Revision Date: | 2021-06-01 | Version: | 1 |
Title: | Security update for gstreamer, gstreamer-plugins-bad, gstreamer-plugins-base, gstreamer-plugins-good, gstreamer-plugins-ugly (Important) |
Description: |
This update for gstreamer, gstreamer-plugins-bad, gstreamer-plugins-base, gstreamer-plugins-good, gstreamer-plugins-ugly fixes the following issues:
gstreamer was updated to version 1.16.3 (bsc#1181255):
- delay creation of threadpools - bin: Fix `deep-element-removed` log message - buffer: fix meta sequence number fallback on rpi - bufferlist: foreach: always remove as parent if buffer is changed - bus: Make setting/replacing/clearing the sync handler thread-safe - elementfactory: Fix missing features in case a feature moves to another filename - element: When removing a ghost pad also unset its target - meta: intern registered impl string - registry: Use a toolchain-specific registry file on Windows - systemclock: Invalid internal time calculation causes non-increasing clock time on Windows - value: don't write to `const char *` - value: Fix segfault comparing empty GValueArrays - Revert floating enforcing - aggregator: fix iteration direction in skip_buffers - sparsefile: fix possible crash when seeking - baseparse: cache fix - baseparse: fix memory leak when subclass skips whole input buffer - baseparse: Set the private duration before posting a duration-changed message - basetransform: allow not passthrough if generate_output is implemented - identity: Fix a minor leak using meta_str - queue: protect against lost wakeups for iterm_del condition - queue2: Avoid races when posting buffering messages - queue2: Fix missing/dropped buffering messages at startup - identity: Unblock condition variable on FLUSH_START - check: Use `g_thread_yield()` instead of `g_usleep(1)` - tests: use cpu_family for arch checks - gst-launch: Follow up to missing `s/g_print/gst_print/g` - gst-inspect: Add define guard for `g_log_writer_supports_color()` - gst-launch: go back down to `GST_STATE_NULL` in one step. - device-monitor: list hidden providers before listing devices - autotools build fixes for GNU make 4.3
gstreamer-plugins-good was updated to version 1.16.3 (bsc#1181255):
- deinterlace: on-the-fly renegotiation - flacenc: Pass audio info from set_format() to query_total_samples() explicitly - flacparse: fix broken reordering of flac metadata - jack: Use jack_free(3) to release ports - jpegdec: check buffer size before dereferencing - pulse: fix discovery of newly added devices - qtdemux fuzzing fixes - qtdemux: Add 'mp3 ' fourcc that VLC seems to produce now - qtdemux: Specify REDIRECT information in error message - rtpbin: fix shutdown crash in rtpbin - rtpsession: rename RTCP thread - rtpvp8pay, rtpvp9pay: fix caps leak in set_caps() - rtpjpegdepay: outputs framed jpeg - rtpjitterbuffer: Properly free internal packets queue in finalize() - rtspsrc: Don't return TRUE for unhandled query - rtspsrc: Avoid stack overflow recursing waiting for response - rtspsrc: Use the correct type for storing the max-rtcp-rtp-time-diff property - rtspsrc: Error out when failling to receive message response - rtspsrc: Fix for segmentation fault when handling set/get_parameter requests - speex: Fix crash on Windows caused by cross-CRT issue - speexdec: Crash when stopping the pipeline - splitmuxsrc: Properly stop the loop if no part reader is present - use gst_element_class_set_metadata when passing dynamic strings - v4l2videodec: Increase internal bitstream pool size - v4l2: fix crash when handling unsupported video format - videocrop: allow properties to be animated by GstController - videomixer: Don't leak peer caps - vp8enc/vp8enc: set 1 for the default value of VP8E_SET_STATIC_THRESHOLD - wavenc: Fix writing of the channel mask with >2 channels
gstreamer-plugins-bad was updated to version 1.16.3 (bsc#1181255):
