ELSA-2024-3060

ELSA-2024-3060 - gstreamer1-plugins-bad-free security update

Type:	SECURITY
Severity:	MODERATE
Release Date:	2024-05-23

Description

[1.16.1-4.0.1]
- Update origin URL [Orabug: 36209826]

[1.16.1-4]
- Patch CVE-2023-40474: Integer overflow
- Patch CVE-2023-40475: Integer overflow
- Patch CVE-2023-40476: Integer overflow in H.265 video parser
- Resolves: RHEL-19500, RHEL-19504, RHEL-19507

[1.16.1-3]
- Bump to avoid conflict with z stream.
- Resolves: RHEL-16794

Related CVEs

CVE-2023-40475

CVE-2023-40474

CVE-2023-40476

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory	Channel Label
Oracle Linux 8 (aarch64)	gstreamer1-plugins-bad-free-1.16.1-4.0.1.el8.src.rpm	33e1c78d417f9596302c3eaf05c0ccde	-	ol8_aarch64_appstream
	gstreamer1-plugins-bad-free-1.16.1-4.0.1.el8.src.rpm	33e1c78d417f9596302c3eaf05c0ccde	-	ol8_aarch64_codeready_builder
	gstreamer1-plugins-bad-free-1.16.1-4.0.1.el8.aarch64.rpm	3ee338779dd01349969fc5cbbc7f3a03	-	ol8_aarch64_appstream
	gstreamer1-plugins-bad-free-devel-1.16.1-4.0.1.el8.aarch64.rpm	83affe8f62fce240d01f06e430482741	-	ol8_aarch64_codeready_builder
Oracle Linux 8 (x86_64)	gstreamer1-plugins-bad-free-1.16.1-4.0.1.el8.src.rpm	33e1c78d417f9596302c3eaf05c0ccde	-	ol8_x86_64_appstream
	gstreamer1-plugins-bad-free-1.16.1-4.0.1.el8.src.rpm	33e1c78d417f9596302c3eaf05c0ccde	-	ol8_x86_64_codeready_builder
	gstreamer1-plugins-bad-free-1.16.1-4.0.1.el8.i686.rpm	e63e18173c88067952a44c4891fa176c	-	ol8_x86_64_appstream
	gstreamer1-plugins-bad-free-1.16.1-4.0.1.el8.x86_64.rpm	fc3c6844e5e0533840c63cb378e1630f	-	ol8_x86_64_appstream
	gstreamer1-plugins-bad-free-devel-1.16.1-4.0.1.el8.i686.rpm	3d308ed4677701e1b51e871d6ace41a1	-	ol8_x86_64_codeready_builder
	gstreamer1-plugins-bad-free-devel-1.16.1-4.0.1.el8.x86_64.rpm	5bbdf296b7ecf3836461cf1c87c60131	-	ol8_x86_64_codeready_builder

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team