[Buildroot] [PATCH-2020.02.x 04/11] package/gst1-plugins-bad: security bump to version 1.16.3
Peter Korsgaard
peter at korsgaard.com
Thu Jan 21 15:48:22 UTC 2021
Fixes the following security issue:
- CVE-2021-3185: gstreamer: buffer overflow in
gst_h264_slice_parse_dec_ref_pic_marking
For more details, see the advisory:
https://www.openwall.com/lists/oss-security/2021/01/20/1
Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
---
package/gstreamer1/gst1-plugins-bad/gst1-plugins-bad.hash | 4 ++--
package/gstreamer1/gst1-plugins-bad/gst1-plugins-bad.mk | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/package/gstreamer1/gst1-plugins-bad/gst1-plugins-bad.hash b/package/gstreamer1/gst1-plugins-bad/gst1-plugins-bad.hash
index 7b59b4dbec..a778a4007c 100644
--- a/package/gstreamer1/gst1-plugins-bad/gst1-plugins-bad.hash
+++ b/package/gstreamer1/gst1-plugins-bad/gst1-plugins-bad.hash
@@ -1,4 +1,4 @@
-# From https://gstreamer.freedesktop.org/src/gst-plugins-bad/gst-plugins-bad-1.16.2.tar.xz.sha256sum
-sha256 f1cb7aa2389569a5343661aae473f0a940a90b872001824bc47fa8072a041e74 gst-plugins-bad-1.16.2.tar.xz
+# From https://gstreamer.freedesktop.org/src/gst-plugins-bad/gst-plugins-bad-1.16.3.tar.xz.sha256sum
+sha256 84efe57011658f0a53a5d5b20f64ef109f5105dccb0808c21e069e946673514d gst-plugins-bad-1.16.3.tar.xz
sha256 0b12e4d1cd5db5f8a0c04fc98a1d8c3acc533097b6198d6644420da78d460223 COPYING
sha256 cf9b86bcf2d298e8cf5b9d8982f9dab296465b002fdfa0347357a0732f961e03 COPYING.LIB
diff --git a/package/gstreamer1/gst1-plugins-bad/gst1-plugins-bad.mk b/package/gstreamer1/gst1-plugins-bad/gst1-plugins-bad.mk
index ef36e4dc0a..fcb98e433f 100644
--- a/package/gstreamer1/gst1-plugins-bad/gst1-plugins-bad.mk
+++ b/package/gstreamer1/gst1-plugins-bad/gst1-plugins-bad.mk
@@ -4,7 +4,7 @@
#
################################################################################
-GST1_PLUGINS_BAD_VERSION = 1.16.2
+GST1_PLUGINS_BAD_VERSION = 1.16.3
GST1_PLUGINS_BAD_SOURCE = gst-plugins-bad-$(GST1_PLUGINS_BAD_VERSION).tar.xz
GST1_PLUGINS_BAD_SITE = https://gstreamer.freedesktop.org/src/gst-plugins-bad
GST1_PLUGINS_BAD_INSTALL_STAGING = YES
--
2.20.1
More information about the buildroot
mailing list