b0e087a106d373dd41eccfec76c7b4359573e0195446f84083852aa4530d6e5b |
| ppc64le |
gstreamer1-plugins-good-gtk-1.22.12-4.el9.ppc64le.rpm |
f0065350c93274fe8ed03e9ce5501af009fe3d6c3225c0be7482cecb7677584b |
| s390x |
gstreamer1-plugins-good-1.22.12-4.el9.s390x.rpm |
483ea0d23fc8068cf646abb3ac44f2ca1dec14c2b4cdb23ed518a7f8cf5af234 |
| s390x |
gstreamer1-plugins-good-gtk-1.22.12-4.el9.s390x.rpm |
b9942d62d3ec3501c7ad518366268f2748b94bd297dacd956df0248316efea95 |
| x86_64 |
gstreamer1-plugins-good-gtk-1.22.12-4.el9.x86_64.rpm |
232256d7db990e4dcfba0dc6ac6b4ff98e767cf9baf52def7527986f7ff3d0b9 |
| x86_64 |
gstreamer1-plugins-good-1.22.12-4.el9.x86_64.rpm |
9b6cb0ad20c5a42ce5b60cabba947c51a6e805ac4f7d61422317a0aaeda4621d |
