Synopsis
Important: gstreamer1-plugins-bad-free security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for gstreamer1-plugins-bad-free is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer.
Security Fix(es):
- gstreamer: AV1 codec parser heap-based buffer overflow (CVE-2023-44429)
- gstreamer: MXF demuxer use-after-free vulnerability (CVE-2023-44446)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
-
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0 x86_64
-
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0 s390x
-
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0 ppc64le
-
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0 aarch64
-
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le
-
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64
-
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.0 x86_64
-
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.0 ppc64le
-
Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.0 s390x
-
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.0 aarch64
-
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.0 aarch64
-
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.0 s390x
Fixes
-
BZ - 2250247
- CVE-2023-44429 gstreamer: AV1 codec parser heap-based buffer overflow
-
BZ - 2250249
- CVE-2023-44446 gstreamer: MXF demuxer use-after-free vulnerability
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0
SRPM |
gstreamer1-plugins-bad-free-1.18.4-6.el9_0.src.rpm
|
SHA-256: be840216f42f28d1c3f624cddd8bdc8655fa66ba3068f6f27916dffbb52a48a4 |
x86_64 |
gstreamer1-plugins-bad-free-1.18.4-6.el9_0.i686.rpm
|
SHA-256: 0ad706171622f5a044f457f9dfb4115465d6773d3e74fbaa5286a697e7023ca3 |
gstreamer1-plugins-bad-free-1.18.4-6.el9_0.x86_64.rpm
|
SHA-256: d518292ec6b707af888c24486fc8f79739ec983e6cc137c5f83a4937ba7d7e90 |
gstreamer1-plugins-bad-free-debuginfo-1.18.4-6.el9_0.i686.rpm
|
SHA-256: 03fd2b8e0767f708ac738071d309bdbf6a7f8cb99966b4dfe02061b06eb86af3 |
gstreamer1-plugins-bad-free-debuginfo-1.18.4-6.el9_0.x86_64.rpm
|
SHA-256: 97e239945079deecd22bfd63e9fda675ffb445d767b653f16d31af17ceedf6ac |
gstreamer1-plugins-bad-free-debugsource-1.18.4-6.el9_0.i686.rpm
|
SHA-256: 165a8215407198813ef77e6ede729797d8c9f37c257fac25070d998a14cc1ffc |
gstreamer1-plugins-bad-free-debugsource-1.18.4-6.el9_0.x86_64.rpm
|
SHA-256: a48d301a44cea0b57f2be7fe125e32cdc0409953bbfdb2d1201d9f7cb08fef0e |
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0
SRPM |
gstreamer1-plugins-bad-free-1.18.4-6.el9_0.src.rpm
|
SHA-256: be840216f42f28d1c3f624cddd8bdc8655fa66ba3068f6f27916dffbb52a48a4 |
s390x |
gstreamer1-plugins-bad-free-1.18.4-6.el9_0.s390x.rpm
|
SHA-256: 80969161382ed17f9a03e09139ea5f900eda81aff5d90b6f0a9241742e0e3858 |
gstreamer1-plugins-bad-free-debuginfo-1.18.4-6.el9_0.s390x.rpm
|
SHA-256: a3079811208170910558bab3538a56bc3e9b9cd1a1841d48dc5ec5c9418b1089 |
gstreamer1-plugins-bad-free-debugsource-1.18.4-6.el9_0.s390x.rpm
|
SHA-256: e896c80265da07dcd5290e6f5faa09b940af6ddd34ec12ad1d3c8c6315b31e82 |
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0
SRPM |
gstreamer1-plugins-bad-free-1.18.4-6.el9_0.src.rpm
|
SHA-256: be840216f42f28d1c3f624cddd8bdc8655fa66ba3068f6f27916dffbb52a48a4 |
