UbuntuUpdates.org

Package "gst-plugins-good1.0"

Name: gst-plugins-good1.0

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • GStreamer plugin for GTK+3
  • GStreamer plugins from the "good" set
  • GStreamer development files for libraries from the "good" set
  • GStreamer development files for libraries from the "good" set
Latest version: 1.26.0-1ubuntu2.1
Release: plucky (25.04)
Level: security
Repository: main

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "gst-plugins-good1.0" in Plucky

Repository Area Version
base main 1.26.0-1ubuntu2
base universe 1.26.0-1ubuntu2
security universe 1.26.0-1ubuntu2.1
updates main 1.26.0-1ubuntu2.1
updates universe 1.26.0-1ubuntu2.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1.26.0-1ubuntu2.1 2025-08-26 17:08:10 UTC

  gst-plugins-good1.0 (1.26.0-1ubuntu2.1) plucky-security; urgency=medium

  * SECURITY UPDATE: buffer over-read in isomp4 plugin
    - debian/patches/CVE-2025-47183.patch: use byte reader to parse mvhd
      box in gst/isomp4/qtdemux.c.
    - CVE-2025-47183
  * SECURITY UPDATE: buffer over-read in isomp4 plugin
    - debian/patches/CVE-2025-47219.patch: check if enough bytes are
      available for each stsd entry in gst/isomp4/qtdemux.c.
    - CVE-2025-47219

 -- Marc Deslauriers <email address hidden> Mon, 25 Aug 2025 09:42:59 -0400
CVE-2025-47183 In GStreamer through 1.26.1, the isomp4 plugin's qtdemux_parse_tree function may read past the end of a heap buffer while parsing an MP4 file, leadin
CVE-2025-47219 In GStreamer through 1.26.1, the isomp4 plugin's qtdemux_parse_trak function may read past the end of a heap buffer while parsing an MP4 file, possib


About   -   Send Feedback to @ubuntu_updates