| Package | gst-plugins-bad1.0 |
|---|---|
| Version | 1.10.4-1+deb9u6 (stretch), 1.14.4-1+deb10u6 (buster) |
| Related CVEs | CVE-2025-3887 |
A stack buffer-overflow in the H.265 codec parser has been fixed in the “bad” set of codecs for the GStreamer multimedia framework.
For Debian 10 buster, these problems have been fixed in version 1.14.4-1+deb10u6.
For Debian 9 stretch, these problems have been fixed in version 1.10.4-1+deb9u6.
We recommend that you upgrade your gst-plugins-bad1.0 packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.