An update for gstreamer-plugins-base is now available for openEuler-20.03-LTS-SP1 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2021-1237 Final 1.0 1.0 2021-06-26 Initial 2021-06-26 2021-06-26 openEuler SA Tool V1.0 2021-06-26 gstreamer-plugins-base security update An update for gstreamer-plugins-base is now available for openEuler-20.03-LTS-SP1. GStreamer is a pipeline-based multimedia framework that links together a wide variety of media processing systems to complete complex workflows, based on graphs of filters which operate on media data. The formats and processes can be changed in plugins since its plugin-based architecture. This package contains a set of well-maintained base plug-ins and wrapper scripts for the command-line tools for the base plugins. Security Fix(es): GStreamer before 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags.(CVE-2021-3522) An update for gstreamer-plugins-base is now available for openEuler-20.03-LTS-SP1. openEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. Medium gstreamer-plugins-base https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1237 https://openeuler.org/en/security/cve/detail.html?id=CVE-2021-3522 https://nvd.nist.gov/vuln/detail/CVE-2021-3522 openEuler-20.03-LTS-SP1 gstreamer-plugins-base-debuginfo-0.10.36-22.oe1.aarch64.rpm gstreamer-plugins-base-devel-0.10.36-22.oe1.aarch64.rpm gstreamer-plugins-base-debugsource-0.10.36-22.oe1.aarch64.rpm gstreamer-plugins-base-0.10.36-22.oe1.aarch64.rpm gstreamer-plugins-base-help-0.10.36-22.oe1.noarch.rpm gstreamer-plugins-base-0.10.36-22.oe1.src.rpm gstreamer-plugins-base-debuginfo-0.10.36-22.oe1.x86_64.rpm gstreamer-plugins-base-devel-0.10.36-22.oe1.x86_64.rpm gstreamer-plugins-base-0.10.36-22.oe1.x86_64.rpm gstreamer-plugins-base-debugsource-0.10.36-22.oe1.x86_64.rpm GStreamer before 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags. 2021-06-26 CVE-2021-3522 openEuler-20.03-LTS-SP1 Medium 5.5 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H gstreamer-plugins-base security update 2021-06-26 https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1237