gst-plugins-base1.0 (1.20.1-1ubuntu0.5) jammy-security; urgency=medium
* SECURITY UPDATE: DoS via stack overflow in subparse plugin
- debian/patches/CVE-2025-47806.patch: make sure that subrip time
string is not too long before zero-padding in
gst/subparse/gstsubparse.c.
- CVE-2025-47806
* SECURITY UPDATE: DoS via null-deref in subparse plugin
- debian/patches/CVE-2025-47807.patch: check for valid UTF-8 before
cleaning up lines and check for regex replace errors in
gst/subparse/gstsubparse.c.
- CVE-2025-47807
* SECURITY UPDATE: DoS via null-deref in subparse plugin
- debian/patches/CVE-2025-47808.patch: don't append NULL + 1 to the
string buffer when parsing lines without text in
gst/subparse/tmplayerparse.c.
- CVE-2025-47808
-- Marc Deslauriers <marc.deslauriers@ubuntu.com> Mon, 25 Aug 2025 09:05:50 -0400
gst-plugins-base1.0 (1.20.1-1ubuntu0.4) jammy-security; urgency=medium
* SECURITY UPDATE: Multiple security issues
- debian/patches/202412-sec*.patch: backport upstream security fix
commits from 1.24.10.
- CVE-2024-47538, CVE-2024-47541, CVE-2024-47542, CVE-2024-47600,
CVE-2024-47607, CVE-2024-47615, CVE-2024-47835
-- Marc Deslauriers <marc.deslauriers@ubuntu.com> Tue, 17 Dec 2024 08:24:56 -0500
gst-plugins-base1.0 (1.20.1-1ubuntu0.2) jammy-security; urgency=medium
* SECURITY UPDATE: Integer overflow
- debian/patches/CVE-2024-4453.patch: Prevent integer overflows and out of bounds reads
when handling undefined tags in gst-libs/gst/tag/gstexiftag.c.
- CVE-2024-4453
-- Leonidas Da Silva Barbosa <leo.barbosa@canonical.com> Mon, 27 May 2024 11:31:40 -0300
gst-plugins-base1.0 (1.20.1-1ubuntu0.1) jammy-security; urgency=medium
* SECURITY UPDATE: Heap overwrite in subtitle parsing
- debian/patches/CVE-2023-37328-1.patch: look for the closing > of a
tag after the opening < in gst/subparse/gstsubparse.c.
- debian/patches/CVE-2023-37328-2.patch: skip after the end of a valid
closing tag in gst/subparse/gstsubparse.c.
- CVE-2023-37328
* SECURITY UPDATE: Integer overflow leading to heap overwrite in FLAC
image tag handling
- debian/patches/CVE-2023-37327-2.patch: don't allow image tags with
G_MAXUINT32 length in gst-libs/gst/tag/tags.c.
- CVE-2023-37327
-- Marc Deslauriers <marc.deslauriers@ubuntu.com> Tue, 01 Aug 2023 08:26:17 -0400
gst-plugins-base1.0 (1.20.1-1) unstable; urgency=medium
* New upstream bugfix release.
-- Sebastian Dröge <slomo@debian.org> Mon, 14 Mar 2022 16:45:53 +0200
gst-plugins-base1.0 (1.20.0-2) unstable; urgency=medium
* debian/control:
+ Add libgudev-1.0-dev (>= 147) [linux-any] dependency to
libgstreamer-plugins-base1.0-dev (Closes: #1005120).
-- Sebastian Dröge <slomo@debian.org> Tue, 08 Feb 2022 22:11:05 +0200
gst-plugins-base1.0 (1.20.0-1) unstable; urgency=medium
* New upstream release.
-- Sebastian Dröge <slomo@debian.org> Fri, 04 Feb 2022 08:54:46 +0200
gst-plugins-base1.0 (1.19.90-1) experimental; urgency=medium
* New upstream release candidate.
-- Sebastian Dröge <slomo@debian.org> Fri, 28 Jan 2022 17:00:15 +0200
gst-plugins-base1.0 (1.18.5-1) unstable; urgency=medium
* New upstream bugfix release.
-- Sebastian Dröge <slomo@debian.org> Mon, 13 Sep 2021 09:34:54 +0300
gst-plugins-base1.0 (1.18.4-2) unstable; urgency=medium
* Upload to unstable.
-- Sebastian Dröge <slomo@debian.org> Thu, 22 Apr 2021 20:46:32 +0300
# For older changelog entries, run 'apt-get changelog libgstreamer-plugins-base1.0-0'
Generated by dwww version 1.14 on Fri Aug 29 00:04:19 CEST 2025.