UbuntuUpdates.org

Package "gir1.2-gst-plugins-base-1.0"

Name: gir1.2-gst-plugins-base-1.0

Description:

GObject introspection data for the GStreamer Plugins Base library

Latest version: 1.8.3-1ubuntu0.3
Release: xenial (16.04)
Level: updates
Repository: main
Head package: gst-plugins-base1.0
Homepage: http://gstreamer.freedesktop.org/modules/gst-plugins-base.html

Links


Download "gir1.2-gst-plugins-base-1.0"


Other versions of "gir1.2-gst-plugins-base-1.0" in Xenial

Repository Area Version
base main 1.8.0-1ubuntu1
security main 1.8.3-1ubuntu0.3

Changelog

Version: 1.8.3-1ubuntu0.3 2019-04-29 15:07:19 UTC

  gst-plugins-base1.0 (1.8.3-1ubuntu0.3) xenial-security; urgency=medium

  * SECURITY UPDATE: heap overflow in RTSP parser
    - debian/patches/CVE-2019-9928.patch: limit length in
      gst-libs/gst/rtsp/gstrtspconnection.c.
    - CVE-2019-9928

 -- Marc Deslauriers <email address hidden> Fri, 26 Apr 2019 09:43:17 -0400

Source diff to previous version
CVE-2019-9928 GStreamer before 1.16.0 has a heap-based buffer overflow in the RTSP connection parser via a crafted response from a server, potentially allowing rem

Version: 1.8.3-1ubuntu0.2 2017-03-27 19:07:07 UTC

  gst-plugins-base1.0 (1.8.3-1ubuntu0.2) xenial-security; urgency=medium

  * SECURITY UPDATE: DoS in windows_icon_typefind
    - debian/patches/CVE-2016-9811.patch: add bounds check in
      gst/typefind/gsttypefindfunctions.c.
    - CVE-2016-9811
  * SECURITY UPDATE: DoS in gst_riff_create_audio_caps
    - debian/patches/CVE-2017-5837.patch: check for valid channels/rate in
      gst-libs/gst/riff/riff-media.c.
    - CVE-2017-5837
  * SECURITY UPDATE: DoS in gst_riff_create_audio_caps
    - debian/patches/CVE-2017-5839.patch: fix infinite recursion in
      gst-libs/gst/riff/riff-media.c.
    - CVE-2017-5839
  * SECURITY UPDATE: DoS in html_context_handle_element
    - debian/patches/CVE-2017-5842.patch: check for non-zero length in
      gst/subparse/samiparse.c.
    - CVE-2017-5842
  * SECURITY UPDATE: DoS in gst_riff_create_audio_caps
    - debian/patches/CVE-2017-5844.patch: fix divide by zero in
      gst-libs/gst/riff/riff-media.c.
    - CVE-2017-5844

 -- Marc Deslauriers <email address hidden> Thu, 23 Mar 2017 13:03:22 -0400

Source diff to previous version
CVE-2016-9811 The windows_icon_typefind function in gst-plugins-base in GStreamer before 1.10.2, when G_SLICE is set to always-malloc, allows remote attackers to c
CVE-2017-5837 The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to c
CVE-2017-5839 The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 does not properly limit recu
CVE-2017-5842 The html_context_handle_element function in gst/subparse/samiparse.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause
CVE-2017-5844 The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to c

Version: 1.8.3-1ubuntu0.1 2017-02-02 19:06:44 UTC

  gst-plugins-base1.0 (1.8.3-1ubuntu0.1) xenial; urgency=medium

  * No-change backport from yakkety to 16.04 (LP: #1619600)

Source diff to previous version

Version: 1.8.2-1ubuntu0.2 2016-11-22 22:06:50 UTC

  gst-plugins-base1.0 (1.8.2-1ubuntu0.2) xenial-security; urgency=medium

  * No change rebuild in security pocket.

 -- Marc Deslauriers <email address hidden> Tue, 22 Nov 2016 09:14:03 -0500

Source diff to previous version

Version: 1.8.2-1ubuntu0.1 2016-07-18 11:06:36 UTC

  gst-plugins-base1.0 (1.8.2-1ubuntu0.1) xenial; urgency=medium

  * No-change backport to 16.04




About   -   Send Feedback to @ubuntu_updates