ppc64le |
gstreamer1-plugins-bad-free-1.18.4-6.el9_0.ppc64le.rpm
|
SHA-256: e34e366fbe99ec91e57c9b6cfcfaa314573d2a96dd0593102e1fe39bcbc9af9c |
gstreamer1-plugins-bad-free-debuginfo-1.18.4-6.el9_0.ppc64le.rpm
|
SHA-256: d3a18bbf279679c52ac7b7abcd45382164090edd6cdc9a3f22cb0cbd43713356 |
gstreamer1-plugins-bad-free-debugsource-1.18.4-6.el9_0.ppc64le.rpm
|
SHA-256: 2c835fc3ad69bdf4ded0bc479c12457892742890430eb3c38717ba717da15ae4 |
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0
SRPM |
gstreamer1-plugins-bad-free-1.18.4-6.el9_0.src.rpm
|
SHA-256: be840216f42f28d1c3f624cddd8bdc8655fa66ba3068f6f27916dffbb52a48a4 |
aarch64 |
gstreamer1-plugins-bad-free-1.18.4-6.el9_0.aarch64.rpm
|
SHA-256: 81d16c93ad44e9216d93432619c64dd44cd6ac9003e7585005c6faf034aefb67 |
gstreamer1-plugins-bad-free-debuginfo-1.18.4-6.el9_0.aarch64.rpm
|
SHA-256: aa865d8ecc1b8d85f2231778e09743cc10e8dc4fc5c917d34816fd64d84b0617 |
gstreamer1-plugins-bad-free-debugsource-1.18.4-6.el9_0.aarch64.rpm
|
SHA-256: 1f46f720b394e2a8f916a031bcec1ddb4d293b55c0cc102a0a831105490bccb2 |
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0
SRPM |
gstreamer1-plugins-bad-free-1.18.4-6.el9_0.src.rpm
|
SHA-256: be840216f42f28d1c3f624cddd8bdc8655fa66ba3068f6f27916dffbb52a48a4 |
ppc64le |
gstreamer1-plugins-bad-free-1.18.4-6.el9_0.ppc64le.rpm
|
SHA-256: e34e366fbe99ec91e57c9b6cfcfaa314573d2a96dd0593102e1fe39bcbc9af9c |
gstreamer1-plugins-bad-free-debuginfo-1.18.4-6.el9_0.ppc64le.rpm
|
SHA-256: d3a18bbf279679c52ac7b7abcd45382164090edd6cdc9a3f22cb0cbd43713356 |
gstreamer1-plugins-bad-free-debugsource-1.18.4-6.el9_0.ppc64le.rpm
|
SHA-256: 2c835fc3ad69bdf4ded0bc479c12457892742890430eb3c38717ba717da15ae4 |
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0
SRPM |
gstreamer1-plugins-bad-free-1.18.4-6.el9_0.src.rpm
|
SHA-256: be840216f42f28d1c3f624cddd8bdc8655fa66ba3068f6f27916dffbb52a48a4 |
x86_64 |
gstreamer1-plugins-bad-free-1.18.4-6.el9_0.i686.rpm
|
SHA-256: 0ad706171622f5a044f457f9dfb4115465d6773d3e74fbaa5286a697e7023ca3 |
gstreamer1-plugins-bad-free-1.18.4-6.el9_0.x86_64.rpm
|
SHA-256: d518292ec6b707af888c24486fc8f79739ec983e6cc137c5f83a4937ba7d7e90 |
gstreamer1-plugins-bad-free-debuginfo-1.18.4-6.el9_0.i686.rpm
|
SHA-256: 03fd2b8e0767f708ac738071d309bdbf6a7f8cb99966b4dfe02061b06eb86af3 |
gstreamer1-plugins-bad-free-debuginfo-1.18.4-6.el9_0.x86_64.rpm
|
SHA-256: 97e239945079deecd22bfd63e9fda675ffb445d767b653f16d31af17ceedf6ac |
gstreamer1-plugins-bad-free-debugsource-1.18.4-6.el9_0.i686.rpm
|
SHA-256: 165a8215407198813ef77e6ede729797d8c9f37c257fac25070d998a14cc1ffc |
gstreamer1-plugins-bad-free-debugsource-1.18.4-6.el9_0.x86_64.rpm
|
SHA-256: a48d301a44cea0b57f2be7fe125e32cdc0409953bbfdb2d1201d9f7cb08fef0e |
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.0
SRPM |
x86_64 |
gstreamer1-plugins-bad-free-debuginfo-1.18.4-6.el9_0.i686.rpm
|
SHA-256: 03fd2b8e0767f708ac738071d309bdbf6a7f8cb99966b4dfe02061b06eb86af3 |
gstreamer1-plugins-bad-free-debuginfo-1.18.4-6.el9_0.x86_64.rpm
|
SHA-256: 97e239945079deecd22bfd63e9fda675ffb445d767b653f16d31af17ceedf6ac |
gstreamer1-plugins-bad-free-debugsource-1.18.4-6.el9_0.i686.rpm
|
SHA-256: 165a8215407198813ef77e6ede729797d8c9f37c257fac25070d998a14cc1ffc |
