-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-2a36564bd2 2025-05-31 01:33:18.713004+00:00 --------------------------------------------------------------------------------

Name : gstreamer1-plugins-bad-free Product : Fedora 41 Version : 1.24.11 Release : 2.fc41 URL : http://gstreamer.freedesktop.org/ Summary : GStreamer streaming media framework "bad" plugins Description : GStreamer is a streaming media framework, based on graphs of elements which operate on media data.

This package contains plug-ins that aren't tested well enough, or the code is not of good enough quality.

-------------------------------------------------------------------------------- Update Information:

backport fix for CVE-2025-3887 (resolves rhbz#2367919) -------------------------------------------------------------------------------- ChangeLog:

* Thu May 22 2025 Dominik Mierzejewski dominik@greysector.net - 1.24.11-2 - backport fix for CVE-2025-3887 (resolves rhbz#2367919) -------------------------------------------------------------------------------- References:

[ 1 ] Bug #2367919 - CVE-2025-3887 GStreamer: GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=2367919 --------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-2a36564bd2' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------