Format: 1.8
Date: Tue, 28 Nov 2023 13:33:46 -0500
Source: gst-plugins-bad1.0
Binary: gir1.2-gst-plugins-bad-1.0 gstreamer1.0-opencv gstreamer1.0-plugins-bad gstreamer1.0-plugins-bad-dbg libgstreamer-opencv1.0-0 libgstreamer-plugins-bad1.0-0 libgstreamer-plugins-bad1.0-dev
Architecture: arm64
Version: 1.16.3-0ubuntu1.1
Distribution: focal
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos02-arm64-018.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description:
 gir1.2-gst-plugins-bad-1.0 - GObject introspection data for the GStreamer libraries from the "
 gstreamer1.0-opencv - GStreamer OpenCV plugins
 gstreamer1.0-plugins-bad - GStreamer plugins from the "bad" set
 gstreamer1.0-plugins-bad-dbg - GStreamer plugins from the "bad" set (debug symbols)
 libgstreamer-opencv1.0-0 - GStreamer OpenCV libraries
 libgstreamer-plugins-bad1.0-0 - GStreamer libraries from the "bad" set
 libgstreamer-plugins-bad1.0-dev - GStreamer development files for libraries from the "bad" set
Launchpad-Bugs-Fixed: 2035585
Changes:
 gst-plugins-bad1.0 (1.16.3-0ubuntu1.1) focal-security; urgency=medium
 .
   [ Luís Infante da Câmara ]
   * SECURITY UPDATE: Heap buffer overflow in dvdspu (LP: #2035585)
     - debian/patches/CVE-2023-37329-1.patch: Make sure enough data is
       allocated for the available data.
     - debian/patches/CVE-2023-37329-2.patch: Avoid integer overflow when
       checking if enough data is available.
     - CVE-2023-37329
 .
   [ Marc Deslauriers ]
   * SECURITY UPDATE: integer overflow in MXF file handling
     - debian/patches/CVE-2023-40474.patch: fix integer overflow causing out
       of bounds writes when handling invalid uncompressed video in
       gst/mxf/mxfup.c.
     - CVE-2023-40474
   * SECURITY UPDATE: integer overflow in MXF file handling
     - debian/patches/CVE-2023-40475.patch: check number of channels for
       AES3 audio in gst/mxf/mxfd10.c.
     - CVE-2023-40475
   * SECURITY UPDATE: integer overflow in H.265 video parser
     - debian/patches/CVE-2023-40476.patch: fix possible overflow using
       max_sub_layers_minus1 in gst-libs/gst/codecparsers/gsth265parser.c.
     - CVE-2023-40476
   * SECURITY UPDATE: MXF demuxer use-after-free
     - debian/patches/CVE-2023-44446.patch: store GstMXFDemuxEssenceTrack in
       their own fixed allocation in gst/mxf/mxfdemux.*.
     - CVE-2023-44446
Checksums-Sha1:
 2533e385bec28e17952e3ccd0c7936819d36efa1 35020 gir1.2-gst-plugins-bad-1.0_1.16.3-0ubuntu1.1_arm64.deb
 a41680606c1e046251cf1d4f44adc0d5ef7c9a97 34063 gst-plugins-bad1.0_1.16.3-0ubuntu1.1_arm64.buildinfo
 a3f23bfec4d850a98c409966047fd6dc90e9d6a8 130132 gstreamer1.0-opencv_1.16.3-0ubuntu1.1_arm64.deb
 7df2328780873989755ac7c665edfc830c7f935e 12332576 gstreamer1.0-plugins-bad-dbg_1.16.3-0ubuntu1.1_arm64.deb
 98b02bbdce0f9071a525bed87d66552da8f56ed0 1555656 gstreamer1.0-plugins-bad_1.16.3-0ubuntu1.1_arm64.deb
 7fbcef602370643953171942f01fcc27b9ecae7c 61724 libgstreamer-opencv1.0-0_1.16.3-0ubuntu1.1_arm64.deb
 99b20ae87a4f41a38aa818a93334898d6311f06b 293092 libgstreamer-plugins-bad1.0-0_1.16.3-0ubuntu1.1_arm64.deb
 08d399123ced120b2c5accf7ca59045581d7440e 114164 libgstreamer-plugins-bad1.0-dev_1.16.3-0ubuntu1.1_arm64.deb
Checksums-Sha256:
 7dbe6620143cbc50dec7e066262d9f660900b4b5cd48594e573ee0f7dff23038 35020 gir1.2-gst-plugins-bad-1.0_1.16.3-0ubuntu1.1_arm64.deb
 3abda3665f443c4eddcd34fea8fd2f06e3e606dcb7bca99cf3256ca2da707cb8 34063 gst-plugins-bad1.0_1.16.3-0ubuntu1.1_arm64.buildinfo
 2f8b12771769d071dd5af52d30d07fc4b2d589754041fe61d6588b8b22530543 130132 gstreamer1.0-opencv_1.16.3-0ubuntu1.1_arm64.deb
 d280544083ea9e901f467f948349f083414b8900c9726b20cae539277eda47c1 12332576 gstreamer1.0-plugins-bad-dbg_1.16.3-0ubuntu1.1_arm64.deb
 018a539c153afdd0cb7d4abe1b37aead1f923ee41a119cd33d1279d38d88feaf 1555656 gstreamer1.0-plugins-bad_1.16.3-0ubuntu1.1_arm64.deb
 de10d2f5ca5161b4a3a039100d61c8c902117be7f92513e6bc6ef28f6b9546c8 61724 libgstreamer-opencv1.0-0_1.16.3-0ubuntu1.1_arm64.deb
 7db653b572be95e5217d404206d8a5e03de7cbbc93fdb187dcc397bdba150722 293092 libgstreamer-plugins-bad1.0-0_1.16.3-0ubuntu1.1_arm64.deb
 9333e6f6e86f20c1bec1da9d0517d76fce4c59f5500e4af7df1530d17b08e9a7 114164 libgstreamer-plugins-bad1.0-dev_1.16.3-0ubuntu1.1_arm64.deb
Files:
 c4da5a3cd55bfa619f9aae7f34c25e9e 35020 introspection extra gir1.2-gst-plugins-bad-1.0_1.16.3-0ubuntu1.1_arm64.deb
 651c116c67e19090029952a760aae992 34063 libs extra gst-plugins-bad1.0_1.16.3-0ubuntu1.1_arm64.buildinfo
 4fb3ab3be9736e62bc92d5e129a1cc60 130132 libs extra gstreamer1.0-opencv_1.16.3-0ubuntu1.1_arm64.deb
 99ea77955a124dc0696dd4bf31149ec4 12332576 debug extra gstreamer1.0-plugins-bad-dbg_1.16.3-0ubuntu1.1_arm64.deb
 92a91106a08d2cf374ba4257fcfc291b 1555656 libs extra gstreamer1.0-plugins-bad_1.16.3-0ubuntu1.1_arm64.deb
 a0539bb6fc4bbdd9b326e3dce3e38a65 61724 libs extra libgstreamer-opencv1.0-0_1.16.3-0ubuntu1.1_arm64.deb
 a6d015808230de5e1b1748537d570189 293092 libs extra libgstreamer-plugins-bad1.0-0_1.16.3-0ubuntu1.1_arm64.deb
 7616737900383a572bc8470febc4d035 114164 libdevel extra libgstreamer-plugins-bad1.0-dev_1.16.3-0ubuntu1.1_arm64.deb
Original-Maintainer: Maintainers of GStreamer packages <gst-plugins-bad1.0@packages.debian.org>