Package: gst-plugins-base1.0 / 1.14.4-2+deb10u1

Metadata

Package Version Patches format
gst-plugins-base1.0 1.14.4-2+deb10u1 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
0001 gstrtspconnection Security loophole making heap over.patch | (download)

gst-libs/gst/rtsp/gstrtspconnection.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 [patch] gstrtspconnection: security loophole making heap overflow

The former code allowed an attacker to create a heap overflow by
sending a longer than allowed session id in a response and including a
semicolon to change the maximum length. With this change, the parser
will never go beyond 512 bytes.

0001 tag id3v2 fix frame size check and potential invalid reads.patch | (download)

gst-libs/gst/tag/id3v2frames.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 [patch] tag: id3v2: fix frame size check and potential invalid reads

Check the right variable when checking if there's
enough data left to read the frame size.

Closes https://gitlab.freedesktop.org/gstreamer/gst-plugins-base/-/issues/876

Part-of: <https://gitlab.freedesktop.org/gstreamer/gst-plugins-base/-/merge_requests/1065>