| Release | Version |
|---|---|
| buster | 1.14.4-1+deb10u2 |
| buster (security) | 1.14.4-1+deb10u5 |
| bullseye | 1.18.4-3+deb11u1 |
| bullseye (security) | 1.18.4-3+deb11u3 |
| bookworm | 1.22.0-4+deb12u1 |
| bookworm (security) | 1.22.0-4+deb12u3 |
| trixie | 1.22.4-1 |
| sid | 1.22.7-1 |
| Bug | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2023-44446 | fixed | fixed | fixed | vulnerable | fixed | MXF demuxer use-after-free |
| CVE-2023-44429 | fixed | fixed | fixed | vulnerable | fixed | AV1 codec parser buffer overflow |
| CVE-2023-40476 | fixed | fixed | fixed | vulnerable | fixed | Integer overflow in H.265 video parser leading to stack overwrite |
| CVE-2023-40475 | fixed | fixed | fixed | vulnerable | fixed | Integer overflow leading to heap overwrite in MXF file handling with AES3 audio |
| CVE-2023-40474 | fixed | fixed | fixed | vulnerable | fixed | Integer overflow leading to heap overwrite in MXF file handling with uncompressed video |
| Bug | Description |
|---|---|
| TEMP-0000000-C6AAE1 | Catch overflows in AVC/HEVC NAL unit length calculations |
| CVE-2023-37329 | Heap overwrite in PGS subtitle overlay decoder |
| CVE-2021-3185 | A flaw was found in the gstreamer h264 component of gst-plugins-bad be ... |
| CVE-2017-5848 | The gst_ps_demux_parse_psm function in gst/mpegdemux/gstmpegdemux.c in ... |
| CVE-2017-5843 | Multiple use-after-free vulnerabilities in the (1) gst_mini_object_unr ... |
| CVE-2016-9813 | The _parse_pat function in the mpegts parser in GStreamer before 1.10. ... |
| CVE-2016-9812 | The gst_mpegts_section_new function in the mpegts decoder in GStreamer ... |
| CVE-2016-9809 | Off-by-one error in the gst_h264_parse_set_caps function in GStreamer ... |
| CVE-2016-9446 | The vmnc decoder in the gstreamer does not initialize the render canva ... |
| CVE-2016-9445 | Integer overflow in the vmnc decoder in the gstreamer allows remote at ... |
| DSA / DLA | Description |
|---|---|
| DLA-3673-1 | gst-plugins-bad1.0 - security update |
| DSA-5565-1 | gst-plugins-bad1.0 - security update |
| DLA-3633-1 | gst-plugins-bad1.0 - security update |
| DSA-5533-1 | gst-plugins-bad1.0 - security update |
| DLA-3503-1 | gst-plugins-bad1.0 - security update |
| DSA-5444-1 | gst-plugins-bad1.0 - security update |
| DLA-2642-1 | gst-plugins-bad1.0 - security update |
| DSA-4902-1 | gst-plugins-bad1.0 - security update |
| DSA-4833-2 | gst-plugins-bad1.0 - regression update |
| DLA-2528-1 | gst-plugins-bad1.0 - security update |
| DSA-4833-1 | gst-plugins-bad1.0 - security update |
| DSA-3818-1 | gst-plugins-bad1.0 - security update |
| DSA-3717-1 | gst-plugins-bad1.0 - security update |