红帽产品勘误 RHSA-2024:11141 - Security Advisory
发布:
2024-12-16
已更新:
2024-12-16

RHSA-2024:11141 - Security Advisory

概述

Important: gstreamer1-plugins-base security update

类型/严重性

Security Advisory: Important

Red Hat Insights 补丁分析

识别并修复受此公告影响的系统。

查看受影响的系统

标题

An update for gstreamer1-plugins-base is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

描述

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-base packages contain a collection of well-maintained base plug-ins.

Security Fix(es):

  • gstreamer1-plugins-base: GStreamer has a stack-buffer overflow in vorbis_handle_identification_packet (CVE-2024-47538)
  • gstreamer1-plugins-base: out-of-bounds write in Ogg demuxer (CVE-2024-47615)
  • gstreamer1-plugins-base: stack-buffer overflow in gst_opus_dec_parse_header (CVE-2024-47607)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

解决方案

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

受影响的产品

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.6 x86_64
  • Red Hat Enterprise Linux Server - TUS 8.6 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64

修复

  • BZ - 2331727 - CVE-2024-47538 gstreamer1-plugins-base: GStreamer has a stack-buffer overflow in vorbis_handle_identification_packet
  • BZ - 2331740 - CVE-2024-47615 gstreamer1-plugins-base: out-of-bounds write in Ogg demuxer
  • BZ - 2331754 - CVE-2024-47607 gstreamer1-plugins-base: stack-buffer overflow in gst_opus_dec_parse_header

Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.6

SRPM
gstreamer1-plugins-base-1.16.1-3.el8_6.src.rpm SHA-256: d5623d937ad304b82e05aee2f0f6ef23ec2e947e02a2dde38ea7d681a174e64c
x86_64
gstreamer1-plugins-base-1.16.1-3.el8_6.i686.rpm SHA-256: a0dc065ff51018120019792386ed13729a07f59d857ae0d27d30dd3925e06342
gstreamer1-plugins-base-1.16.1-3.el8_6.x86_64.rpm SHA-256: 09b0ffdfc6eeb2679b7609fce60b0afd077ba714cc9922bdc74ea55a237f506d
gstreamer1-plugins-base-debuginfo-1.16.1-3.el8_6.i686.rpm SHA-256: ba2f38e625349fff9f5c1c54adf0d1b9fac5d3db4c1f10ed2937c256fd300a7a
gstreamer1-plugins-base-debuginfo-1.16.1-3.el8_6.x86_64.rpm SHA-256: ce0c54b0fe34a5aaef5befda292af9fa25f19e592bce61e02d93f250bef67744
gstreamer1-plugins-base-debugsource-1.16.1-3.el8_6.i686.rpm SHA-256: 7ff4c77b5e66825bc9481e1a2d1efe28b5d08a95da9cc5d0ba8260223d68fb0b
gstreamer1-plugins-base-debugsource-1.16.1-3.el8_6.x86_64.rpm SHA-256: 93c014ae2b5211ccbe85d9b50c0b9a2196bf64ff9fe58ba7827aec57da7dd43d
gstreamer1-plugins-base-devel-1.16.1-3.el8_6.i686.rpm SHA-256: a89f3f199c0210b3f6699c391a667105e1f29f2c119fda053b5e3137216a3bf3
gstreamer1-plugins-base-devel-1.16.1-3.el8_6.x86_64.rpm SHA-256: d6b7c3ece104b5831a4455af22b1b2c789f275ead991cd85fdf9aa0479d57bda
gstreamer1-plugins-base-tools-debuginfo-1.16.1-3.el8_6.i686.rpm SHA-256: b943b1d54ab963b061042d21c2d6f9f1dcd6918468de551d83423cc9cec3a945
gstreamer1-plugins-base-tools-debuginfo-1.16.1-3.el8_6.x86_64.rpm SHA-256: 75870efd460c73195a398b071e21277fada594e96ddfe1b4b9376ebb8bdda472

