Version in base suite: 1.26.2-1 Base version: gst-libav1.0_1.26.2-1 Target version: gst-libav1.0_1.26.2-1+deb13u1 Base file: /srv/ftp-master.debian.org/ftp/pool/main/g/gst-libav1.0/gst-libav1.0_1.26.2-1.dsc Target file: /srv/ftp-master.debian.org/policy/pool/main/g/gst-libav1.0/gst-libav1.0_1.26.2-1+deb13u1.dsc changelog | 6 +++++ patches/CVE-2026-52717.patch | 50 +++++++++++++++++++++++++++++++++++++++++++ patches/series | 1 3 files changed, 57 insertions(+) dpkg-source: warning: cannot verify inline signature for /srv/release.debian.org/tmp/tmpcwe0vnfc/gst-libav1.0_1.26.2-1.dsc: no acceptable signature found dpkg-source: warning: cannot verify inline signature for /srv/release.debian.org/tmp/tmpcwe0vnfc/gst-libav1.0_1.26.2-1+deb13u1.dsc: no acceptable signature found diff -Nru gst-libav1.0-1.26.2/debian/changelog gst-libav1.0-1.26.2/debian/changelog --- gst-libav1.0-1.26.2/debian/changelog 2025-05-30 07:29:42.000000000 +0000 +++ gst-libav1.0-1.26.2/debian/changelog 2026-06-17 21:34:46.000000000 +0000 @@ -1,3 +1,9 @@ +gst-libav1.0 (1.26.2-1+deb13u1) trixie-security; urgency=medium + + * CVE-2026-52717 + + -- Moritz Mühlenhoff Wed, 17 Jun 2026 23:34:46 +0200 + gst-libav1.0 (1.26.2-1) unstable; urgency=medium * New upstream version 1.26.2 diff -Nru gst-libav1.0-1.26.2/debian/patches/CVE-2026-52717.patch gst-libav1.0-1.26.2/debian/patches/CVE-2026-52717.patch --- gst-libav1.0-1.26.2/debian/patches/CVE-2026-52717.patch 1970-01-01 00:00:00.000000000 +0000 +++ gst-libav1.0-1.26.2/debian/patches/CVE-2026-52717.patch 2026-06-17 21:34:39.000000000 +0000 @@ -0,0 +1,50 @@ +From b99a3d8d5c1c3f508f3eaa220a369175c614c7cd Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= +Date: Mon, 8 Jun 2026 10:32:58 +0300 +Subject: [PATCH] avprotocol: Don't free GstFFMpegPipe when closing the + AVIOContext + +--- gst-libav1.0-1.26.2.orig/ext/libav/gstavprotocol.c ++++ gst-libav1.0-1.26.2/ext/libav/gstavprotocol.c +@@ -332,17 +332,13 @@ int + gst_ffmpeg_pipe_close (AVIOContext * h) + { + GST_LOG ("Closing pipe"); +- GstProtocolInfo *info; + + if (h == NULL) + return 0; + +- info = (GstProtocolInfo *) h->opaque; +- if (info == NULL) +- return 0; +- +- g_free (info); +- ++ // h->opaque is the GstFFMpegPipe* that was passed into ++ // gst_ffmpeg_pipe_open(). This must not be freed as it's ++ // owned by the element. + h->opaque = NULL; + av_freep (&h->buffer); + av_free (h); +@@ -351,7 +347,8 @@ gst_ffmpeg_pipe_close (AVIOContext * h) + } + + int +-gst_ffmpeg_pipe_open (GstFFMpegPipe * ffpipe, int flags, AVIOContext ** context) ++gst_ffmpeg_pipe_open (const GstFFMpegPipe * ffpipe, int flags, ++ AVIOContext ** context) + { + static const int buffer_size = 4096; + unsigned char *buffer = NULL; +--- gst-libav1.0-1.26.2.orig/ext/libav/gstavprotocol.h ++++ gst-libav1.0-1.26.2/ext/libav/gstavprotocol.h +@@ -67,7 +67,7 @@ struct _GstFFMpegPipe + guint needed; + }; + +-int gst_ffmpeg_pipe_open (GstFFMpegPipe *ffpipe, int flags, AVIOContext ** context); ++int gst_ffmpeg_pipe_open (const GstFFMpegPipe *ffpipe, int flags, AVIOContext ** context); + int gst_ffmpeg_pipe_close (AVIOContext * h); + + int gst_ffmpegdata_open (GstPad * pad, int flags, AVIOContext ** context); diff -Nru gst-libav1.0-1.26.2/debian/patches/series gst-libav1.0-1.26.2/debian/patches/series --- gst-libav1.0-1.26.2/debian/patches/series 2025-05-30 07:29:42.000000000 +0000 +++ gst-libav1.0-1.26.2/debian/patches/series 2026-06-17 21:34:27.000000000 +0000 @@ -1 +1,2 @@ 00_plugin-dependencies.patch +CVE-2026-52717.patch