openSUSE Security Update: Security update for gstreamer-plugins-bad
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2021:1012-1
Rating:             important
References:         #1181255 
Cross-References:   CVE-2021-3185
CVSS scores:
                    CVE-2021-3185 (NVD) : 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-3185 (SUSE): 7.1
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

Affected Products:
                    openSUSE Leap 15.3
______________________________________________________________________________

   An update that fixes one vulnerability is now available.

Description:

   This update for gstreamer-plugins-bad fixes the following issues:

   - Update to version 1.16.3:
    - CVE-2021-3185: buffer overflow in
      gst_h264_slice_parse_dec_ref_pic_marking() (bsc#1181255)
    - amcvideodec: fix sync meta copying not taking a reference
    - audiobuffersplit: Perform discont tracking on running time
    - audiobuffersplit: Specify in the template caps that only
      interleaved
      audio is supported
    - audiobuffersplit: Unset DISCONT flag if not discontinuous
    - autoconvert: Fix lock-less exchange or free condition
    - autoconvert: fix compiler warnings wih g_atomic on recent GLib
      versions
    - avfvideosrc: element requests camera permissions even with
      capture-screen property is true
    - codecparsers: h264parser: guard against ref_pic_markings overflow
    - dtlsconnection: Avoid segmentation fault when no srtp capabilities
      are
      negotiated
    - dtls/connection: fix EOF handling with openssl 1.1.1e
    - fdkaacdec: add support for mpegversion=2
    - hls: Check nettle version to ensure AES128 support
    - ipcpipeline: Rework compiler checks
    - interlace: Increment phase_index before checking if we're at the
      end of
      the phase
    - h264parser: Do not allocate too large size of memory for
      registered
      user data SEI
    - ladspa: fix unbounded integer properties
    - modplug: avoid division by zero
    - msdkdec: Fix GstMsdkContext leak
    - msdkenc: fix leaks on windows
    - musepackdec: Don't fail all queries if no sample rate is known yet
    - openslessink: Allow openslessink to handle 48kHz streams.
    - opencv: allow compilation against 4.2.x
    - proxysink: event_function needs to handle the event when it is
      disconnecetd from proxysrc
    - vulkan: Drop use of VK_RESULT_BEGIN_RANGE
    - wasapi: added missing lock release in case of error in
      gst_wasapi_xxx_reset
    - wasapi: Fix possible deadlock while downwards state change
    - waylandsink: Clear window when pipeline is stopped
    - webrtc: Support non-trickle ICE candidates in the SDP
    - webrtc: Unmap all non-binary buffers received via the datachannel


Patch Instructions:

   To install this openSUSE Security Update use the SUSE recommended
installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - openSUSE Leap 15.3:

      zypper in -t patch openSUSE-2021-1012=1



Package List:

   - openSUSE Leap 15.3 (aarch64 i586 ppc64le s390x x86_64):