Red Hat Enterprise Linux Server - AUS 8.6

SRPM
gstreamer1-plugins-base-1.16.1-3.el8_6.src.rpm SHA-256: d5623d937ad304b82e05aee2f0f6ef23ec2e947e02a2dde38ea7d681a174e64c
x86_64
gstreamer1-plugins-base-1.16.1-3.el8_6.i686.rpm SHA-256: a0dc065ff51018120019792386ed13729a07f59d857ae0d27d30dd3925e06342
gstreamer1-plugins-base-1.16.1-3.el8_6.x86_64.rpm SHA-256: 09b0ffdfc6eeb2679b7609fce60b0afd077ba714cc9922bdc74ea55a237f506d
gstreamer1-plugins-base-debuginfo-1.16.1-3.el8_6.i686.rpm SHA-256: ba2f38e625349fff9f5c1c54adf0d1b9fac5d3db4c1f10ed2937c256fd300a7a
gstreamer1-plugins-base-debuginfo-1.16.1-3.el8_6.x86_64.rpm SHA-256: ce0c54b0fe34a5aaef5befda292af9fa25f19e592bce61e02d93f250bef67744
gstreamer1-plugins-base-debugsource-1.16.1-3.el8_6.i686.rpm SHA-256: 7ff4c77b5e66825bc9481e1a2d1efe28b5d08a95da9cc5d0ba8260223d68fb0b
gstreamer1-plugins-base-debugsource-1.16.1-3.el8_6.x86_64.rpm SHA-256: 93c014ae2b5211ccbe85d9b50c0b9a2196bf64ff9fe58ba7827aec57da7dd43d
gstreamer1-plugins-base-devel-1.16.1-3.el8_6.i686.rpm SHA-256: a89f3f199c0210b3f6699c391a667105e1f29f2c119fda053b5e3137216a3bf3
gstreamer1-plugins-base-devel-1.16.1-3.el8_6.x86_64.rpm SHA-256: d6b7c3ece104b5831a4455af22b1b2c789f275ead991cd85fdf9aa0479d57bda
gstreamer1-plugins-base-tools-debuginfo-1.16.1-3.el8_6.i686.rpm SHA-256: b943b1d54ab963b061042d21c2d6f9f1dcd6918468de551d83423cc9cec3a945
gstreamer1-plugins-base-tools-debuginfo-1.16.1-3.el8_6.x86_64.rpm SHA-256: 75870efd460c73195a398b071e21277fada594e96ddfe1b4b9376ebb8bdda472

Red Hat Enterprise Linux Server - TUS 8.6

SRPM
gstreamer1-plugins-base-1.16.1-3.el8_6.src.rpm SHA-256: d5623d937ad304b82e05aee2f0f6ef23ec2e947e02a2dde38ea7d681a174e64c
x86_64
gstreamer1-plugins-base-1.16.1-3.el8_6.i686.rpm SHA-256: a0dc065ff51018120019792386ed13729a07f59d857ae0d27d30dd3925e06342
gstreamer1-plugins-base-1.16.1-3.el8_6.x86_64.rpm SHA-256: 09b0ffdfc6eeb2679b7609fce60b0afd077ba714cc9922bdc74ea55a237f506d
gstreamer1-plugins-base-debuginfo-1.16.1-3.el8_6.i686.rpm SHA-256: ba2f38e625349fff9f5c1c54adf0d1b9fac5d3db4c1f10ed2937c256fd300a7a
gstreamer1-plugins-base-debuginfo-1.16.1-3.el8_6.x86_64.rpm SHA-256: ce0c54b0fe34a5aaef5befda292af9fa25f19e592bce61e02d93f250bef67744
gstreamer1-plugins-base-debugsource-1.16.1-3.el8_6.i686.rpm SHA-256: 7ff4c77b5e66825bc9481e1a2d1efe28b5d08a95da9cc5d0ba8260223d68fb0b
gstreamer1-plugins-base-debugsource-1.16.1-3.el8_6.x86_64.rpm SHA-256: 93c014ae2b5211ccbe85d9b50c0b9a2196bf64ff9fe58ba7827aec57da7dd43d
gstreamer1-plugins-base-devel-1.16.1-3.el8_6.i686.rpm SHA-256: a89f3f199c0210b3f6699c391a667105e1f29f2c119fda053b5e3137216a3bf3
gstreamer1-plugins-base-devel-1.16.1-3.el8_6.x86_64.rpm SHA-256: d6b7c3ece104b5831a4455af22b1b2c789f275ead991cd85fdf9aa0479d57bda
gstreamer1-plugins-base-tools-debuginfo-1.16.1-3.el8_6.i686.rpm SHA-256: b943b1d54ab963b061042d21c2d6f9f1dcd6918468de551d83423cc9cec3a945
gstreamer1-plugins-base-tools-debuginfo-1.16.1-3.el8_6.x86_64.rpm SHA-256: 75870efd460c73195a398b071e21277fada594e96ddfe1b4b9376ebb8bdda472

