Version in base suite: 1.26.2-1

Base version: gst-plugins-base1.0_1.26.2-1
Target version: gst-plugins-base1.0_1.26.2-1+deb13u1
Base file: /srv/ftp-master.debian.org/ftp/pool/main/g/gst-plugins-base1.0/gst-plugins-base1.0_1.26.2-1.dsc
Target file: /srv/ftp-master.debian.org/policy/pool/main/g/gst-plugins-base1.0/gst-plugins-base1.0_1.26.2-1+deb13u1.dsc

 changelog                   |    6 ++++++
 patches/CVE-2026-2921.patch |   28 ++++++++++++++++++++++++++++
 patches/series              |    1 +
 3 files changed, 35 insertions(+)

dpkg-source: warning: cannot verify inline signature for /srv/release.debian.org/tmp/tmpmh_ip3gv/gst-plugins-base1.0_1.26.2-1.dsc: no acceptable signature found
dpkg-source: warning: cannot verify inline signature for /srv/release.debian.org/tmp/tmpmh_ip3gv/gst-plugins-base1.0_1.26.2-1+deb13u1.dsc: no acceptable signature found
diff -Nru gst-plugins-base1.0-1.26.2/debian/changelog gst-plugins-base1.0-1.26.2/debian/changelog
--- gst-plugins-base1.0-1.26.2/debian/changelog	2025-05-30 07:27:24.000000000 +0000
+++ gst-plugins-base1.0-1.26.2/debian/changelog	2026-03-14 21:51:46.000000000 +0000
@@ -1,3 +1,9 @@
+gst-plugins-base1.0 (1.26.2-1+deb13u1) trixie-security; urgency=medium
+
+  * CVE-2026-2921
+
+ -- Moritz Mühlenhoff <jmm@debian.org>  Sat, 14 Mar 2026 22:51:46 +0100
+
 gst-plugins-base1.0 (1.26.2-1) unstable; urgency=medium
 
   * d/copyright: review with licenserecon
diff -Nru gst-plugins-base1.0-1.26.2/debian/patches/CVE-2026-2921.patch gst-plugins-base1.0-1.26.2/debian/patches/CVE-2026-2921.patch
--- gst-plugins-base1.0-1.26.2/debian/patches/CVE-2026-2921.patch	1970-01-01 00:00:00.000000000 +0000
+++ gst-plugins-base1.0-1.26.2/debian/patches/CVE-2026-2921.patch	2026-03-14 21:51:39.000000000 +0000
@@ -0,0 +1,28 @@
+From 66d1f79c78b573db714434cf08e7531bed4f4473 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
+Date: Wed, 11 Feb 2026 19:44:34 +0200
+Subject: [PATCH] riff: Correctly check that enough RGB palette data is
+ available
+
+--- gst-plugins-base1.0-1.26.2.orig/gst-libs/gst/riff/riff-media.c
++++ gst-plugins-base1.0-1.26.2/gst-libs/gst/riff/riff-media.c
+@@ -1021,7 +1021,7 @@ gst_riff_create_video_caps (guint32 code
+   if (palette) {
+     GstBuffer *copy;
+     guint num_colors;
+-    gsize size;
++    gsize expected_size, size;
+ 
+     if (strf != NULL)
+       num_colors = strf->num_colors;
+@@ -1030,7 +1030,9 @@ gst_riff_create_video_caps (guint32 code
+ 
+     size = gst_buffer_get_size (palette);
+ 
+-    if (size >= (num_colors * 4)) {
++    if (!g_size_checked_mul (&expected_size, num_colors, 4)) {
++      GST_WARNING ("Palette too large: broken file");
++    } else if (size >= expected_size) {
+       guint8 *pdata;
+ 
+       /* palette is always at least 256*4 bytes */
diff -Nru gst-plugins-base1.0-1.26.2/debian/patches/series gst-plugins-base1.0-1.26.2/debian/patches/series
--- gst-plugins-base1.0-1.26.2/debian/patches/series	2025-05-30 07:27:24.000000000 +0000
+++ gst-plugins-base1.0-1.26.2/debian/patches/series	2026-03-14 21:51:25.000000000 +0000
@@ -1 +1,2 @@
 0001-skip-failing-tests.patch
+CVE-2026-2921.patch