Subject: | |
From: | |
Reply To: | |
Date: | Wed, 4 May 2011 15:44:37 -0500 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Synopsis: Important: gstreamer-plugins security update
Issue date: 2011-05-02
CVE Names: CVE-2006-4192 CVE-2011-1574
An integer overflow flaw, leading to a heap-based buffer overflow, and a
stack-based buffer overflow flaw were found in various ModPlug music file
format library (libmodplug) modules, embedded in GStreamer. An attacker
could create specially-crafted music files that, when played by a victim,
would cause applications using GStreamer to crash or, potentially, execute
arbitrary code. (CVE-2006-4192, CVE-2011-1574)
All applications using GStreamer (such as Rhythmbox) must be restarted
for the changes to take effect.
SL 4.x
SRPMS:
gstreamer-plugins-0.8.5-1.EL.3.src.rpm
i386:
gstreamer-plugins-0.8.5-1.EL.3.i386.rpm
gstreamer-plugins-devel-0.8.5-1.EL.3.i386.rpm
x86_64:
gstreamer-plugins-0.8.5-1.EL.3.x86_64.rpm
gstreamer-plugins-devel-0.8.5-1.EL.3.x86_64.rpm
- Scientific Linux Development Team
|
|
|