Errata overview
Errata ID 484
Date 2019-05-02
Source package gst-plugins-base1.0
Fixed in version 1.10.4-1+deb9u1
This update addresses the following issue:
* GStreamer before 1.16.0 has a heap-based buffer overflow in the RTSP
  connection parser via a crafted response from a server, potentially
  allowing remote code execution. (CVE-2019-9928)
Additional notes
CVE ID CVE-2019-9928
UCS Bug number #49402