Vulnerability   
Search   
    Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.4.2021.1819.1
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2021:1819-1)
Summary:The remote host is missing an update for the 'gstreamer, gstreamer-plugins-bad, gstreamer-plugins-base, gstreamer-plugins-good, gstreamer-plugins-ugly' package(s) announced via the SUSE-SU-2021:1819-1 advisory.
Description:Summary:
The remote host is missing an update for the 'gstreamer, gstreamer-plugins-bad, gstreamer-plugins-base, gstreamer-plugins-good, gstreamer-plugins-ugly' package(s) announced via the SUSE-SU-2021:1819-1 advisory.

Vulnerability Insight:
This update for gstreamer, gstreamer-plugins-bad, gstreamer-plugins-base,
gstreamer-plugins-good, gstreamer-plugins-ugly fixes the following issues:

gstreamer was updated to version 1.16.3 (bsc#1181255):

delay creation of threadpools

bin: Fix `deep-element-removed` log message

buffer: fix meta sequence number fallback on rpi

bufferlist: foreach: always remove as parent if buffer is changed

bus: Make setting/replacing/clearing the sync handler thread-safe

elementfactory: Fix missing features in case a feature moves to another
filename

element: When removing a ghost pad also unset its target

meta: intern registered impl string

registry: Use a toolchain-specific registry file on Windows

systemclock: Invalid internal time calculation causes non-increasing
clock time on Windows

value: don't write to `const char *`

value: Fix segfault comparing empty GValueArrays

Revert floating enforcing

aggregator: fix iteration direction in skip_buffers

sparsefile: fix possible crash when seeking

baseparse: cache fix

baseparse: fix memory leak when subclass skips whole input buffer

baseparse: Set the private duration before posting a duration-changed
message

basetransform: allow not passthrough if generate_output is implemented

identity: Fix a minor leak using meta_str

queue: protect against lost wakeups for iterm_del condition

queue2: Avoid races when posting buffering messages

queue2: Fix missing/dropped buffering messages at startup

identity: Unblock condition variable on FLUSH_START

check: Use `g_thread_yield()` instead of `g_usleep(1)`

tests: use cpu_family for arch checks

gst-launch: Follow up to missing `s/g_print/gst_print/g`

gst-inspect: Add define guard for `g_log_writer_supports_color()`

gst-launch: go back down to `GST_STATE_NULL` in one step.

device-monitor: list hidden providers before listing devices

autotools build fixes for GNU make 4.3

gstreamer-plugins-good was updated to version 1.16.3 (bsc#1181255):

deinterlace: on-the-fly renegotiation

flacenc: Pass audio info from set_format() to query_total_samples()
explicitly

flacparse: fix broken reordering of flac metadata

jack: Use jack_free(3) to release ports

jpegdec: check buffer size before dereferencing

pulse: fix discovery of newly added devices

qtdemux fuzzing fixes

qtdemux: Add 'mp3 ' fourcc that VLC seems to produce now

qtdemux: Specify REDIRECT information in error message

rtpbin: fix shutdown crash in rtpbin

rtpsession: rename RTCP thread

rtpvp8pay, rtpvp9pay: fix caps leak in set_caps()

rtpjpegdepay: outputs framed jpeg

rtpjitterbuffer: Properly free internal packets queue in finalize()

rtspsrc: Don't return TRUE for unhandled query

rtspsrc: Avoid stack overflow recursing waiting for response

rtspsrc: Use the correct type for storing the max-rtcp-rtp-time-diff
property

rtspsrc: Error out when failling to receive message response

rtspsrc: Fix for segmentation faul... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'gstreamer, gstreamer-plugins-bad, gstreamer-plugins-base, gstreamer-plugins-good, gstreamer-plugins-ugly' package(s) on SUSE MicroOS 5.0, SUSE Linux Enterprise Workstation Extension 15-SP3, SUSE Linux Enterprise Workstation Extension 15-SP2, SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3, SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP2, SUSE Linux Enterprise Module for Desktop Applications 15-SP2, SUSE Linux Enterprise Module for Basesystem 15-SP3, SUSE Linux Enterprise Module for Basesystem 15-SP2

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2021-3185
https://bugzilla.redhat.com/show_bug.cgi?id=1917192
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.