Explore top 10 tips to secure your open-source projects now. Read More
×
Multiple multiple vulnerabilities were discovered in plugins for the GStreamer media framework and its codecs and demuxers, which may result in denial of service or potentially the execution of arbitrary code if a malformed media file is opened. For Debian 11 bullseye, these problems have been fixed in version. Debian LTS Advisory DLA-4530-1
Update to gstreamer-1.26.11.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-3cc99e7d09 2026-04-05 00:58:39.922003+00:00 -------------------------------------------------------------------------------- Name : mingw-gstreamer1 Product : Fedora 42 Version : 1.26.11 Release : 1.fc42 URL : http://gstreamer.freedesktop.org/ Summary : MinGW Windows Streaming-Media Framework Runtime Description : GStreamer is a streaming-media framework, based on graphs of filters which operate on media data. Applications using this library can do anything from real-time sound processing to playing videos, and just about anything else media-related. Its plug-in-based architecture means that new data types or processing capabilities can be added by installing new plug-ins. -------------------------------------------------------------------------------- Update Information: Update to gstreamer-1.26.11. -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 27 2026 Sandro Mani - 1.26.11-1 - Update to 1.26.11 * Tue Aug 12 2025 Sandro Mani - 1.26.5-1 - Update to 1.26.5 * Thu Jul 24 2025 Fedora Release Engineering - 1.26.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2447936 - CVE-2026-2920 mingw-gstreamer1: GStreamer: Arbitrary code execution via ASF file processing [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2447936 [ 2 ] Bug #2448013 - CVE-2026-3084 mingw-gstreamer1: GStreamer: Remote Code Execution via integer underflow in H.266 Codec Parser [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2448013 [ 3 ] Bug #2448019 - CVE-2026-2922 mingw-gstreamer1: GStreamer: Remote Code Execution via out-of-bounds write in RealMedia Demuxer [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2448019 [ 4 ] Bug #2448020 - CVE-2026-2921 mingw-gstreamer1: GStreamer: Arbitrary code execution via RIFF palette integer overflow in AVI file handling [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2448020 [ 5 ] Bug #2448021 - CVE-2026-2923 mingw-gstreamer1: GStreamer: Remote Code Execution via out-of-bounds write in DVB Subtitles handling [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2448021 [ 6 ] Bug #2448022 - CVE-2026-3085 mingw-gstreamer1: GStreamer: Remote Code Execution via Heap-based Buffer Overflow in rtpqdm2depay [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2448022 [ 7 ] Bug #2448029 - CVE-2026-3081 mingw-gstreamer1: GStreamer: Arbitrary code execution via H.266 codec parsing stack-based buffer overflow [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2448029 [ 8 ] Bug #2448030 - CVE-2026-3083 mingw-gstreamer1: GStreamer: Remote Code Execution via Out-Of-Bounds Write in rtpqdm2depay [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2448030 [ 9 ] Bug #2448032 - CVE-2026-3086 mingw-gstreamer1: GStreamer: Remote Code Execution via Out-Of-Bounds Write in H.266 Codec Parser [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2448032 [ 10 ] Bug #2448038 - CVE-2026-3082 mingw-gstreamer1: GStreamer: Remote Code Execution via heap-based buffer overflow in JPEG parser [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2448038 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-3cc99e7d09' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Update to gstreamer-1.26.11.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-e6d8e9fd49 2026-04-05 00:52:10.725721+00:00 -------------------------------------------------------------------------------- Name : mingw-gstreamer1-plugins-base Product : Fedora 43 Version : 1.26.11 Release : 1.fc43 URL : http://gstreamer.freedesktop.org/ Summary : Cross compiled GStreamer1 media framework base plug-ins Description : GStreamer is a streaming media framework, based on graphs of filters which operate on media data. Applications using this library can do anything from real-time sound processing to playing videos, and just about anything else media-related. Its plugin-based architecture means that new data types or processing capabilities can be added simply by installing new plug-ins. This package contains a set of well-maintained base plug-ins. -------------------------------------------------------------------------------- Update Information: Update to gstreamer-1.26.11. -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 27 2026 Sandro Mani - 1.26.11-1 - Update to 1.26.11 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2447936 - CVE-2026-2920 mingw-gstreamer1: GStreamer: Arbitrary code execution via ASF file processing [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2447936 [ 2 ] Bug #2448013 - CVE-2026-3084 mingw-gstreamer1: GStreamer: Remote Code Execution via integer underflow in H.266 Codec Parser [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2448013 [ 3 ] Bug #2448019 - CVE-2026-2922 mingw-gstreamer1: GStreamer: Remote Code Execution via out-of-bounds write in RealMedia Demuxer [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2448019 [ 4 ] Bug #2448020 - CVE-2026-2921 mingw-gstreamer1: GStreamer:Arbitrary code execution via RIFF palette integer overflow in AVI file handling [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2448020 [ 5 ] Bug #2448021 - CVE-2026-2923 mingw-gstreamer1: GStreamer: Remote Code Execution via out-of-bounds write in DVB Subtitles handling [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2448021 [ 6 ] Bug #2448022 - CVE-2026-3085 mingw-gstreamer1: GStreamer: Remote Code Execution via Heap-based Buffer Overflow in rtpqdm2depay [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2448022 [ 7 ] Bug #2448029 - CVE-2026-3081 mingw-gstreamer1: GStreamer: Arbitrary code execution via H.266 codec parsing stack-based buffer overflow [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2448029 [ 8 ] Bug #2448030 - CVE-2026-3083 mingw-gstreamer1: GStreamer: Remote Code Execution via Out-Of-Bounds Write in rtpqdm2depay [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2448030 [ 9 ] Bug #2448032 - CVE-2026-3086 mingw-gstreamer1: GStreamer: Remote Code Execution via Out-Of-Bounds Write in H.266 Codec Parser [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2448032 [ 10 ] Bug #2448038 - CVE-2026-3082 mingw-gstreamer1: GStreamer: Remote Code Execution via heap-based buffer overflow in JPEG parser [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2448038 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-e6d8e9fd49' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