gstreamer1-plugins-bad-free-debugsource-1.18.4-6.el9_0.x86_64.rpm
|
SHA-256: a48d301a44cea0b57f2be7fe125e32cdc0409953bbfdb2d1201d9f7cb08fef0e |
gstreamer1-plugins-bad-free-devel-1.18.4-6.el9_0.i686.rpm
|
SHA-256: 7f00158c5554eb748151e499f289c223012e00858116cfd1ae4482688e264a18 |
gstreamer1-plugins-bad-free-devel-1.18.4-6.el9_0.x86_64.rpm
|
SHA-256: 8f1749b3297fa4f9ea3f3f85656c3e8e9a2ca13246887ecccbf8dee94a6fd406 |
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.0
SRPM |
ppc64le |
gstreamer1-plugins-bad-free-debuginfo-1.18.4-6.el9_0.ppc64le.rpm
|
SHA-256: d3a18bbf279679c52ac7b7abcd45382164090edd6cdc9a3f22cb0cbd43713356 |
gstreamer1-plugins-bad-free-debugsource-1.18.4-6.el9_0.ppc64le.rpm
|
SHA-256: 2c835fc3ad69bdf4ded0bc479c12457892742890430eb3c38717ba717da15ae4 |
gstreamer1-plugins-bad-free-devel-1.18.4-6.el9_0.ppc64le.rpm
|
SHA-256: 405e468469f43f4328ac9036d3c4cb3e5d7c38984baa5625ba83d578e60afeb5 |
Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.0
SRPM |
s390x |
gstreamer1-plugins-bad-free-debuginfo-1.18.4-6.el9_0.s390x.rpm
|
SHA-256: a3079811208170910558bab3538a56bc3e9b9cd1a1841d48dc5ec5c9418b1089 |
gstreamer1-plugins-bad-free-debugsource-1.18.4-6.el9_0.s390x.rpm
|
SHA-256: e896c80265da07dcd5290e6f5faa09b940af6ddd34ec12ad1d3c8c6315b31e82 |
gstreamer1-plugins-bad-free-devel-1.18.4-6.el9_0.s390x.rpm
|
SHA-256: 307054c218882189f2e4b3b94f92473a7524b56fff5182d59ae0126a75e2080d |
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.0
SRPM |
aarch64 |
gstreamer1-plugins-bad-free-debuginfo-1.18.4-6.el9_0.aarch64.rpm
|
SHA-256: aa865d8ecc1b8d85f2231778e09743cc10e8dc4fc5c917d34816fd64d84b0617 |
gstreamer1-plugins-bad-free-debugsource-1.18.4-6.el9_0.aarch64.rpm
|
SHA-256: 1f46f720b394e2a8f916a031bcec1ddb4d293b55c0cc102a0a831105490bccb2 |
gstreamer1-plugins-bad-free-devel-1.18.4-6.el9_0.aarch64.rpm
|
SHA-256: 5a20a590f7bca1650f31d939c6430b9db96b41565d97ec0dbbffa087a5aec8ac |
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.0
SRPM |
gstreamer1-plugins-bad-free-1.18.4-6.el9_0.src.rpm
|
SHA-256: be840216f42f28d1c3f624cddd8bdc8655fa66ba3068f6f27916dffbb52a48a4 |
aarch64 |
gstreamer1-plugins-bad-free-1.18.4-6.el9_0.aarch64.rpm
|
SHA-256: 81d16c93ad44e9216d93432619c64dd44cd6ac9003e7585005c6faf034aefb67 |
gstreamer1-plugins-bad-free-debuginfo-1.18.4-6.el9_0.aarch64.rpm
|
SHA-256: aa865d8ecc1b8d85f2231778e09743cc10e8dc4fc5c917d34816fd64d84b0617 |
gstreamer1-plugins-bad-free-debugsource-1.18.4-6.el9_0.aarch64.rpm
|
SHA-256: 1f46f720b394e2a8f916a031bcec1ddb4d293b55c0cc102a0a831105490bccb2 |
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.0
SRPM |
gstreamer1-plugins-bad-free-1.18.4-6.el9_0.src.rpm
|
SHA-256: be840216f42f28d1c3f624cddd8bdc8655fa66ba3068f6f27916dffbb52a48a4 |
s390x |
gstreamer1-plugins-bad-free-1.18.4-6.el9_0.s390x.rpm
|
SHA-256: 80969161382ed17f9a03e09139ea5f900eda81aff5d90b6f0a9241742e0e3858 |
gstreamer1-plugins-bad-free-debuginfo-1.18.4-6.el9_0.s390x.rpm
|
SHA-256: a3079811208170910558bab3538a56bc3e9b9cd1a1841d48dc5ec5c9418b1089 |
gstreamer1-plugins-bad-free-debugsource-1.18.4-6.el9_0.s390x.rpm
|
SHA-256: e896c80265da07dcd5290e6f5faa09b940af6ddd34ec12ad1d3c8c6315b31e82 |