ELSA-2024-2287

ULN >
Oracle Linux Errata repository >
ELSA-2024-2287

ELSA-2024-2287 - gstreamer1-plugins-bad-free security update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2024-05-02

Description

[1.22.1-4]
- CVE-2023-40474: Integer overflow leading to heap overwrite in MXF
- CVE-2023-40475: Integer overflow leading to heap overwrite in MXF
- CVE-2023-40476: Integer overflow in H.265 video parser
- ZDI-CAN-22300: buffer overflow vulnerability
- Resolves: RHEL-19501, RHEL-19505, RHEL-19506, RHEL-20201

[1.22.1-3]
- Bump version
- Resolves: RHEL-16795, RHEL-16788

Related CVEs

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	gstreamer1-plugins-bad-free-1.22.1-4.el9.src.rpm	9e64fc4991d1d5b0cbad3a6fe80cea88ee4379cf682ad7e4a0bb0f8eac49d0a0	-	ol9_aarch64_appstream
	gstreamer1-plugins-bad-free-1.22.1-4.el9.src.rpm	9e64fc4991d1d5b0cbad3a6fe80cea88ee4379cf682ad7e4a0bb0f8eac49d0a0	-	ol9_aarch64_codeready_builder
	gstreamer1-plugins-bad-free-1.22.1-4.el9.aarch64.rpm	9dff3bdd777bad32d03a54c04c1c274e43ef9a5acd463489d1ea307035f8d996	-	ol9_aarch64_appstream
	gstreamer1-plugins-bad-free-devel-1.22.1-4.el9.aarch64.rpm	12a649adfd550a5e01508bb7a91acfe1d107af858d367b2c33aaa0043b9bf311	-	ol9_aarch64_codeready_builder

Oracle Linux 9 (x86_64)	gstreamer1-plugins-bad-free-1.22.1-4.el9.src.rpm	9e64fc4991d1d5b0cbad3a6fe80cea88ee4379cf682ad7e4a0bb0f8eac49d0a0	-	ol9_x86_64_appstream
	gstreamer1-plugins-bad-free-1.22.1-4.el9.src.rpm	9e64fc4991d1d5b0cbad3a6fe80cea88ee4379cf682ad7e4a0bb0f8eac49d0a0	-	ol9_x86_64_codeready_builder
	gstreamer1-plugins-bad-free-1.22.1-4.el9.i686.rpm	60794153f492b39fd6af2d47e7b59b0c42d6416b03c42e3b67e178f4ff79d0e0	-	ol9_x86_64_appstream
	gstreamer1-plugins-bad-free-1.22.1-4.el9.x86_64.rpm	a489ad15d123b2e92faaa7c71fc32b0706a61c3f575c6d456337b809f7dc71df	-	ol9_x86_64_appstream
	gstreamer1-plugins-bad-free-devel-1.22.1-4.el9.i686.rpm	2d11e6e4bd4045f53e5d1076be7df9ca2ce08682841b46486082b590c845ae22	-	ol9_x86_64_codeready_builder
	gstreamer1-plugins-bad-free-devel-1.22.1-4.el9.x86_64.rpm	fddad2a57ee4614b790e2b0962de792126273e075719276c50d8ef9944a14875	-	ol9_x86_64_codeready_builder

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691