Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <2125e253-9551-43c3-81b0-cb5050ab1964@oracle.com>
Date: Fri, 13 Dec 2024 10:26:59 -0800
From: Alan Coopersmith <alan.coopersmith@...cle.com>
To: oss-security@...ts.openwall.com
Subject: GStreamer 1.24.10 stable security bug-fix release

https://discourse.gstreamer.org/t/gstreamer-1-24-10-stable-bug-fix-release/3683
was posted on December 3, announcing:

    The GStreamer team is pleased to announce another bug fix release in the new
    stable 1.24 release series.

    This release only contains bug fixes and security fixes. It should be safe to
    upgrade from 1.24.x and we recommend you update at your earliest convenience.

     Highlights:

     - More than 40 security fixes across a wide range of elements following an
       audit by the GitHub Security Lab, including the MP4, Matroska, Ogg and WAV
       demuxers, subtitle parsers, image decoders, audio decoders and the id3v2
       tag parser.

where "security fixes" links to https://gstreamer.freedesktop.org/security/
which lists these advisories dated Dec. 3:

GStreamer-SA-2024-0030 	Use-after-free in Matroska demuxer
GHSL-2024-280
CVE-2024-47834

GStreamer-SA-2024-0029 	NULL-pointer dereference in LRC subtitle parser
GHSL-2024-263
CVE-2024-47835

GStreamer-SA-2024-0028 	Integer overflow in AVI subtitle parser that leads to out-of-bounds reads
GHSL-2024-262
CVE-2024-47774

GStreamer-SA-2024-0027 	Various out-of-bounds reads in WAV parser
GHSL-2024-261, GHSL-2024-260, GHSL-2024-259, GHSL-2024-258
CVE-2024-47778, CVE-2024-47777, CVE-2024-47776, CVE-2024-47775

GStreamer-SA-2024-0026 	Out-of-bounds write in Ogg demuxer
GHSL-2024-117
CVE-2024-47615

GStreamer-SA-2024-0025 	NULL-pointer dereference in gdk-pixbuf decoder
GHSL-2024-118
CVE-2024-47613

GStreamer-SA-2024-0024 	Stack buffer-overflow in Opus decoder
GHSL-2024-116
CVE-2024-47607

GStreamer-SA-2024-0023 	Out-of-bounds write in SSA subtitle parser
GHSL-2024-228
CVE-2024-47541

GStreamer-SA-2024-0022 	Stack buffer-overflow in Vorbis decoder
GHSL-2024-115
CVE-2024-47538

GStreamer-SA-2024-0021 	NULL-pointer dereference in Matroska/WebM demuxer
GHSL-2024-251
CVE-2024-47603

GStreamer-SA-2024-0020 	NULL-pointer dereference in Matroska/WebM demuxer
GHSL-2024-249
CVE-2024-47601

GStreamer-SA-2024-0019 	NULL-pointer dereferences and out-of-bounds reads in Matroska/WebM demuxer
GHSL-2024-250
CVE-2024-47602

GStreamer-SA-2024-0018 	Out-of-bounds read in gst-discoverer-1.0 commandline tool
GHSL-2024-248
CVE-2024-47600

GStreamer-SA-2024-0017 	Usage of uninitialized stack memory in Matroska/WebM demuxer
GHSL-2024-197
CVE-2024-47540

GStreamer-SA-2024-0016 	Insufficient error handling in JPEG decoder that can lead to NULL-pointer dereferences
GHSL-2024-247
CVE-2024-47599

GStreamer-SA-2024-0015 	Integer underflow in MP4/MOV demuxer that can lead to out-of-bounds reads
GHSL-2024-244
CVE-2024-47596

GStreamer-SA-2024-0014 	Integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes
GHSL-2024-166
CVE-2024-47606

GStreamer-SA-2024-0013 	Integer underflow in MP4/MOV demuxer that can lead to out-of-bounds reads
GHSL-2024-243
CVE-2024-47546

GStreamer-SA-2024-0012 	Out-of-bounds reads in MP4/MOV demuxer sample table parser
GHSL-2024-245
CVE-2024-47597

GStreamer-SA-2024-0011 	NULL-pointer dereferences in MP4/MOV demuxer CENC handling
GHSL-2024-238, GHSL-2024-239, GHSL-2024-240
CVE-2024-47544

GStreamer-SA-2024-0010 	Integer overflow in MP4/MOV demuxer that can result in out-of-bounds read
GHSL-2024-242
CVE-2024-47545

GStreamer-SA-2024-0009 	MP4/MOV demuxer out-of-bounds read
GHSL-2024-236
CVE-2024-47543

GStreamer-SA-2024-0008 	ID3v2 parser out-of-bounds read and NULL-pointer dereference
GHSL-2024-235
CVE-2024-47542

GStreamer-SA-2024-0007 	MP4/MOV Closed Caption handling out-of-bounds write
GHSL-2024-195
CVE-2024-47539

GStreamer-SA-2024-0006 	MP4/MOV sample table parser out-of-bounds read
GHSL-2024-246
CVE-2024-47598

GStreamer-SA-2024-0005 	Integer overflow in MP4/MOV sample table parser leading to out-of-bounds writes
GHSL-2024-094, GHSL-2024-237, GHSL-2024-241
CVE-2024-47537

which affect the gstreamer core, gstreamer-plugins-base, and
gstreamer-plugins-good packages.

-- 
         -Alan Coopersmith-                 alan.coopersmith@...cle.com
          Oracle Solaris Engineering - https://blogs.oracle.com/solaris

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.