Content-Type: |
text/plain; charset="utf-8" |
Date: |
Thu, 5 Jan 2017 14:56:08 -0000 |
Reply-To: |
|
Subject: |
|
MIME-Version: |
1.0 |
Message-ID: |
|
Content-Transfer-Encoding: |
7bit |
Sender: |
|
From: |
|
Parts/Attachments: |
|
|
Synopsis: Moderate: gstreamer1-plugins-bad-free security update
Advisory ID: SLSA-2017:0021-1
Issue Date: 2017-01-05
CVE Numbers: CVE-2016-9445
CVE-2016-9809
CVE-2016-9812
CVE-2016-9813
--
Security Fix(es):
* An integer overflow flaw, leading to a heap-based buffer overflow, was
found in GStreamer's VMware VMnc video file format decoding plug-in. A
remote attacker could use this flaw to cause an application using
GStreamer to crash or, potentially, execute arbitrary code with the
privileges of the user running the application. (CVE-2016-9445)
* Multiple flaws were discovered in GStreamer's H.264 and MPEG-TS plug-
ins. A remote attacker could use these flaws to cause an application using
GStreamer to crash. (CVE-2016-9809, CVE-2016-9812, CVE-2016-9813)
--
SL7
x86_64
gstreamer1-plugins-bad-free-1.4.5-6.el7_3.i686.rpm
gstreamer1-plugins-bad-free-1.4.5-6.el7_3.x86_64.rpm
gstreamer1-plugins-bad-free-debuginfo-1.4.5-6.el7_3.i686.rpm
gstreamer1-plugins-bad-free-debuginfo-1.4.5-6.el7_3.x86_64.rpm
gstreamer1-plugins-bad-free-devel-1.4.5-6.el7_3.i686.rpm
gstreamer1-plugins-bad-free-devel-1.4.5-6.el7_3.x86_64.rpm
- Scientific Linux Development Team
|
|
|