ELSA-2026-36834

ELSA-2026-36834 - gstreamer1-plugins-bad-free security update

Type:SECURITY
Impact:IMPORTANT
Release Date:2026-07-08

Description


[1.22.12-7.1]
- Sync with c9s release -5..-7: fix for CVE-2026-2923, CVE-2026-3082
in dvbsuboverlay and jpegparser
Resolves: RHEL-156242, RHEL-156255

[1.22.12-4.4]
- Fix bytes/bits confusion in AV1 tile data size parsing
(CVE-2026-52718)
Resolves: RHEL-184388

[1.22.12-4.3]
- Fix for CVE-2026-52719: vajpegdecoder out-of-bounds read
Resolves: RHEL-184403

[1.22.12-4.2]
- Fix integer overflows in vmnc decoder (CVE-2026-52722)
Resolves: RHEL-184422

[1.22.12-4.1]
- Fix for CVE-2026-52720: validate framebuffer update rectangles
in librfb plugin
Resolves: RHEL-184459

[1.22.12-4]
- fix for CVE-2025-3887
Resolves: RHEL-93059

[1.22.12-3]
- Rebuild
- Resolves: RHEL-38511, RHEL-41157

[1.22.12-2]
- Rebuild
- Resolves: RHEL-38511, RHEL-41157


Related CVEs


CVE-2026-52718
CVE-2026-52719
CVE-2026-52720
CVE-2026-52722

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 9 (aarch64) gstreamer1-plugins-bad-free-1.22.12-7.el9_8.1.src.rpm333aa2218d3522d31bd7c994c410bf1489bb222532958012ed4385d76388cadf-ol9_aarch64_appstream
gstreamer1-plugins-bad-free-1.22.12-7.el9_8.1.src.rpm333aa2218d3522d31bd7c994c410bf1489bb222532958012ed4385d76388cadf-ol9_aarch64_codeready_builder
gstreamer1-plugins-bad-free-1.22.12-7.el9_8.1.aarch64.rpm117406186af41842f6a3c6147fca3236465550dd8fd3cdac41ab7e0e8367be7d-ol9_aarch64_appstream
gstreamer1-plugins-bad-free-devel-1.22.12-7.el9_8.1.aarch64.rpme93f091d6fd1c521ede60462c2b1d613fd949d6dcdb385c2fb67823d9423cc44-ol9_aarch64_codeready_builder
gstreamer1-plugins-bad-free-libs-1.22.12-7.el9_8.1.aarch64.rpm02ee0e0b45df08b653c520c4bfa50f550a0130cc82ec8af7ec8a7486d422a50f-ol9_aarch64_appstream
Oracle Linux 9 (x86_64) gstreamer1-plugins-bad-free-1.22.12-7.el9_8.1.src.rpm333aa2218d3522d31bd7c994c410bf1489bb222532958012ed4385d76388cadf-ol9_x86_64_appstream
gstreamer1-plugins-bad-free-1.22.12-7.el9_8.1.src.rpm333aa2218d3522d31bd7c994c410bf1489bb222532958012ed4385d76388cadf-ol9_x86_64_codeready_builder
gstreamer1-plugins-bad-free-1.22.12-7.el9_8.1.i686.rpm053ce2913a9befe450c2bdfbb91d6a730c0b600c899131b8a01351b361809e02-ol9_x86_64_appstream
gstreamer1-plugins-bad-free-1.22.12-7.el9_8.1.x86_64.rpm3e04fb5bd193c0032ca4c9cb4959a0feb9f690745a8bf4ec4d5aabb8cc3abcc7-ol9_x86_64_appstream
gstreamer1-plugins-bad-free-devel-1.22.12-7.el9_8.1.i686.rpm216071014a445bca5bdc5af6d653aadb0bdcae9a5028893925ae26a5668b9f62-ol9_x86_64_codeready_builder
gstreamer1-plugins-bad-free-devel-1.22.12-7.el9_8.1.x86_64.rpm6d65c6e861cd7b612f578297a53789762a452a1651e0b046b273dbf2e1b4875b-ol9_x86_64_codeready_builder
gstreamer1-plugins-bad-free-libs-1.22.12-7.el9_8.1.i686.rpm3f3e045fe999e64ced96d67856428e8f4f01a2b9d43453b039161f8de3fa81d6-ol9_x86_64_appstream
gstreamer1-plugins-bad-free-libs-1.22.12-7.el9_8.1.x86_64.rpm325a4198bbe78e8db61026411ca72d214929726d1d138571ff8ee17f7143637c-ol9_x86_64_appstream



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete