Synopsis: Moderate: gstreamer1-plugins-good security update Advisory ID: SLSA-2017:0020-1 Issue Date: 2017-01-05 CVE Numbers: CVE-2016-9634 CVE-2016-9635 CVE-2016-9636 CVE-2016-9808 CVE-2016-9807 -- Security Fix(es): * Multiple flaws were discovered in GStreamer's FLC/FLI/FLX media file format decoding plug-in. A remote attacker could use these flaws to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9634, CVE-2016-9635, CVE-2016-9636, CVE-2016-9808) * An invalid memory read access flaw was found in GStreamer's FLC/FLI/FLX media file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash. (CVE-2016-9807) Note: This update removes the vulnerable FLC/FLI/FLX plug-in. -- SL7 x86_64 gstreamer1-plugins-good-1.4.5-3.el7_3.i686.rpm gstreamer1-plugins-good-1.4.5-3.el7_3.x86_64.rpm gstreamer1-plugins-good-debuginfo-1.4.5-3.el7_3.i686.rpm gstreamer1-plugins-good-debuginfo-1.4.5-3.el7_3.x86_64.rpm - Scientific Linux Development Team