SUSE Package Hub - SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2023-3249

Update Info

SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2023-3249

Security update for gstreamer-plugins-bad

Type: security

Severity: important

Issued: 2023-08-08

Description:

This update for gstreamer-plugins-bad fixes the following issues:

- CVE-2023-37329: Fixed a heap overwrite in PGS subtitle overlay decoder which might trigger a crash or remote code execution. (bsc#1213126)

References

CVE: CVE-2023-37329
Bugzilla: 1213126 VUL-0: CVE-2023-37329: gstreamer-plugins-base: GStreamer SRT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

Packages

gstreamer-plugins-bad-1.22.0-150500.3.3.1