1.26.11. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-5e16254ca6 2026-04-03 17:03:00.363057+00:00 -------------------------------------------------------------------------------- Name : gstreamer1 Product : Fedora 42 Version : 1.26.11 Release : 1.fc42 URL : http://gstreamer.freedesktop.org/ Summary : GStreamer streaming media framework runtime Description : GStreamer is a streaming media framework, based on graphs of filters which operate on media data. Applications using this library can do anything from real-time sound processing to playing videos, and just about anything else media-related. Its plugin-based architecture means that new data types or processing capabilities can be added simply by installing new plugins. -------------------------------------------------------------------------------- Update Information: 1.26.11 -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 30 2026 Gwyn Ciesla - 1.26.11-1 - 1.26.11 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-5e16254ca6' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
1.26.11. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-5e16254ca6 2026-04-03 17:03:00.363057+00:00 -------------------------------------------------------------------------------- Name : gstreamer1-plugins-base Product : Fedora 42 Version : 1.26.11 Release : 1.fc42 URL : http://gstreamer.freedesktop.org/ Summary : GStreamer streaming media framework base plugins Description : GStreamer is a streaming media framework, based on graphs of filters which operate on media data. Applications using this library can do anything from real-time sound processing to playing videos, and just about anything else media-related. Its plugin-based architecture means that new data types or processing capabilities can be added simply by installing new plug-ins. This package contains a set of well-maintained base plug-ins. -------------------------------------------------------------------------------- Update Information: 1.26.11 -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 30 2026 Gwyn Ciesla - 1.26.11-1 - 1.26.11 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-5e16254ca6' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
1.26.11. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-5e16254ca6 2026-04-03 17:03:00.363057+00:00 -------------------------------------------------------------------------------- Name : gstreamer1-plugins-good Product : Fedora 42 Version : 1.26.11 Release : 1.fc42 URL : http://gstreamer.freedesktop.org/ Summary : GStreamer plugins with good code and licensing Description : GStreamer is a streaming media framework, based on graphs of filters which operate on media data. Applications using this library can do anything from real-time sound processing to playing videos, and just about anything else media-related. Its plugin-based architecture means that new data types or processing capabilities can be added simply by installing new plugins. GStreamer Good Plugins is a collection of well-supported plugins of good quality and under the LGPL license. -------------------------------------------------------------------------------- Update Information: 1.26.11 -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 30 2026 Gwyn Ciesla - 1.26.11-1 - 1.26.11 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-5e16254ca6' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
1.26.11. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-e77ad9d792 2026-04-01 00:56:24.864678+00:00 -------------------------------------------------------------------------------- Name : gstreamer1-plugins-bad-free Product : Fedora 43 Version : 1.26.11 Release : 1.fc43 URL : http://gstreamer.freedesktop.org/ Summary : GStreamer streaming media framework "bad" plugins Description : GStreamer is a streaming media framework, based on graphs of elements which operate on media data. This package contains plug-ins that aren't tested well enough, or the code is not of good enough quality. -------------------------------------------------------------------------------- Update Information: 1.26.11 -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 30 2026 Gwyn Ciesla - 1.26.11-1 - 1.26.11 * Mon Feb 16 2026 Marcin Juszkiewicz - 1.26.10-2 - Disable onnx on riscv64 port -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-e77ad9d792' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
1.26.11. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-e77ad9d792 2026-04-01 00:56:24.864678+00:00 -------------------------------------------------------------------------------- Name : gstreamer1 Product : Fedora 43 Version : 1.26.11 Release : 1.fc43 URL : http://gstreamer.freedesktop.org/ Summary : GStreamer streaming media framework runtime Description : GStreamer is a streaming media framework, based on graphs of filters which operate on media data. Applications using this library can do anything from real-time sound processing to playing videos, and just about anything else media-related. Its plugin-based architecture means that new data types or processing capabilities can be added simply by installing new plugins. -------------------------------------------------------------------------------- Update Information: 1.26.11 -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 30 2026 Gwyn Ciesla - 1.26.11-1 - 1.26.11 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-e77ad9d792' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Get the latest Linux and open source security news straight to your inbox.