Troy J Dawson wrote:
> Synopsis:	Important: gstreamer-plugins-good security update
> Issue date:	2009-02-06
> CVE Names:	CVE-2009-0386 CVE-2009-0387 CVE-2009-0397
> 
> Multiple heap buffer overflows and an array indexing error were found in
> the GStreamer's QuickTime media file format decoding plugin. An attacker
> could create a carefully-crafted QuickTime media .mov file that would
> cause an application using GStreamer to crash or, potentially, execute
> arbitrary code if played by a victim. (CVE-2009-0386, CVE-2009-0387,
> CVE-2009-0397)
> 
> After installing the update, all applications using GStreamer (such as
> totem or rhythmbox) must be restarted for the changes to take effect.
> 
> SL 5.x
> 
>       SRPMS:
> gstreamer-plugins-good-0.10.9-1.el5_3.1.src.rpm
>       i386:
> gstreamer-plugins-good-0.10.9-1.el5_3.1.i386.rpm
> gstreamer-plugins-good-devel-0.10.9-1.el5_3.1.i386.rpm
     Dependancies:
gstreamer-0.10.20-3.el5.i386.rpm
gstreamer-devel-0.10.20-3.el5.i386.rpm
gstreamer-plugins-base-0.10.20-3.el5.i386.rpm
gstreamer-plugins-base-devel-0.10.20-3.el5.i386.rpm
gstreamer-tools-0.10.20-3.el5.i386.rpm

>       x86_64:
> gstreamer-plugins-good-0.10.9-1.el5_3.1.x86_64.rpm
> gstreamer-plugins-good-devel-0.10.9-1.el5_3.1.i386.rpm
> gstreamer-plugins-good-devel-0.10.9-1.el5_3.1.x86_64.rpm
     Dependancies:
gstreamer-0.10.20-3.el5.i386.rpm
gstreamer-0.10.20-3.el5.x86_64.rpm
gstreamer-devel-0.10.20-3.el5.i386.rpm
gstreamer-devel-0.10.20-3.el5.x86_64.rpm
gstreamer-plugins-base-0.10.20-3.el5.i386.rpm
gstreamer-plugins-base-0.10.20-3.el5.x86_64.rpm
gstreamer-plugins-base-devel-0.10.20-3.el5.i386.rpm
gstreamer-plugins-base-devel-0.10.20-3.el5.x86_64.rpm
gstreamer-tools-0.10.20-3.el5.x86_64.rpm

Sorry about that.
Troy
-- 
__________________________________________________
Troy Dawson  [log in to unmask]  (630)840-6468
Fermilab  ComputingDivision/LCSI/CSI DSS Group
__________________________________________________