[Buildroot] [PATCH 04/12] package/gst1-plugins-bad: security bump to version 1.22.8
Peter Korsgaard
peter at korsgaard.com
Wed Dec 27 20:23:35 UTC 2023
Fixes the following security issue:
ZDI-CAN-22300: Heap-based buffer overflow in the AV1 codec parser when
handling certain malformed streams before GStreamer 1.22.8
https://gstreamer.freedesktop.org/security/sa-2023-0011.html
Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
---
package/gstreamer1/gst1-plugins-bad/gst1-plugins-bad.hash | 4 ++--
package/gstreamer1/gst1-plugins-bad/gst1-plugins-bad.mk | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/package/gstreamer1/gst1-plugins-bad/gst1-plugins-bad.hash b/package/gstreamer1/gst1-plugins-bad/gst1-plugins-bad.hash
index e6f57393db..bf4abd3c2f 100644
--- a/package/gstreamer1/gst1-plugins-bad/gst1-plugins-bad.hash
+++ b/package/gstreamer1/gst1-plugins-bad/gst1-plugins-bad.hash
@@ -1,3 +1,3 @@
-# From https://gstreamer.freedesktop.org/src/gst-plugins-bad/gst-plugins-bad-1.22.7.tar.xz.sha256sum
-sha256 c716f8dffa8fac3fb646941af1c6ec72fff05a045131311bf2d049fdc87bce2e gst-plugins-bad-1.22.7.tar.xz
+# From https://gstreamer.freedesktop.org/src/gst-plugins-bad/gst-plugins-bad-1.22.8.tar.xz.sha256sum
+sha256 458783f8236068991e3e296edd671c8eddb8be6fac933c1c2e1503462864ea0f gst-plugins-bad-1.22.8.tar.xz
sha256 dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551 COPYING
diff --git a/package/gstreamer1/gst1-plugins-bad/gst1-plugins-bad.mk b/package/gstreamer1/gst1-plugins-bad/gst1-plugins-bad.mk
index a41fb336a9..ac1328b7e2 100644
--- a/package/gstreamer1/gst1-plugins-bad/gst1-plugins-bad.mk
+++ b/package/gstreamer1/gst1-plugins-bad/gst1-plugins-bad.mk
@@ -4,7 +4,7 @@
#
################################################################################
-GST1_PLUGINS_BAD_VERSION = 1.22.7
+GST1_PLUGINS_BAD_VERSION = 1.22.8
GST1_PLUGINS_BAD_SOURCE = gst-plugins-bad-$(GST1_PLUGINS_BAD_VERSION).tar.xz
GST1_PLUGINS_BAD_SITE = https://gstreamer.freedesktop.org/src/gst-plugins-bad
GST1_PLUGINS_BAD_INSTALL_STAGING = YES
--
2.39.2
More information about the buildroot
mailing list