UbuntuUpdates.org

Package "gst-plugins-base1.0"

Name: gst-plugins-base1.0

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • GObject introspection data for the GStreamer Plugins Base library
  • GStreamer plugin for ALSA
  • GStreamer plugins for GL
  • GStreamer plugins from the "base" set
Latest version: 1.26.0-1ubuntu0.1
Release: plucky (25.04)
Level: security
Repository: main

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "gst-plugins-base1.0" in Plucky

Repository Area Version
base main 1.26.0-1
updates main 1.26.0-1ubuntu0.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1.26.0-1ubuntu0.1 2025-08-26 17:08:10 UTC

  gst-plugins-base1.0 (1.26.0-1ubuntu0.1) plucky-security; urgency=medium

  * SECURITY UPDATE: DoS via stack overflow in subparse plugin
    - debian/patches/CVE-2025-47806.patch: make sure that subrip time
      string is not too long before zero-padding in
      gst/subparse/gstsubparse.c.
    - CVE-2025-47806
  * SECURITY UPDATE: DoS via null-deref in subparse plugin
    - debian/patches/CVE-2025-47807.patch: check for valid UTF-8 before
      cleaning up lines and check for regex replace errors in
      gst/subparse/gstsubparse.c.
    - CVE-2025-47807
  * SECURITY UPDATE: DoS via null-deref in subparse plugin
    - debian/patches/CVE-2025-47808.patch: don't append NULL + 1 to the
      string buffer when parsing lines without text in
      gst/subparse/tmplayerparse.c.
    - CVE-2025-47808

 -- Marc Deslauriers <email address hidden> Mon, 25 Aug 2025 08:59:51 -0400
CVE-2025-47806 In GStreamer through 1.26.1, the subparse plugin's parse_subrip_time function may write data past the bounds of a stack buffer, leading to a crash.
CVE-2025-47807 In GStreamer through 1.26.1, the subparse plugin's subrip_unescape_formatting function may dereference a NULL pointer while parsing a subtitle file,
CVE-2025-47808 In GStreamer through 1.26.1, the subparse plugin's tmplayer_parse_line function may dereference a NULL pointer while parsing a subtitle file, leading


About   -   Send Feedback to @ubuntu_updates