Alerts This Week
Warning Icon 1 923
Alerts This Week
Warning Icon 1 923

openSUSE Leap 15.4: 2023:3220-1 Important Buffer Overflow Fix

opensuse
Calendar Grey August 7, 2023
Dist Opensuse Esm H88
Important patch for gstreamer-plugins-good addresses a memory leak issue affecting various SUSE versions.
This update for gstreamer-plugins-bad fixes the following issues: CVE-2023-37329: Fixed GStreamer SRT File Parsing Heap-based Buffer Overflow (bsc#1213126).

Description

This update for gstreamer-plugins-bad fixes the following issues:

* CVE-2023-37329: Fixed GStreamer SRT File Parsing Heap-based Buffer Overflow

(bsc#1213126).

Topics%20covered

Topics Covered

security advisory buffer overflow patch important update openSUSE heap-based issue gstreamer-plugins-bad

Patch

## Patch Instructions:

To install this SUSE Important update use the SUSE recommended installation

methods like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

* Basesystem Module 15-SP4

zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-3220=1

* Desktop Applications Module 15-SP4

zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP4-2023-3220=1

* SUSE Package Hub 15 15-SP4

zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2023-3220=1

* openSUSE Leap 15.4

zypper in -t patch SUSE-2023-3220=1

Package List

* Basesystem Module 15-SP4 (aarch64 ppc64le s390x x86_64)

* gstreamer-plugins-bad-debugsource-1.20.1-150400.3.3.1

* libgstphotography-1_0-0-debuginfo-1.20.1-150400.3.3.1

* libgstplayer-1_0-0-debuginfo-1.20.1-150400.3.3.1

* libgstplay-1_0-0-debuginfo-1.20.1-150400.3.3.1

* gstreamer-plugins-bad-debuginfo-1.20.1-150400.3.3.1

* libgstplay-1_0-0-1.20.1-150400.3.3.1

* libgstphotography-1_0-0-1.20.1-150400.3.3.1

* libgstplayer-1_0-0-1.20.1-150400.3.3.1

* Desktop Applications Module 15-SP4 (aarch64 ppc64le s390x x86_64)

* libgstcodecparsers-1_0-0-1.20.1-150400.3.3.1

* libgstvulkan-1_0-0-debuginfo-1.20.1-150400.3.3.1

* gstreamer-plugins-bad-1.20.1-150400.3.3.1

* libgstinsertbin-1_0-0-1.20.1-150400.3.3.1

* libgsturidownloader-1_0-0-debuginfo-1.20.1-150400.3.3.1

* libgstbadaudio-1_0-0-debuginfo-1.20.1-150400.3.3.1

* libgstadaptivedemux-1_0-0-1.20.1-150400.3.3.1

* libgstcodecs-1_0-0-debuginfo-1.20.1-150400.3.3.1

* typelib-1_0-GstWebRTC-1_0-1.20.1-150400.3.3.1

* libgstmpegts-1_0-0-1.20.1-150400.3.3.1

*...

Read the Full Advisory

References

* #1213126

## References:

* https://www.suse.com/security/cve/CVE-2023-37329.html

* https://bugzilla.suse.com/show_bug.cgi?id=1213126

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2023:3220-1
Rating: important

Topics%20covered

Topics Covered

security advisory buffer overflow patch important update openSUSE heap-based issue gstreamer-plugins-bad

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here