{"affected":[{"ecosystem_specific":{"binaries":[{"gstreamer-plugins-bad":"1.16.3-lp153.3.3.1","gstreamer-plugins-bad-32bit":"1.16.3-lp153.3.3.1","gstreamer-plugins-bad-64bit":"1.16.3-lp153.3.3.1","gstreamer-plugins-bad-chromaprint":"1.16.3-lp153.3.3.1","gstreamer-plugins-bad-chromaprint-32bit":"1.16.3-lp153.3.3.1","gstreamer-plugins-bad-chromaprint-64bit":"1.16.3-lp153.3.3.1","gstreamer-plugins-bad-devel":"1.16.3-lp153.3.3.1","gstreamer-plugins-bad-doc":"1.16.3-lp153.3.3.1","gstreamer-plugins-bad-fluidsynth":"1.16.3-lp153.3.3.1","gstreamer-plugins-bad-fluidsynth-32bit":"1.16.3-lp153.3.3.1","gstreamer-plugins-bad-fluidsynth-64bit":"1.16.3-lp153.3.3.1","gstreamer-plugins-bad-lang":"1.16.3-lp153.3.3.1","libgstadaptivedemux-1_0-0":"1.16.3-lp153.3.3.1","libgstadaptivedemux-1_0-0-32bit":"1.16.3-lp153.3.3.1","libgstadaptivedemux-1_0-0-64bit":"1.16.3-lp153.3.3.1","libgstbadaudio-1_0-0":"1.16.3-lp153.3.3.1","libgstbadaudio-1_0-0-32bit":"1.16.3-lp153.3.3.1","libgstbadaudio-1_0-0-64bit":"1.16.3-lp153.3.3.1","libgstbasecamerabinsrc-1_0-0":"1.16.3-lp153.3.3.1","libgstbasecamerabinsrc-1_0-0-32bit":"1.16.3-lp153.3.3.1","libgstbasecamerabinsrc-1_0-0-64bit":"1.16.3-lp153.3.3.1","libgstcodecparsers-1_0-0":"1.16.3-lp153.3.3.1","libgstcodecparsers-1_0-0-32bit":"1.16.3-lp153.3.3.1","libgstcodecparsers-1_0-0-64bit":"1.16.3-lp153.3.3.1","libgstinsertbin-1_0-0":"1.16.3-lp153.3.3.1","libgstinsertbin-1_0-0-32bit":"1.16.3-lp153.3.3.1","libgstinsertbin-1_0-0-64bit":"1.16.3-lp153.3.3.1","libgstisoff-1_0-0":"1.16.3-lp153.3.3.1","libgstisoff-1_0-0-32bit":"1.16.3-lp153.3.3.1","libgstisoff-1_0-0-64bit":"1.16.3-lp153.3.3.1","libgstmpegts-1_0-0":"1.16.3-lp153.3.3.1","libgstmpegts-1_0-0-32bit":"1.16.3-lp153.3.3.1","libgstmpegts-1_0-0-64bit":"1.16.3-lp153.3.3.1","libgstphotography-1_0-0":"1.16.3-lp153.3.3.1","libgstphotography-1_0-0-32bit":"1.16.3-lp153.3.3.1","libgstphotography-1_0-0-64bit":"1.16.3-lp153.3.3.1","libgstplayer-1_0-0":"1.16.3-lp153.3.3.1","libgstplayer-1_0-0-32bit":"1.16.3-lp153.3.3.1","libgstplayer-1_0-0-64bit":"1.16.3-lp153.3.3.1","libgstsctp-1_0-0":"1.16.3-lp153.3.3.1","libgstsctp-1_0-0-32bit":"1.16.3-lp153.3.3.1","libgstsctp-1_0-0-64bit":"1.16.3-lp153.3.3.1","libgsturidownloader-1_0-0":"1.16.3-lp153.3.3.1","libgsturidownloader-1_0-0-32bit":"1.16.3-lp153.3.3.1","libgsturidownloader-1_0-0-64bit":"1.16.3-lp153.3.3.1","libgstwayland-1_0-0":"1.16.3-lp153.3.3.1","libgstwayland-1_0-0-32bit":"1.16.3-lp153.3.3.1","libgstwayland-1_0-0-64bit":"1.16.3-lp153.3.3.1","libgstwebrtc-1_0-0":"1.16.3-lp153.3.3.1","libgstwebrtc-1_0-0-32bit":"1.16.3-lp153.3.3.1","libgstwebrtc-1_0-0-64bit":"1.16.3-lp153.3.3.1","typelib-1_0-GstInsertBin-1_0":"1.16.3-lp153.3.3.1","typelib-1_0-GstMpegts-1_0":"1.16.3-lp153.3.3.1","typelib-1_0-GstPlayer-1_0":"1.16.3-lp153.3.3.1","typelib-1_0-GstWebRTC-1_0":"1.16.3-lp153.3.3.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.3","name":"gstreamer-plugins-bad","purl":"pkg:rpm/opensuse/gstreamer-plugins-bad&distro=openSUSE%20Leap%2015.3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.16.3-lp153.3.3.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for gstreamer-plugins-bad fixes the following issues:\n\n- Update to version 1.16.3:\n - CVE-2021-3185: buffer overflow in gst_h264_slice_parse_dec_ref_pic_marking() (bsc#1181255)\n - amcvideodec: fix sync meta copying not taking a reference\n - audiobuffersplit: Perform discont tracking on running time\n - audiobuffersplit: Specify in the template caps that only interleaved audio is supported\n - audiobuffersplit: Unset DISCONT flag if not discontinuous\n - autoconvert: Fix lock-less exchange or free condition\n - autoconvert: fix compiler warnings with g_atomic on recent GLib versions\n - avfvideosrc: element requests camera permissions even with capture-screen property is true\n - codecparsers: h264parser: guard against ref_pic_markings overflow\n - dtlsconnection: Avoid segmentation fault when no srtp capabilities are negotiated\n - dtls/connection: fix EOF handling with openssl 1.1.1e\n - fdkaacdec: add support for mpegversion=2\n - hls: Check nettle version to ensure AES128 support\n - ipcpipeline: Rework compiler checks\n - interlace: Increment phase_index before checking if we're at the end of the phase\n - h264parser: Do not allocate too large size of memory for registered user data SEI\n - ladspa: fix unbounded integer properties\n - modplug: avoid division by zero\n - msdkdec: Fix GstMsdkContext leak\n - msdkenc: fix leaks on windows\n - musepackdec: Don't fail all queries if no sample rate is known yet\n - openslessink: Allow openslessink to handle 48kHz streams.\n - opencv: allow compilation against 4.2.x\n - proxysink: event_function needs to handle the event when it is disconnecetd from proxysrc\n - vulkan: Drop use of VK_RESULT_BEGIN_RANGE\n - wasapi: added missing lock release in case of error in gst_wasapi_xxx_reset\n - wasapi: Fix possible deadlock while downwards state change\n - waylandsink: Clear window when pipeline is stopped\n - webrtc: Support non-trickle ICE candidates in the SDP\n - webrtc: Unmap all non-binary buffers received via the datachannel\n","id":"openSUSE-SU-2021:1012-1","modified":"2021-07-09T11:04:33Z","published":"2021-07-09T11:04:33Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2B2UD46YGBOYO64SOPMOM6DQAL6FGCHZ/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1181255"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-3185"}],"related":["CVE-2021-3185"],"summary":"Security update for gstreamer-plugins-bad","upstream":["CVE-2021-3185"]}