ALSA-2025:7243

[ALSA-2025:7243] Moderate: gstreamer1-plugins-base security update

Type:

security

Severity:

moderate

Release date:

2025-07-02

Description:

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-base packages contain a collection of well-maintained base plug-ins.  

Security Fix(es):  

  * gstreamer1-plugins-base: ID3v2 parser out-of-bounds read and NULL-pointer dereference (CVE-2024-47542)
  * gstreamer1-plugins-base: GStreamer has an out-of-bounds write in SSA subtitle parser (CVE-2024-47541)
  * gstreamer1-plugins-base: GStreamer has an OOB-read in format_channel_mask (CVE-2024-47600)
  * gstreamer1-plugins-base: NULL-pointer dereference in LRC subtitle parser (CVE-2024-47835)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.  

Additional Changes:  

For detailed information on changes in this release, see the AlmaLinuxRelease Notes linked from the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	gstreamer1-plugins-base-1.22.12-4.el9.aarch64.rpm	044943bced98620a1c4b15f4335399d6ce1ef5991c479d945eeab83e67d4aca3
aarch64	gstreamer1-plugins-base-devel-1.22.12-4.el9.aarch64.rpm	57e47580c935dde646110f8b54194678d2a8ae74b599bd4c8b340aa511b03b4e
aarch64	gstreamer1-plugins-base-tools-1.22.12-4.el9.aarch64.rpm	873aaf8518a8a935b5b57f16621eb48973391d4fbdb8fe6d1c66f319a4146802
i686	gstreamer1-plugins-base-devel-1.22.12-4.el9.i686.rpm	21ecc2f3ddb836c3801ee570c6f5dc0d729b24149497abbca517fc976f8f1333
i686	gstreamer1-plugins-base-1.22.12-4.el9.i686.rpm	47aebf346f3a9fa2f63d8f2e5762d6b835b43ee5ea3f664e21de9a6178dfe7ff
ppc64le	gstreamer1-plugins-base-devel-1.22.12-4.el9.ppc64le.rpm	29a83256d3e676cdb695235452233e7a2d4b6293fe2c3b9a3f468cfbb048e858
ppc64le	gstreamer1-plugins-base-tools-1.22.12-4.el9.ppc64le.rpm	ddc3f06b453a0c0b97402e2901b4b3fe1864f69005eb5928592b208bed0ed16d
ppc64le	gstreamer1-plugins-base-1.22.12-4.el9.ppc64le.rpm	fb6009fc7e2818e44be0ba7b02fdb5e6c90e8dd4ac8ad6da64a76ec3de213c3d
s390x	gstreamer1-plugins-base-1.22.12-4.el9.s390x.rpm	1d384ed111f0f6db6768d73902a11b83b1fbfa646fa80cd25ed9c579be4199a1
s390x	gstreamer1-plugins-base-tools-1.22.12-4.el9.s390x.rpm	411ad6e69d07db5b54f42dfd82dd24026dab308393c0e2fa5709030f71f3f71d
s390x	gstreamer1-plugins-base-devel-1.22.12-4.el9.s390x.rpm	e262846cd1490a19555853636afbb39e52342edb1907120f151d0f31b2657e88
x86_64	gstreamer1-plugins-base-1.22.12-4.el9.x86_64.rpm	2fd84eabc9e24a91f0eea72662bca557e265b634c59302a4f16abceaf30a01ab
x86_64	gstreamer1-plugins-base-tools-1.22.12-4.el9.x86_64.rpm	51ee1f34ad63b71f88588c815bfeb37cfdfdafd2b09a0a5d7874b4fe954a6bcf
x86_64	gstreamer1-plugins-base-devel-1.22.12-4.el9.x86_64.rpm	5675e98e174301ee4279ce13a42ae91697ecca5062d3087b717c9dd31973e846

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.