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6

SRPM
gstreamer1-plugins-base-1.16.1-3.el8_6.src.rpm SHA-256: d5623d937ad304b82e05aee2f0f6ef23ec2e947e02a2dde38ea7d681a174e64c
ppc64le
gstreamer1-plugins-base-1.16.1-3.el8_6.ppc64le.rpm SHA-256: d84ba1e0f89676fe527d4b7bf9af21377021ab60363ea248ceccc9a4783f2523
gstreamer1-plugins-base-debuginfo-1.16.1-3.el8_6.ppc64le.rpm SHA-256: 36b9e77d99d0bddaefa23d6cfe57dd06ca247f2f2d43d378893ee149248763f2
gstreamer1-plugins-base-debugsource-1.16.1-3.el8_6.ppc64le.rpm SHA-256: 147615fc3b6699a6b251585b7ce38ad7f9230b4e119eda44ac34fa1a2a6c029e
gstreamer1-plugins-base-devel-1.16.1-3.el8_6.ppc64le.rpm SHA-256: c568169daaa91afbc9696d9488538d269dd815a1bca5f9f31218fde84bd50149
gstreamer1-plugins-base-tools-debuginfo-1.16.1-3.el8_6.ppc64le.rpm SHA-256: daaa37ab81d98dd6ffcb3aafa0ec0fdec66fbe82a7ca5bfb9a8fb253d01cba03

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6

SRPM
gstreamer1-plugins-base-1.16.1-3.el8_6.src.rpm SHA-256: d5623d937ad304b82e05aee2f0f6ef23ec2e947e02a2dde38ea7d681a174e64c
x86_64
gstreamer1-plugins-base-1.16.1-3.el8_6.i686.rpm SHA-256: a0dc065ff51018120019792386ed13729a07f59d857ae0d27d30dd3925e06342
gstreamer1-plugins-base-1.16.1-3.el8_6.x86_64.rpm SHA-256: 09b0ffdfc6eeb2679b7609fce60b0afd077ba714cc9922bdc74ea55a237f506d
gstreamer1-plugins-base-debuginfo-1.16.1-3.el8_6.i686.rpm SHA-256: ba2f38e625349fff9f5c1c54adf0d1b9fac5d3db4c1f10ed2937c256fd300a7a
gstreamer1-plugins-base-debuginfo-1.16.1-3.el8_6.x86_64.rpm SHA-256: ce0c54b0fe34a5aaef5befda292af9fa25f19e592bce61e02d93f250bef67744
gstreamer1-plugins-base-debugsource-1.16.1-3.el8_6.i686.rpm SHA-256: 7ff4c77b5e66825bc9481e1a2d1efe28b5d08a95da9cc5d0ba8260223d68fb0b
gstreamer1-plugins-base-debugsource-1.16.1-3.el8_6.x86_64.rpm SHA-256: 93c014ae2b5211ccbe85d9b50c0b9a2196bf64ff9fe58ba7827aec57da7dd43d
gstreamer1-plugins-base-devel-1.16.1-3.el8_6.i686.rpm SHA-256: a89f3f199c0210b3f6699c391a667105e1f29f2c119fda053b5e3137216a3bf3
gstreamer1-plugins-base-devel-1.16.1-3.el8_6.x86_64.rpm SHA-256: d6b7c3ece104b5831a4455af22b1b2c789f275ead991cd85fdf9aa0479d57bda
gstreamer1-plugins-base-tools-debuginfo-1.16.1-3.el8_6.i686.rpm SHA-256: b943b1d54ab963b061042d21c2d6f9f1dcd6918468de551d83423cc9cec3a945
gstreamer1-plugins-base-tools-debuginfo-1.16.1-3.el8_6.x86_64.rpm SHA-256: 75870efd460c73195a398b071e21277fada594e96ddfe1b4b9376ebb8bdda472

Red Hat 安全团队联络方式为 secalert@redhat.com。 更多联络细节请参考 https://access.redhat.com/security/team/contact/