Package "gstreamer1.0-plugins-good-dbg"
Name: |
gstreamer1.0-plugins-good-dbg
|
Description: |
GStreamer plugins from the "good" set
|
Latest version: |
1.14.5-0ubuntu1~18.04.3 |
Release: |
bionic (18.04) |
Level: |
security |
Repository: |
universe |
Head package: |
gst-plugins-good1.0 |
Homepage: |
https://gstreamer.freedesktop.org |
Links
Download "gstreamer1.0-plugins-good-dbg"
Other versions of "gstreamer1.0-plugins-good-dbg" in Bionic
Changelog
gst-plugins-good1.0 (1.14.5-0ubuntu1~18.04.3) bionic-security; urgency=medium
* SECURITY UPDATE: Integer overflow
- debian/patches/CVE-2022-1920.patch: avoid integer overflow
resulting in heap corruption in WavPack header handling code
in gst/matroska/matroska-demux.c.
- CVE-2022-1920
* SECURITY UPDATE: Integer overflow
- debian/patches/CVE-2022-1921.patch: fix integer overflow resulting
in heap corruption in DIB buffer inversion code in
gst/avi/gstavidemux.c.
- CVE-2022-1921
* SECURITY UPDATE: Integer overflows
- debian/patches/CVE-2022-1922_1923_1924_1925-and-2122.patch: fix
integer overflows in zblib/bz2/etc decompression code in
gst/matroska/matroska-read-commnon.c.
- debian/patches/fix_integer_overflows_in_zlib.patch: fix in
gst/isomp4/qtdemux.c.
- CVE-2022-1922
- CVE-2022-1923
- CVE-2022-1924
- CVE-2022-1925
- CVE-2022-2122
-- Leonidas Da Silva Barbosa <email address hidden> Tue, 26 Jul 2022 07:27:13 -0300
|
Source diff to previous version |
CVE-2022-1920 |
Integer overflow in matroskademux element in gst_matroska_demux_add_wvpk_header function which allows a heap overwrite while parsing matroska files. |
CVE-2022-1921 |
Integer overflow in avidemux element in gst_avi_demux_invert function which allows a heap overwrite while parsing avi files. Potential for arbitrary |
CVE-2022-1922 |
DOS / potential heap overwrite in mkv demuxing using zlib decompression. Integer overflow in matroskademux element in gst_matroska_decompress_data fu |
CVE-2022-1923 |
DOS / potential heap overwrite in mkv demuxing using bzip decompression. Integer overflow in matroskademux element in bzip decompression function whi |
CVE-2022-1924 |
DOS / potential heap overwrite in mkv demuxing using lzo decompression. Integer overflow in matroskademux element in lzo decompression function which |
CVE-2022-1925 |
DOS / potential heap overwrite in mkv demuxing using HEADERSTRIP decompression. Integer overflow in matroskaparse element in gst_matroska_decompress_ |
CVE-2022-2122 |
DOS / potential heap overwrite in qtdemux using zlib decompression. Integer overflow in qtdemux element in qtdemux_inflate function which causes a se |
|
gst-plugins-good1.0 (1.14.5-0ubuntu1~18.04.2) bionic-security; urgency=medium
* SECURITY UPDATE: Use after free
- debian/patches/CVE-2021-3497.patch: Fix extraction of multichannel WavPack
in gst/matroska/matroska-demux.c, gst/matroska/matroska-ids.h.
- CVE-2021-3497
* SECURITY UPDATE: Heap corruption
- debian/patches/CVE-2021-3498.patch: Initialize track context out parameter to NULL
before parsing in gst/matroska/matroska-demux.c.
- CVE-2021-3498
-- Leonidas Da Silva Barbosa <email address hidden> Thu, 15 Apr 2021 13:08:04 -0300
|
Source diff to previous version |
CVE-2021-3497 |
GStreamer before 1.18.4 might access already-freed memory in error code paths when demuxing certain malformed Matroska files. |
CVE-2021-3498 |
GStreamer before 1.18.4 might cause heap corruption when parsing certain malformed Matroska files. |
|
gst-plugins-good1.0 (1.14.0-1ubuntu1) bionic; urgency=medium
* Merge with Debian unstable; remaining changes:
+ Import plugins from -bad that are needed for main applications.
- jpegformat
- camerabin (+ basecamerabinsrc + photography)
+ Break and Replace -bad versions which contained these plugins.
+ Add a library package containing the shared library and a -dev package for
compiling against it. Add Breaks and Replaces against the plugins packages
which formerly contained files shipped here.
+ Add 'pluginsdir' variable to our added pcfile for compatibility with
some external software
+ debian/control{,.in}: Update Vcs-* for Ubuntu
|
About
-
Send Feedback to @ubuntu_updates