- amcvideodec: fix sync meta copying not taking a reference - audiobuffersplit: Perform discont tracking on running time - audiobuffersplit: Specify in the template caps that only interleaved audio is supported - audiobuffersplit: Unset DISCONT flag if not discontinuous - autoconvert: Fix lock-less exchange or free condition - autoconvert: fix compiler warnings with g_atomic on recent GLib versions - avfvideosrc: element requests camera permissions even with capture-screen property is true - codecparsers: h264parser: guard against ref_pic_markings overflow - dtlsconnection: Avoid segmentation fault when no srtp capabilities are negotiated - dtls/connection: fix EOF handling with openssl 1.1.1e - fdkaacdec: add support for mpegversion=2 - hls: Check nettle version to ensure AES128 support - ipcpipeline: Rework compiler checks - interlace: Increment phase_index before checking if we're at the end of the phase - lv2: Make it build with -fno-common - h264parser: Do not allocate too large size of memory for registered user data SEI - ladspa: fix unbounded integer properties - modplug: avoid division by zero - msdkdec: Fix GstMsdkContext leak - msdkenc: fix leaks on windows - musepackdec: Don't fail all queries if no sample rate is known yet - openslessink: Allow openslessink to handle 48kHz streams. - opencv: allow compilation against 4.2.x - proxysink: event_function needs to handle the event when it is disconnecetd from proxysrc - vulkan: Drop use of VK_RESULT_BEGIN_RANGE - wasapi: added missing lock release in case of error in gst_wasapi_xxx_reset - wasapi: Fix possible deadlock while downwards state change - waylandsink: Clear window when pipeline is stopped - webrtc: Support non-trickle ICE candidates in the SDP - webrtc: Unmap all non-binary buffers received via the datachannel - meson: build with neon 0.31 - Drop upstream fixed patch: gstreamer-h264parser-fix-overflow.patch
- h264parser: guard against ref_pic_markings overflow (bsc#1181255 CVE-2021-3185)
- Disable the kate/libtiger plugin. Kate streams for karaoke are not used anymore, and the source tarball for libtiger is no longer available upstream. (jsc#SLE-13843)
gstreamer-plugins-ugly was updated to version 1.16.3 (bsc#1181255):
+ x264enc: corrected em_data value in CEA-708 CC SEI message
gstreamer-plugins-base was updated to version 1.16.3 (bsc#1181255):
- audioaggregator: Check all downstream allowed caps structures if they support the upstream rate - audioaggregator: Fix negotiation with downstream if there is no peer yet - audioencoder: fix segment event leak - discoverer: Fix caps handling in `pad-added` signal handler - discoverer: Start discovering next URI from right thread - fft: Update our kiss fft version, fixes thread-safety and concurrency issues and misc other things - gl: numerous memory fixes (use-after-free, leaks, missing NULL-ify) - gl/display/egl: ensure debug category is initialized - gstglwindow_x11: fix resize - pbutils: Add latest H.264 level values - rtpbuffer: fix header extension length validation - video: Fix NV12_64Z32 number of component - video-format: RGB16/15 are not 16 bit per component but only 5.333 and 5 - video: fix top/bottom field flags - videodecoder: don't copy interlace-mode from reference state - appsrc/appsink: Make setting/replacing callbacks thread-safe - compositor: Fix checkerboard filling for BGRx/RGBx and UYVY/YUY2/YVYU - decodebin3: only force streams-selected seqnum after a select-streams - glupload: Fix fallback from direct dmabuf to dmabuf upload method - glvideomixer: perform `_get_highest_precision()` on the GL thread - libvisual: use `gst_element_class_set_metadata()` when passing dynamic strings - oggstream: Workaround for broken PAR in VP8 BOS - subparse: accept WebVTT timestamps without an hour component - playbin: Handle error message with redirection indication - textrender: Fix AYUV output. - typefind: Consider MPEG-PS PSM to be a PES type - uridecodebin3: default to non-0 buffer-size and buffer-duration, otherwise it could potentially cause big memory allocations over time - videoaggregator: Don't configure NULL chroma-site/colorimetry - videorate/videoscale/audioresample: Ensure that the caps returned from... - build: Replace bashisms in configure for Wayland and GLES3