      gstreamer-plugins-bad-1.16.3-lp153.3.3.1
      gstreamer-plugins-bad-chromaprint-1.16.3-lp153.3.3.1
      gstreamer-plugins-bad-chromaprint-debuginfo-1.16.3-lp153.3.3.1
      gstreamer-plugins-bad-debuginfo-1.16.3-lp153.3.3.1
      gstreamer-plugins-bad-debugsource-1.16.3-lp153.3.3.1
      gstreamer-plugins-bad-devel-1.16.3-lp153.3.3.1
      gstreamer-plugins-bad-doc-1.16.3-lp153.3.3.1
      gstreamer-plugins-bad-fluidsynth-1.16.3-lp153.3.3.1
      gstreamer-plugins-bad-fluidsynth-debuginfo-1.16.3-lp153.3.3.1
      libgstadaptivedemux-1_0-0-1.16.3-lp153.3.3.1
      libgstadaptivedemux-1_0-0-debuginfo-1.16.3-lp153.3.3.1
      libgstbadaudio-1_0-0-1.16.3-lp153.3.3.1
      libgstbadaudio-1_0-0-debuginfo-1.16.3-lp153.3.3.1
      libgstbasecamerabinsrc-1_0-0-1.16.3-lp153.3.3.1
      libgstbasecamerabinsrc-1_0-0-debuginfo-1.16.3-lp153.3.3.1
      libgstcodecparsers-1_0-0-1.16.3-lp153.3.3.1
      libgstcodecparsers-1_0-0-debuginfo-1.16.3-lp153.3.3.1
      libgstinsertbin-1_0-0-1.16.3-lp153.3.3.1
      libgstinsertbin-1_0-0-debuginfo-1.16.3-lp153.3.3.1
      libgstisoff-1_0-0-1.16.3-lp153.3.3.1
      libgstisoff-1_0-0-debuginfo-1.16.3-lp153.3.3.1
      libgstmpegts-1_0-0-1.16.3-lp153.3.3.1
      libgstmpegts-1_0-0-debuginfo-1.16.3-lp153.3.3.1
      libgstphotography-1_0-0-1.16.3-lp153.3.3.1
      libgstphotography-1_0-0-debuginfo-1.16.3-lp153.3.3.1
      libgstplayer-1_0-0-1.16.3-lp153.3.3.1
      libgstplayer-1_0-0-debuginfo-1.16.3-lp153.3.3.1
      libgstsctp-1_0-0-1.16.3-lp153.3.3.1
      libgstsctp-1_0-0-debuginfo-1.16.3-lp153.3.3.1
      libgsturidownloader-1_0-0-1.16.3-lp153.3.3.1
      libgsturidownloader-1_0-0-debuginfo-1.16.3-lp153.3.3.1
      libgstwayland-1_0-0-1.16.3-lp153.3.3.1
      libgstwayland-1_0-0-debuginfo-1.16.3-lp153.3.3.1
      libgstwebrtc-1_0-0-1.16.3-lp153.3.3.1
      libgstwebrtc-1_0-0-debuginfo-1.16.3-lp153.3.3.1
      typelib-1_0-GstInsertBin-1_0-1.16.3-lp153.3.3.1
      typelib-1_0-GstMpegts-1_0-1.16.3-lp153.3.3.1
      typelib-1_0-GstPlayer-1_0-1.16.3-lp153.3.3.1
      typelib-1_0-GstWebRTC-1_0-1.16.3-lp153.3.3.1

   - openSUSE Leap 15.3 (aarch64_ilp32):

      gstreamer-plugins-bad-64bit-1.16.3-lp153.3.3.1
      gstreamer-plugins-bad-64bit-debuginfo-1.16.3-lp153.3.3.1
      gstreamer-plugins-bad-chromaprint-64bit-1.16.3-lp153.3.3.1
      gstreamer-plugins-bad-chromaprint-64bit-debuginfo-1.16.3-lp153.3.3.1
      gstreamer-plugins-bad-fluidsynth-64bit-1.16.3-lp153.3.3.1
      gstreamer-plugins-bad-fluidsynth-64bit-debuginfo-1.16.3-lp153.3.3.1
      libgstadaptivedemux-1_0-0-64bit-1.16.3-lp153.3.3.1
      libgstadaptivedemux-1_0-0-64bit-debuginfo-1.16.3-lp153.3.3.1
      libgstbadaudio-1_0-0-64bit-1.16.3-lp153.3.3.1
      libgstbadaudio-1_0-0-64bit-debuginfo-1.16.3-lp153.3.3.1
      libgstbasecamerabinsrc-1_0-0-64bit-1.16.3-lp153.3.3.1
      libgstbasecamerabinsrc-1_0-0-64bit-debuginfo-1.16.3-lp153.3.3.1
      libgstcodecparsers-1_0-0-64bit-1.16.3-lp153.3.3.1
      libgstcodecparsers-1_0-0-64bit-debuginfo-1.16.3-lp153.3.3.1
      libgstinsertbin-1_0-0-64bit-1.16.3-lp153.3.3.1
      libgstinsertbin-1_0-0-64bit-debuginfo-1.16.3-lp153.3.3.1
      libgstisoff-1_0-0-64bit-1.16.3-lp153.3.3.1
      libgstisoff-1_0-0-64bit-debuginfo-1.16.3-lp153.3.3.1
      libgstmpegts-1_0-0-64bit-1.16.3-lp153.3.3.1
      libgstmpegts-1_0-0-64bit-debuginfo-1.16.3-lp153.3.3.1
      libgstphotography-1_0-0-64bit-1.16.3-lp153.3.3.1
      libgstphotography-1_0-0-64bit-debuginfo-1.16.3-lp153.3.3.1
      libgstplayer-1_0-0-64bit-1.16.3-lp153.3.3.1
      libgstplayer-1_0-0-64bit-debuginfo-1.16.3-lp153.3.3.1
      libgstsctp-1_0-0-64bit-1.16.3-lp153.3.3.1
      libgstsctp-1_0-0-64bit-debuginfo-1.16.3-lp153.3.3.1
      libgsturidownloader-1_0-0-64bit-1.16.3-lp153.3.3.1
      libgsturidownloader-1_0-0-64bit-debuginfo-1.16.3-lp153.3.3.1
      libgstwayland-1_0-0-64bit-1.16.3-lp153.3.3.1
      libgstwayland-1_0-0-64bit-debuginfo-1.16.3-lp153.3.3.1
      libgstwebrtc-1_0-0-64bit-1.16.3-lp153.3.3.1
      libgstwebrtc-1_0-0-64bit-debuginfo-1.16.3-lp153.3.3.1

