Red Hat Product Errata RHSA-2024:3089 - Security Advisory
Issued:
2024-05-22
Updated:
2024-05-22

RHSA-2024:3089 - Security Advisory

Synopsis

Moderate: gstreamer1-plugins-good security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for gstreamer1-plugins-good is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-good packages contain a collection of well-supported plug-ins of good quality and under the LGPL license.

Security Fix(es):

  • gstreamer-plugins-good: integer overflow leading to heap overwrite in FLAC image tag handling (CVE-2023-37327)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.10 Release Notes linked from the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 8 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 8 s390x
  • Red Hat Enterprise Linux for Power, little endian 8 ppc64le
  • Red Hat Enterprise Linux for ARM 64 8 aarch64

Fixes

  • BZ - 2254539 - CVE-2023-37327 gstreamer-plugins-good: integer overflow leading to heap overwrite in FLAC image tag handling

Red Hat Enterprise Linux for x86_64 8

SRPM
gstreamer1-plugins-good-1.16.1-4.el8.src.rpm SHA-256: 42c56ba4c8666ddc6c65866d1272163b53201ede9811dc43eb17045e9b6c9d11
x86_64
gstreamer1-plugins-good-1.16.1-4.el8.i686.rpm SHA-256: ba3f919dd73f83088402b0f5e6b6aaf6762568b6c9df5f6a055344f007d3bfca
gstreamer1-plugins-good-1.16.1-4.el8.x86_64.rpm SHA-256: cb533b10693ad3df606484d4211ab681f3b366c3eed58bc763ca10adb7d7b6bd
gstreamer1-plugins-good-debuginfo-1.16.1-4.el8.i686.rpm SHA-256: 27a3e77037d75e5f03f721ec3be2d0ffa919b17358480a3f7fcc609c819cd1d2
gstreamer1-plugins-good-debuginfo-1.16.1-4.el8.x86_64.rpm SHA-256: 12784d719fa3418d8ebfc24bef7daf3603a8598f028025fb0fc707ee6dd5bba5
gstreamer1-plugins-good-debugsource-1.16.1-4.el8.i686.rpm SHA-256: ae286b4e6619fae5816a28273986296a6f6e528c7e117718701398af0a50f0d5
gstreamer1-plugins-good-debugsource-1.16.1-4.el8.x86_64.rpm SHA-256: f50cf4585d66c1e655fd7e5d5728a5f37b61bc7f75fae12c1c01deb58782dc98
gstreamer1-plugins-good-gtk-1.16.1-4.el8.i686.rpm SHA-256: 6ce9afda9e59b830dfb1a3695320773405bdd5834a2a9279b85a1024f60d2097
gstreamer1-plugins-good-gtk-1.16.1-4.el8.x86_64.rpm SHA-256: 480fc144f5aa44beabd55da6d2e859826075c94508f3af1699cf3ab9f0e3d564
gstreamer1-plugins-good-gtk-debuginfo-1.16.1-4.el8.i686.rpm SHA-256: 08561c2d2d9f5119562c8d12118fb2d5c58194d5bff5a4e0d2325fc060d99965
gstreamer1-plugins-good-gtk-debuginfo-1.16.1-4.el8.x86_64.rpm SHA-256: d86edcbfcb0ea8df3652503ad047dbfd9ad80eaa6577f7c4de83f04c9a9dbb1d

Red Hat Enterprise Linux for IBM z Systems 8

SRPM
gstreamer1-plugins-good-1.16.1-4.el8.src.rpm SHA-256: 42c56ba4c8666ddc6c65866d1272163b53201ede9811dc43eb17045e9b6c9d11
s390x
gstreamer1-plugins-good-1.16.1-4.el8.s390x.rpm SHA-256: 459e97ee819c20e2f8ab9ea2f1d81f3a1ef4416d5100d4a453ba1880f685d09a
gstreamer1-plugins-good-debuginfo-1.16.1-4.el8.s390x.rpm SHA-256: 9ac30eb09ed7e1ebc1df454f3c43415f2c49d34172ed60aaedc678d3ee8a7960
gstreamer1-plugins-good-debugsource-1.16.1-4.el8.s390x.rpm SHA-256: 9437c1687878f70f1e78eae50da9b73f17ab1667e3ceb6788d27b322707a30ab
gstreamer1-plugins-good-gtk-1.16.1-4.el8.s390x.rpm SHA-256: 5d20d1e51fcc8ae78a63520b63fa48e9e1484116d666e877788d4c301a3a2533
gstreamer1-plugins-good-gtk-debuginfo-1.16.1-4.el8.s390x.rpm SHA-256: 7761f44c7356c3af0063384d7b28f86c72c6c9c18c545d12d06a992fbfab3cd4

Red Hat Enterprise Linux for Power, little endian 8

SRPM
gstreamer1-plugins-good-1.16.1-4.el8.src.rpm SHA-256: 42c56ba4c8666ddc6c65866d1272163b53201ede9811dc43eb17045e9b6c9d11
ppc64le
gstreamer1-plugins-good-1.16.1-4.el8.ppc64le.rpm SHA-256: fdd7e92fee839c8bbbbc7c6a38f9fb31f9dc2a775b2f5fc045bac9555150f6fa
gstreamer1-plugins-good-debuginfo-1.16.1-4.el8.ppc64le.rpm SHA-256: 7e1d068ea6646c1ce0e729eeb2ce1259127c0bff5e6dda8097d6356a2141000d
gstreamer1-plugins-good-debugsource-1.16.1-4.el8.ppc64le.rpm SHA-256: a09dbbc98016815f8b5855d0ffc89e09b502c1dcdc7301ecc0029bf037b318dc
gstreamer1-plugins-good-gtk-1.16.1-4.el8.ppc64le.rpm SHA-256: eaaf4a47b0cd70e39690ad0c318643611039bc3833c036f5e6b506f1a9617c5e
gstreamer1-plugins-good-gtk-debuginfo-1.16.1-4.el8.ppc64le.rpm SHA-256: 3acb1bae91da889b54e6a6d915161add8b534890330fc59a232b66a25d9ba729

Red Hat Enterprise Linux for ARM 64 8

SRPM
gstreamer1-plugins-good-1.16.1-4.el8.src.rpm SHA-256: 42c56ba4c8666ddc6c65866d1272163b53201ede9811dc43eb17045e9b6c9d11
aarch64
gstreamer1-plugins-good-1.16.1-4.el8.aarch64.rpm SHA-256: e437c5f6177f68806d58ff67d60a1fc7f06661205242a0f729cae3f7959a8cac
gstreamer1-plugins-good-debuginfo-1.16.1-4.el8.aarch64.rpm SHA-256: 49f7dfb47d9ee5e69893fc6f4ca273c9bb93e53c7135f32371fa66df31d72aee
gstreamer1-plugins-good-debugsource-1.16.1-4.el8.aarch64.rpm SHA-256: 62efc17ef8715c3a00d1c51aacf3ff5d6f66778114ca58d1591d920bc15b115a
gstreamer1-plugins-good-gtk-1.16.1-4.el8.aarch64.rpm SHA-256: 149b6118fc913c5e93932bde2bc7bb62969526974565db664cd2443d951ef72f
gstreamer1-plugins-good-gtk-debuginfo-1.16.1-4.el8.aarch64.rpm SHA-256: 14294913926d50ffaab9a90fb3f434711f32a412eb381c699ea7d6ff6f5ea6ca

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.