|
Family: | unix | Class: | patch |
Status: | | Reference(s): | 1150556 1155094 1155381 1158910 1159740 1159819 1162825 1169746 1171978 1175475 1178067 1178434 1181255 CVE-2015-2278 CVE-2015-2282 CVE-2015-8216 CVE-2015-8217 CVE-2015-8218 CVE-2015-8219 CVE-2015-8363 CVE-2015-8364 CVE-2015-8365 CVE-2015-8661 CVE-2015-8662 CVE-2015-8663 CVE-2016-10190 CVE-2016-10191 CVE-2016-10192 CVE-2016-1897 CVE-2016-1898 CVE-2017-11399 CVE-2017-11665 CVE-2017-14054 CVE-2017-14055 CVE-2017-14056 CVE-2017-14057 CVE-2017-14058 CVE-2017-14059 CVE-2017-14169 CVE-2017-14170 CVE-2017-14171 CVE-2017-14222 CVE-2017-14223 CVE-2017-14225 CVE-2017-15186 CVE-2017-15672 CVE-2017-16840 CVE-2017-17081 CVE-2017-17555 CVE-2017-7859 CVE-2017-7862 CVE-2017-7863 CVE-2017-7865 CVE-2017-7866 CVE-2018-12458 CVE-2018-13300 CVE-2018-13302 CVE-2018-13305 CVE-2018-15822 CVE-2018-1999010 CVE-2018-1999011 CVE-2018-1999012 CVE-2018-1999013 CVE-2018-6392 CVE-2018-6621 CVE-2019-17006 CVE-2019-18348 CVE-2019-9674 CVE-2020-11022 CVE-2020-11023 CVE-2020-12399 CVE-2020-14352 CVE-2020-27560 CVE-2021-3185 openSUSE-SU-2020:0368-1 openSUSE-SU-2020:0696-1 openSUSE-SU-2020:0854-1 openSUSE-SU-2020:1289-1 openSUSE-SU-2020:1884-1 openSUSE-SU-2020:1888-1 SUSE-SU-2021:1819-1
|
Platform(s): | openSUSE Leap 15.1 openSUSE Leap 15.2 SUSE Linux Enterprise Desktop 15 SP3 SUSE Linux Enterprise High Performance Computing 15 SP3 SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Linux Enterprise Module for SAP Applications 15 SP1 SUSE Linux Enterprise Server 15 SP3 SUSE Linux Enterprise Server for SAP Applications 15 SP3 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE Manager Proxy 4.2 SUSE Manager Server 4.2
| Product(s): | |
Definition Synopsis |
openSUSE Leap 15.1 is installed AND Package Information
texlive-collection-basic-2017.135.svn41616-lp151.8.3 is installed
OR texlive-collection-bibtexextra-2017.135.svn44385-lp151.8.3 is installed
OR texlive-collection-binextra-2017.135.svn44515-lp151.8.3 is installed
OR texlive-collection-context-2017.135.svn42330-lp151.8.3 is installed
OR texlive-collection-fontsextra-2017.135.svn43356-lp151.8.3 is installed
OR texlive-collection-fontsrecommended-2017.135.svn35830-lp151.8.3 is installed
OR texlive-collection-fontutils-2017.135.svn37105-lp151.8.3 is installed
OR texlive-collection-formatsextra-2017.135.svn44177-lp151.8.3 is installed
OR texlive-collection-games-2017.135.svn42992-lp151.8.3 is installed
OR texlive-collection-humanities-2017.135.svn42268-lp151.8.3 is installed
OR texlive-collection-langarabic-2017.135.svn44496-lp151.8.3 is installed
OR texlive-collection-langchinese-2017.135.svn42675-lp151.8.3 is installed
OR texlive-collection-langcjk-2017.135.svn43009-lp151.8.3 is installed
OR texlive-collection-langcyrillic-2017.135.svn44401-lp151.8.3 is installed
OR texlive-collection-langczechslovak-2017.135.svn32550-lp151.8.3 is installed
OR texlive-collection-langenglish-2017.135.svn43650-lp151.8.3 is installed
OR texlive-collection-langeuropean-2017.135.svn44414-lp151.8.3 is installed
OR texlive-collection-langfrench-2017.135.svn40375-lp151.8.3 is installed
OR texlive-collection-langgerman-2017.135.svn42045-lp151.8.3 is installed
OR texlive-collection-langgreek-2017.135.svn44192-lp151.8.3 is installed
OR texlive-collection-langitalian-2017.135.svn30372-lp151.8.3 is installed
OR texlive-collection-langjapanese-2017.135.svn44554-lp151.8.3 is installed
OR texlive-collection-langkorean-2017.135.svn42106-lp151.8.3 is installed
OR texlive-collection-langother-2017.135.svn44414-lp151.8.3 is installed
OR texlive-collection-langpolish-2017.135.svn44371-lp151.8.3 is installed
OR texlive-collection-langportuguese-2017.135.svn30962-lp151.8.3 is installed
OR texlive-collection-langspanish-2017.135.svn40587-lp151.8.3 is installed
OR texlive-collection-latex-2017.135.svn41614-lp151.8.3 is installed
