UbuntuUpdates.org

Package "gir1.2-gst-plugins-bad-1.0"

Name: gir1.2-gst-plugins-bad-1.0

Description:

GObject introspection data for the GStreamer libraries from the "bad" set

Latest version: 1.24.8-2ubuntu1.1
Release: oracular (24.10)
Level: security
Repository: universe
Head package: gst-plugins-bad1.0
Homepage: https://gstreamer.freedesktop.org

Links


Download "gir1.2-gst-plugins-bad-1.0"


Other versions of "gir1.2-gst-plugins-bad-1.0" in Oracular

Repository Area Version
base universe 1.24.8-2ubuntu1
updates universe 1.24.8-2ubuntu1.1

Changelog

Version: 1.24.8-2ubuntu1.1 2025-06-05 19:07:25 UTC

  gst-plugins-bad1.0 (1.24.8-2ubuntu1.1) oracular-security; urgency=medium

  * SECURITY UPDATE: stack-based buffer overflow
    - debian/patches/CVE-2025-3887-1.patch: Fix
      max_dec_pic_buffering_minus1 bound check.
    - debian/patches/CVE-2025-3887-2.patch: Fix
      num_long_term_pics bound check.
    - CVE-2025-3887

 -- Fabian Toepfer <email address hidden> Tue, 03 Jun 2025 19:36:38 +0200

CVE-2025-3887 GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute a



About   -   Send Feedback to @ubuntu_updates