This update for gstreamer-plugins-bad fixes the following issue
- CVE-2026-52719: gstreamer1-plugins-bad-free: GStreamer: Out-of-bounds read via JPEG segment length validation in VA
decoder (bsc#1268401).
Patch instructions:
To install this openSUSE security update use the suse recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 16.0
zypper in -t patch openSUSE-Leap-16.0-1128=1
- openSUSE Leap 16.0:
gstreamer-plugins-bad-1.26.7-160000.2.1
gstreamer-plugins-bad-chromaprint-1.26.7-160000.2.1
gstreamer-plugins-bad-devel-1.26.7-160000.2.1
gstreamer-plugins-bad-lang-1.26.7-160000.2.1
gstreamer-transcoder-1.26.7-160000.2.1
gstreamer-transcoder-devel-1.26.7-160000.2.1
libgstadaptivedemux-1_0-0-1.26.7-160000.2.1
libgstanalytics-1_0-0-1.26.7-160000.2.1
libgstbadaudio-1_0-0-1.26.7-160000.2.1
libgstbasecamerabinsrc-1_0-0-1.26.7-160000.2.1
libgstcodecparsers-1_0-0-1.26.7-160000.2.1
libgstcodecs-1_0-0-1.26.7-160000.2.1
libgstcuda-1_0-0-1.26.7-160000.2.1
libgstdxva-1_0-0-1.26.7-160000.2.1
libgstinsertbin-1_0-0-1.26.7-160000.2.1
libgstisoff-1_0-0-1.26.7-160000.2.1
libgstmpegts-1_0-0-1.26.7-160000.2.1
libgstmse-1_0-0-1.26.7-160000.2.1
libgstphotography-1_0-0-1.26.7-160000.2.1
libgstplay-1_0-0-1.26.7-160000.2.1
libgstplayer-1_0-0-1.26.7-160000.2.1
libgstsctp-1_0-0-1.26.7-160000.2.1
libgsttranscoder-1_0-0-1.26.7-160000.2.1
libgsturidownloader-1_0-0-1.26.7-160000.2.1
libgstva-1_0-0-1.26.7-160000.2.1
lib...
Read the Full Advisory* bsc#1268401
References:
* https://www.suse.com/security/cve/CVE-2026-52719.html
Get the latest Linux and open source security news straight to your inbox.