OR texlive-collection-latexextra-2017.135.svn44544-lp151.8.3 is installed
OR texlive-collection-latexrecommended-2017.135.svn44177-lp151.8.3 is installed
OR texlive-collection-luatex-2017.135.svn44500-lp151.8.3 is installed
OR texlive-collection-mathscience-2017.135.svn44396-lp151.8.3 is installed
OR texlive-collection-metapost-2017.135.svn44297-lp151.8.3 is installed
OR texlive-collection-music-2017.135.svn40561-lp151.8.3 is installed
OR texlive-collection-pictures-2017.135.svn44395-lp151.8.3 is installed
OR texlive-collection-plaingeneric-2017.135.svn44177-lp151.8.3 is installed
OR texlive-collection-pstricks-2017.135.svn44460-lp151.8.3 is installed
OR texlive-collection-publishers-2017.135.svn44485-lp151.8.3 is installed
OR texlive-collection-xetex-2017.135.svn43059-lp151.8.3 is installed
OR texlive-devel-2017.135-lp151.8.3 is installed
OR texlive-extratools-2017.135-lp151.8.3 is installed
OR texlive-filesystem-2017.135-lp151.8.3 is installed
OR texlive-scheme-basic-2017.135.svn25923-lp151.8.3 is installed
OR texlive-scheme-context-2017.135.svn35799-lp151.8.3 is installed
OR texlive-scheme-full-2017.135.svn44177-lp151.8.3 is installed
OR texlive-scheme-gust-2017.135.svn44177-lp151.8.3 is installed
OR texlive-scheme-infraonly-2017.135.svn41515-lp151.8.3 is installed
OR texlive-scheme-medium-2017.135.svn44177-lp151.8.3 is installed
OR texlive-scheme-minimal-2017.135.svn13822-lp151.8.3 is installed
OR texlive-scheme-small-2017.135.svn41825-lp151.8.3 is installed
OR texlive-scheme-tetex-2017.135.svn44187-lp151.8.3 is installed
|
Definition Synopsis |
openSUSE Leap 15.2 is installed
AND Package Information
librepo-1.11.2-lp152.2.3 is installed
OR librepo-devel-1.11.2-lp152.2.3 is installed
OR librepo0-1.11.2-lp152.2.3 is installed
OR python3-librepo-1.11.2-lp152.2.3 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Module for Basesystem 15 SP3 is installed
AND Package Information
gstreamer-1.16.3-3.3.1 is installed
OR gstreamer-devel-1.16.3-3.3.1 is installed
OR gstreamer-lang-1.16.3-3.3.1 is installed
OR gstreamer-plugins-base-1.16.3-4.3.1 is installed
OR gstreamer-plugins-base-devel-1.16.3-4.3.1 is installed
OR gstreamer-plugins-base-lang-1.16.3-4.3.1 is installed
OR gstreamer-plugins-good-1.16.3-3.3.1 is installed
OR gstreamer-plugins-good-lang-1.16.3-3.3.1 is installed
OR gstreamer-utils-1.16.3-3.3.1 is installed
OR libgstallocators-1_0-0-1.16.3-4.3.1 is installed
OR libgstapp-1_0-0-1.16.3-4.3.1 is installed
OR libgstaudio-1_0-0-1.16.3-4.3.1 is installed
OR libgstfft-1_0-0-1.16.3-4.3.1 is installed
OR libgstgl-1_0-0-1.16.3-4.3.1 is installed
OR libgstpbutils-1_0-0-1.16.3-4.3.1 is installed
OR libgstreamer-1_0-0-1.16.3-3.3.1 is installed
OR libgstriff-1_0-0-1.16.3-4.3.1 is installed
OR libgstrtp-1_0-0-1.16.3-4.3.1 is installed
OR libgstrtsp-1_0-0-1.16.3-4.3.1 is installed
OR libgstsdp-1_0-0-1.16.3-4.3.1 is installed
OR libgsttag-1_0-0-1.16.3-4.3.1 is installed
OR libgstvideo-1_0-0-1.16.3-4.3.1 is installed
OR typelib-1_0-Gst-1_0-1.16.3-3.3.1 is installed
OR typelib-1_0-GstAllocators-1_0-1.16.3-4.3.1 is installed
OR typelib-1_0-GstApp-1_0-1.16.3-4.3.1 is installed
OR typelib-1_0-GstAudio-1_0-1.16.3-4.3.1 is installed
OR typelib-1_0-GstGL-1_0-1.16.3-4.3.1 is installed
OR typelib-1_0-GstPbutils-1_0-1.16.3-4.3.1 is installed
OR typelib-1_0-GstRtp-1_0-1.16.3-4.3.1 is installed
OR typelib-1_0-GstRtsp-1_0-1.16.3-4.3.1 is installed
OR typelib-1_0-GstSdp-1_0-1.16.3-4.3.1 is installed
OR typelib-1_0-GstTag-1_0-1.16.3-4.3.1 is installed
OR typelib-1_0-GstVideo-1_0-1.16.3-4.3.1 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Module for SAP Applications 15 SP1 is installed
AND clamsap-0.99.25-2 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
AND Package Information
libavcodec-devel-3.4.2-4.12 is installed
OR libavformat-devel-3.4.2-4.12 is installed
OR libavformat57-3.4.2-4.12 is installed
OR libavresample-devel-3.4.2-4.12 is installed
OR libavresample3-3.4.2-4.12 is installed
|