#21498 closed enhancement (fixed)
gstreamer gst-plugins-base gst-plugins-good gst-plugins-bad gst-plugins-ugly gst-libav gst-plugins-rs-gstreamer (libgstgtk4) 1.26.1
| Reported by: | Bruce Dubbs | Owned by: | Douglas R. Reno |
|---|---|---|---|
| Priority: | elevated | Milestone: | 12.4 |
| Component: | BOOK | Version: | git |
| Severity: | normal | Keywords: | |
| Cc: |
Description
New point version.
Change History (4)
comment:1 by , 10 months ago
| Priority: | normal → elevated |
|---|
comment:2 by , 9 months ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
comment:3 by , 9 months ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
Fixed at f60386db1648ef6ca85df54b9182adae65b3477e
SA added to my todo list.
Note:
See TracTickets
for help on using tickets.
Changelog: https://gstreamer.freedesktop.org/releases/1.26/#1.26.1
It fixes many bugs, and notably fixes a security issue ZDI-CAN-26596/CVE-2025-3887 (https://gstreamer.freedesktop.org/security/sa-2025-0001.html) in gst-plugins-bad. ZDI and CVE do not discuss the vulnerability but Gstreamer has.
The issue allows for handling malformed streams with the H.264 codec parser, triggering a stack buffer overflow.