Security
Security
Multiple vulnerabilities have been found in GStreamer and its plugins, the worst of which could result in arbitrary code execution.
| Package | media-libs/gst-plugins-bad on all architectures |
|---|---|
| Affected versions | < 1.16.3 |
| Unaffected versions | >= 1.16.3 |
| Package | media-libs/gst-plugins-base on all architectures |
|---|---|
| Affected versions | < 1.18.4 |
| Unaffected versions | >= 1.18.4 |
| Package | media-libs/gst-plugins-good on all architectures |
|---|---|
| Affected versions | < 1.18.4 |
| Unaffected versions | >= 1.18.4 |
| Package | media-libs/gst-plugins-ugly on all architectures |
|---|---|
| Affected versions | < 1.18.4 |
| Unaffected versions | >= 1.18.4 |
| Package | media-libs/gstreamer on all architectures |
|---|---|
| Affected versions | < 1.20.2 |
| Unaffected versions | >= 1.20.2 |
| Package | media-plugins/gst-plugins-libav on all architectures |
|---|---|
| Affected versions | < 1.18.4 |
| Unaffected versions | >= 1.18.4 |
GStreamer is an open source multimedia framework.
Multiple vulnerabilities have been found in GStreamer and its plugins. Please review the CVE and GStreamer-SA identifiers referenced below for details.
Please review the referenced CVE identifiers for details.
There is no known workaround at this time.
All GStreamer users should update to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=media-libs/gstreamer-1.20.2"
All gst-plugins-bad users should update to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=media-libs/gst-plugins-bad-1.20.2"
All gst-plugins-good users should update to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=media-libs/gst-plugins-good-1.20.2"
All gst-plugins-ugly users should update to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=media-libs/gst-plugins-ugly-1.20.2"
All gst-plugins-base users should update to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=media-libs/gst-plugins-base-1.20.2"
All gst-plugins-libav users should update to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=media-plugins/gst-plugins-libav-1.20.2"