   - openSUSE Leap 15.3 (x86_64):

      gstreamer-plugins-bad-32bit-1.16.3-lp153.3.3.1
      gstreamer-plugins-bad-32bit-debuginfo-1.16.3-lp153.3.3.1
      gstreamer-plugins-bad-chromaprint-32bit-1.16.3-lp153.3.3.1
      gstreamer-plugins-bad-chromaprint-32bit-debuginfo-1.16.3-lp153.3.3.1
      gstreamer-plugins-bad-fluidsynth-32bit-1.16.3-lp153.3.3.1
      gstreamer-plugins-bad-fluidsynth-32bit-debuginfo-1.16.3-lp153.3.3.1
      libgstadaptivedemux-1_0-0-32bit-1.16.3-lp153.3.3.1
      libgstadaptivedemux-1_0-0-32bit-debuginfo-1.16.3-lp153.3.3.1
      libgstbadaudio-1_0-0-32bit-1.16.3-lp153.3.3.1
      libgstbadaudio-1_0-0-32bit-debuginfo-1.16.3-lp153.3.3.1
      libgstbasecamerabinsrc-1_0-0-32bit-1.16.3-lp153.3.3.1
      libgstbasecamerabinsrc-1_0-0-32bit-debuginfo-1.16.3-lp153.3.3.1
      libgstcodecparsers-1_0-0-32bit-1.16.3-lp153.3.3.1
      libgstcodecparsers-1_0-0-32bit-debuginfo-1.16.3-lp153.3.3.1
      libgstinsertbin-1_0-0-32bit-1.16.3-lp153.3.3.1
      libgstinsertbin-1_0-0-32bit-debuginfo-1.16.3-lp153.3.3.1
      libgstisoff-1_0-0-32bit-1.16.3-lp153.3.3.1
      libgstisoff-1_0-0-32bit-debuginfo-1.16.3-lp153.3.3.1
      libgstmpegts-1_0-0-32bit-1.16.3-lp153.3.3.1
      libgstmpegts-1_0-0-32bit-debuginfo-1.16.3-lp153.3.3.1
      libgstphotography-1_0-0-32bit-1.16.3-lp153.3.3.1
      libgstphotography-1_0-0-32bit-debuginfo-1.16.3-lp153.3.3.1
      libgstplayer-1_0-0-32bit-1.16.3-lp153.3.3.1
      libgstplayer-1_0-0-32bit-debuginfo-1.16.3-lp153.3.3.1
      libgstsctp-1_0-0-32bit-1.16.3-lp153.3.3.1
      libgstsctp-1_0-0-32bit-debuginfo-1.16.3-lp153.3.3.1
      libgsturidownloader-1_0-0-32bit-1.16.3-lp153.3.3.1
      libgsturidownloader-1_0-0-32bit-debuginfo-1.16.3-lp153.3.3.1
      libgstwayland-1_0-0-32bit-1.16.3-lp153.3.3.1
      libgstwayland-1_0-0-32bit-debuginfo-1.16.3-lp153.3.3.1
      libgstwebrtc-1_0-0-32bit-1.16.3-lp153.3.3.1
      libgstwebrtc-1_0-0-32bit-debuginfo-1.16.3-lp153.3.3.1

   - openSUSE Leap 15.3 (noarch):

      gstreamer-plugins-bad-lang-1.16.3-lp153.3.3.1


References:

   https://www.suse.com/security/cve/CVE-2021-3185.html
   https://bugzilla.suse.com/1181255