Subject: | |
From: | |
Reply To: | |
Date: | Wed, 11 Feb 2009 16:38:00 -0600 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Troy J Dawson wrote:
> Synopsis: Important: gstreamer-plugins-good security update
> Issue date: 2009-02-06
> CVE Names: CVE-2009-0386 CVE-2009-0387 CVE-2009-0397
>
> Multiple heap buffer overflows and an array indexing error were found in
> the GStreamer's QuickTime media file format decoding plugin. An attacker
> could create a carefully-crafted QuickTime media .mov file that would
> cause an application using GStreamer to crash or, potentially, execute
> arbitrary code if played by a victim. (CVE-2009-0386, CVE-2009-0387,
> CVE-2009-0397)
>
> After installing the update, all applications using GStreamer (such as
> totem or rhythmbox) must be restarted for the changes to take effect.
>
> SL 5.x
>
> SRPMS:
> gstreamer-plugins-good-0.10.9-1.el5_3.1.src.rpm
> i386:
> gstreamer-plugins-good-0.10.9-1.el5_3.1.i386.rpm
> gstreamer-plugins-good-devel-0.10.9-1.el5_3.1.i386.rpm
Dependancies:
gstreamer-0.10.20-3.el5.i386.rpm
gstreamer-devel-0.10.20-3.el5.i386.rpm
gstreamer-plugins-base-0.10.20-3.el5.i386.rpm
gstreamer-plugins-base-devel-0.10.20-3.el5.i386.rpm
gstreamer-tools-0.10.20-3.el5.i386.rpm
> x86_64:
> gstreamer-plugins-good-0.10.9-1.el5_3.1.x86_64.rpm
> gstreamer-plugins-good-devel-0.10.9-1.el5_3.1.i386.rpm
> gstreamer-plugins-good-devel-0.10.9-1.el5_3.1.x86_64.rpm
Dependancies:
gstreamer-0.10.20-3.el5.i386.rpm
gstreamer-0.10.20-3.el5.x86_64.rpm
gstreamer-devel-0.10.20-3.el5.i386.rpm
gstreamer-devel-0.10.20-3.el5.x86_64.rpm
gstreamer-plugins-base-0.10.20-3.el5.i386.rpm
gstreamer-plugins-base-0.10.20-3.el5.x86_64.rpm
gstreamer-plugins-base-devel-0.10.20-3.el5.i386.rpm
gstreamer-plugins-base-devel-0.10.20-3.el5.x86_64.rpm
gstreamer-tools-0.10.20-3.el5.x86_64.rpm
Sorry about that.
Troy
--
__________________________________________________
Troy Dawson [log in to unmask] (630)840-6468
Fermilab ComputingDivision/LCSI/CSI DSS Group
__________________________________________________
|
|
|