Format: 1.8 Date: Tue, 28 Nov 2023 13:33:46 -0500 Source: gst-plugins-bad1.0 Binary: gir1.2-gst-plugins-bad-1.0 gstreamer1.0-opencv gstreamer1.0-plugins-bad gstreamer1.0-plugins-bad-dbg libgstreamer-opencv1.0-0 libgstreamer-plugins-bad1.0-0 libgstreamer-plugins-bad1.0-dev Architecture: ppc64el Version: 1.16.3-0ubuntu1.1 Distribution: focal Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: gir1.2-gst-plugins-bad-1.0 - GObject introspection data for the GStreamer libraries from the " gstreamer1.0-opencv - GStreamer OpenCV plugins gstreamer1.0-plugins-bad - GStreamer plugins from the "bad" set gstreamer1.0-plugins-bad-dbg - GStreamer plugins from the "bad" set (debug symbols) libgstreamer-opencv1.0-0 - GStreamer OpenCV libraries libgstreamer-plugins-bad1.0-0 - GStreamer libraries from the "bad" set libgstreamer-plugins-bad1.0-dev - GStreamer development files for libraries from the "bad" set Launchpad-Bugs-Fixed: 2035585 Changes: gst-plugins-bad1.0 (1.16.3-0ubuntu1.1) focal-security; urgency=medium . [ Luís Infante da Câmara ] * SECURITY UPDATE: Heap buffer overflow in dvdspu (LP: #2035585) - debian/patches/CVE-2023-37329-1.patch: Make sure enough data is allocated for the available data. - debian/patches/CVE-2023-37329-2.patch: Avoid integer overflow when checking if enough data is available. - CVE-2023-37329 . [ Marc Deslauriers ] * SECURITY UPDATE: integer overflow in MXF file handling - debian/patches/CVE-2023-40474.patch: fix integer overflow causing out of bounds writes when handling invalid uncompressed video in gst/mxf/mxfup.c. - CVE-2023-40474 * SECURITY UPDATE: integer overflow in MXF file handling - debian/patches/CVE-2023-40475.patch: check number of channels for AES3 audio in gst/mxf/mxfd10.c. - CVE-2023-40475 * SECURITY UPDATE: integer overflow in H.265 video parser - debian/patches/CVE-2023-40476.patch: fix possible overflow using max_sub_layers_minus1 in gst-libs/gst/codecparsers/gsth265parser.c. - CVE-2023-40476 * SECURITY UPDATE: MXF demuxer use-after-free - debian/patches/CVE-2023-44446.patch: store GstMXFDemuxEssenceTrack in their own fixed allocation in gst/mxf/mxfdemux.*. - CVE-2023-44446 Checksums-Sha1: 4423d2a261bd6dc30f454d254c335199a55f852f 35052 gir1.2-gst-plugins-bad-1.0_1.16.3-0ubuntu1.1_ppc64el.deb a3f82dbd96cb0528d207eb4369e385134f28964e 34013 gst-plugins-bad1.0_1.16.3-0ubuntu1.1_ppc64el.buildinfo b4a03ef5b4380557b41b00664707ac933c7e33a1 144068 gstreamer1.0-opencv_1.16.3-0ubuntu1.1_ppc64el.deb 44d316d66b4cbec1f1b387dfc8e8178b75013bab 12856876 gstreamer1.0-plugins-bad-dbg_1.16.3-0ubuntu1.1_ppc64el.deb 6c42b5f3813a0360d9ac9fd9dca752a30be8dc8e 1778504 gstreamer1.0-plugins-bad_1.16.3-0ubuntu1.1_ppc64el.deb c38bebddc1b7edc6c75be69e2a69ccc40199b910 62220 libgstreamer-opencv1.0-0_1.16.3-0ubuntu1.1_ppc64el.deb 692b119482e5c5b2f003e1472d1cb796d6a260a4 321824 libgstreamer-plugins-bad1.0-0_1.16.3-0ubuntu1.1_ppc64el.deb 93c13e16aa20aaba51dbc9bda7b61590fa7e8efc 114160 libgstreamer-plugins-bad1.0-dev_1.16.3-0ubuntu1.1_ppc64el.deb Checksums-Sha256: eea5a25c33d7c70724a6b2cbf64041b6084df86209756a899933811180ae844e 35052 gir1.2-gst-plugins-bad-1.0_1.16.3-0ubuntu1.1_ppc64el.deb 5efb08951272929249d6fbf13343274f91b2218773dc775659fe9d272814ecb2 34013 gst-plugins-bad1.0_1.16.3-0ubuntu1.1_ppc64el.buildinfo a9da37a22a8218b466303560bfdf813796ff6f4afe3b6f52ae8abd1b710df886 144068 gstreamer1.0-opencv_1.16.3-0ubuntu1.1_ppc64el.deb 44bff3f844ca8a14693735d3defdf717e6556eb9cef15210c65f52e2fd779254 12856876 gstreamer1.0-plugins-bad-dbg_1.16.3-0ubuntu1.1_ppc64el.deb ff54bc0df0b0fe604967e877cfb93ab675faafa1f445d4326449958ca8723500 1778504 gstreamer1.0-plugins-bad_1.16.3-0ubuntu1.1_ppc64el.deb 595244bbcc608ec5fe4b38f26ff6d0e71a4adbab948c604458dde2c4fe4309e2 62220 libgstreamer-opencv1.0-0_1.16.3-0ubuntu1.1_ppc64el.deb f15fb8842e96f33255e7e4c5248182231f92a183e1df58da665d47f72be46f68 321824 libgstreamer-plugins-bad1.0-0_1.16.3-0ubuntu1.1_ppc64el.deb 1ea534cb662e371a1ea18ad754c388e617bcfb5fe58f394a1d2391771ec3d3d8 114160 libgstreamer-plugins-bad1.0-dev_1.16.3-0ubuntu1.1_ppc64el.deb Files: 62c5f4670c6c80ff6ed802153913ad6e 35052 introspection extra gir1.2-gst-plugins-bad-1.0_1.16.3-0ubuntu1.1_ppc64el.deb 6057d9e5ad85494a9bd0d283cf457d50 34013 libs extra gst-plugins-bad1.0_1.16.3-0ubuntu1.1_ppc64el.buildinfo a3fe74e4f9498b480064e2b0d03bc81c 144068 libs extra gstreamer1.0-opencv_1.16.3-0ubuntu1.1_ppc64el.deb 008657cfecf55eceaab09004836dc5a2 12856876 debug extra gstreamer1.0-plugins-bad-dbg_1.16.3-0ubuntu1.1_ppc64el.deb 3a3cceacceca8d079a852ac6b1c7dcf5 1778504 libs extra gstreamer1.0-plugins-bad_1.16.3-0ubuntu1.1_ppc64el.deb 8eee89e3b8b37199abb5b2c74e1ba296 62220 libs extra libgstreamer-opencv1.0-0_1.16.3-0ubuntu1.1_ppc64el.deb e1a84dce76b8af05b3ae2809ce5bb288 321824 libs extra libgstreamer-plugins-bad1.0-0_1.16.3-0ubuntu1.1_ppc64el.deb b135c9d40e6d996472a9eee10ec1db6c 114160 libdevel extra libgstreamer-plugins-bad1.0-dev_1.16.3-0ubuntu1.1_ppc64el.deb Original-Maintainer: Maintainers of GStreamer packages