Red Hat Product Errata RHSA-2023:7875 - Security Advisory
Issued:
2023-12-18
Updated:
2023-12-18

RHSA-2023:7875 - Security Advisory

Synopsis

Important: gstreamer1-plugins-bad-free security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for gstreamer1-plugins-bad-free is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer.

Security Fix(es):

  • gstreamer: MXF demuxer use-after-free vulnerability (CVE-2023-44446)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server - AUS 8.2 x86_64
  • Red Hat Enterprise Linux Server - TUS 8.2 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2 x86_64

Fixes

  • BZ - 2250249 - CVE-2023-44446 gstreamer: MXF demuxer use-after-free vulnerability

Red Hat Enterprise Linux Server - AUS 8.2

SRPM
gstreamer1-plugins-bad-free-1.16.1-2.el8_2.src.rpm SHA-256: a44d9daf147ee4cebe36d266beb615a5ea981087f37dd8eb86ab3f9750fa8c1c
x86_64
gstreamer1-plugins-bad-free-1.16.1-2.el8_2.i686.rpm SHA-256: 528e4ff832b130b5590033fde8d5665aedf8875f5ed923289c9daeb619376e4d
gstreamer1-plugins-bad-free-1.16.1-2.el8_2.x86_64.rpm SHA-256: 7e1ad2534244998a1ed10ebb07db16cb9b647b6a5905045b825e4df200114c57
gstreamer1-plugins-bad-free-debuginfo-1.16.1-2.el8_2.i686.rpm SHA-256: e162be35db5e8aa437538434382dad48bda0c68ef1ec9a155adc01520b12885d
gstreamer1-plugins-bad-free-debuginfo-1.16.1-2.el8_2.x86_64.rpm SHA-256: dfcf4f39ed0dc63e14318653c1b66db96d0db3fb5ef77393490695e8327371e2
gstreamer1-plugins-bad-free-debugsource-1.16.1-2.el8_2.i686.rpm SHA-256: 7f2cb9d38ed2c601b60c75a8efc342875026113cc17d338bd91491d902e64cf4
gstreamer1-plugins-bad-free-debugsource-1.16.1-2.el8_2.x86_64.rpm SHA-256: b5d46162d71f14c465a75a9564d2bdbc6c5ab5a35392c74a3f8f2ca6a0c09011

Red Hat Enterprise Linux Server - TUS 8.2

SRPM
gstreamer1-plugins-bad-free-1.16.1-2.el8_2.src.rpm SHA-256: a44d9daf147ee4cebe36d266beb615a5ea981087f37dd8eb86ab3f9750fa8c1c
x86_64
gstreamer1-plugins-bad-free-1.16.1-2.el8_2.i686.rpm SHA-256: 528e4ff832b130b5590033fde8d5665aedf8875f5ed923289c9daeb619376e4d
gstreamer1-plugins-bad-free-1.16.1-2.el8_2.x86_64.rpm SHA-256: 7e1ad2534244998a1ed10ebb07db16cb9b647b6a5905045b825e4df200114c57
gstreamer1-plugins-bad-free-debuginfo-1.16.1-2.el8_2.i686.rpm SHA-256: e162be35db5e8aa437538434382dad48bda0c68ef1ec9a155adc01520b12885d
gstreamer1-plugins-bad-free-debuginfo-1.16.1-2.el8_2.x86_64.rpm SHA-256: dfcf4f39ed0dc63e14318653c1b66db96d0db3fb5ef77393490695e8327371e2
gstreamer1-plugins-bad-free-debugsource-1.16.1-2.el8_2.i686.rpm SHA-256: 7f2cb9d38ed2c601b60c75a8efc342875026113cc17d338bd91491d902e64cf4
gstreamer1-plugins-bad-free-debugsource-1.16.1-2.el8_2.x86_64.rpm SHA-256: b5d46162d71f14c465a75a9564d2bdbc6c5ab5a35392c74a3f8f2ca6a0c09011

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2

SRPM
gstreamer1-plugins-bad-free-1.16.1-2.el8_2.src.rpm SHA-256: a44d9daf147ee4cebe36d266beb615a5ea981087f37dd8eb86ab3f9750fa8c1c
ppc64le
gstreamer1-plugins-bad-free-1.16.1-2.el8_2.ppc64le.rpm SHA-256: b98c86bdefe960b33f513f77fe9506fb88241658e2f65faa89801268ef66bb41
gstreamer1-plugins-bad-free-debuginfo-1.16.1-2.el8_2.ppc64le.rpm SHA-256: 7770ee628f0034bf7e788e300522c31e2eb077f046792b23b9d5478fd9fcfd6f
gstreamer1-plugins-bad-free-debugsource-1.16.1-2.el8_2.ppc64le.rpm SHA-256: a84188afcc582b6dedb523d94273468de3cd6a70586ef9ef60e2e5f5a655353c

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2

SRPM
gstreamer1-plugins-bad-free-1.16.1-2.el8_2.src.rpm SHA-256: a44d9daf147ee4cebe36d266beb615a5ea981087f37dd8eb86ab3f9750fa8c1c
x86_64
gstreamer1-plugins-bad-free-1.16.1-2.el8_2.i686.rpm SHA-256: 528e4ff832b130b5590033fde8d5665aedf8875f5ed923289c9daeb619376e4d
gstreamer1-plugins-bad-free-1.16.1-2.el8_2.x86_64.rpm SHA-256: 7e1ad2534244998a1ed10ebb07db16cb9b647b6a5905045b825e4df200114c57
gstreamer1-plugins-bad-free-debuginfo-1.16.1-2.el8_2.i686.rpm SHA-256: e162be35db5e8aa437538434382dad48bda0c68ef1ec9a155adc01520b12885d
gstreamer1-plugins-bad-free-debuginfo-1.16.1-2.el8_2.x86_64.rpm SHA-256: dfcf4f39ed0dc63e14318653c1b66db96d0db3fb5ef77393490695e8327371e2
gstreamer1-plugins-bad-free-debugsource-1.16.1-2.el8_2.i686.rpm SHA-256: 7f2cb9d38ed2c601b60c75a8efc342875026113cc17d338bd91491d902e64cf4
gstreamer1-plugins-bad-free-debugsource-1.16.1-2.el8_2.x86_64.rpm SHA-256: b5d46162d71f14c465a75a9564d2bdbc6c5ab5a35392c74a3f8f2ca6a0c09011

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.