[ALSA-2026:36674] Moderate: gstreamer1-plugins-ugly-free security update
Type:
security
Severity:
moderate
Release date:
2026-07-09
Description:
GStreamer is a streaming media framework, based on graphs of elements which operate on media data. This package contains plug-ins whose license is not fully compatible with LGPL. Security Fix(es): * gstreamer1-plugins-ugly-free: GStreamer: Out-of-bounds read in RealMedia demuxer audio stream header parser (CVE-2026-53703) * gstreamer1-plugins-ugly-free: GStreamer: Out-of-bounds read in RealMedia demuxer FILEINFO metadata parser (CVE-2026-53704) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
Architecture Package Checksum
aarch64 gstreamer1-plugins-ugly-free-1.22.12-6.el9_8.1.aarch64.rpm 2f63be1285fffc17173e12a227e3c2550aa72783c39a68d9fa1389d673eb7f17
i686 gstreamer1-plugins-ugly-free-1.22.12-6.el9_8.1.i686.rpm 44a194460970a1ae60a7e02504e5d57432c59dbfc844abc9efd07501a75bf782
ppc64le gstreamer1-plugins-ugly-free-1.22.12-6.el9_8.1.ppc64le.rpm 4f4d25d8b148a1a6b405289cf4b008f51bc786fdb89685718ac345c59cf07447
x86_64 gstreamer1-plugins-ugly-free-1.22.12-6.el9_8.1.x86_64.rpm 3d772ab7ea148f6ad67a01cbe259cbfb59b3792f8677cf8b3455c1d3cad568ef
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.