GLSA 202409-13: gst-plugins-good: Multiple Vulnerabilities

Severity:	normal
Title:	gst-plugins-good: Multiple Vulnerabilities
Date:	09/22/2024
Bugs:	#859418
ID:	202409-13

Synopsis

Multiple vulnerabilities have been discovered in gst-plugins-good, the worst of which could lead to denial of service or arbitrary code execution.

Background

gst-plugins-good contains a set of plugins for the GStreamer open source multimedia framework.

Affected packages

Package	Vulnerable	Unaffected	Architecture(s)
media-libs/gst-plugins-good	< 1.20.3	>= 1.20.3	All supported architectures

Description

Multiple vulnerabilities have been discovered in gst-plugins-good. Please review the CVE identifiers referenced below for details.

Impact

Please review the referenced CVE identifiers for details.

Workaround

There is no known workaround at this time.

Resolution

All gst-plugins-good users should upgrade to the latest version:

          # emerge --sync
          # emerge --ask --oneshot --verbose ">=media-libs/gst-plugins-good-1.20.3"
        

References

• CVE-2022-2122
• CVE-2022-1925
• CVE-2022-1924
• CVE-2022-1923
• CVE-2022-1922
• CVE-2022-1921
• CVE-2022-1920

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-202409-13.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

License

Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.