SUSE-SU-2015:0942-1

Опубликовано: 24 апр. 2015

Источник: suse-cvrf

Описание

Security update for gstreamer-0_10-plugins-bad

gstreamer-0_10-plugins-bad was updated to fix a security issue, a buffer overflow in mp4 parsing (bnc#927559 CVE-2015-0797).

Список пакетов

SUSE Linux Enterprise Desktop 12

gstreamer-0_10-plugins-bad-0.10.23-17.1

gstreamer-0_10-plugins-bad-lang-0.10.23-17.1

libgstbasecamerabinsrc-0_10-23-0.10.23-17.1

libgstbasecamerabinsrc-0_10-23-32bit-0.10.23-17.1

libgstbasevideo-0_10-23-0.10.23-17.1

libgstbasevideo-0_10-23-32bit-0.10.23-17.1

libgstcodecparsers-0_10-23-0.10.23-17.1

libgstphotography-0_10-23-0.10.23-17.1

libgstphotography-0_10-23-32bit-0.10.23-17.1

libgstsignalprocessor-0_10-23-0.10.23-17.1

libgstsignalprocessor-0_10-23-32bit-0.10.23-17.1

libgstvdp-0_10-23-0.10.23-17.1

libgstvdp-0_10-23-32bit-0.10.23-17.1

SUSE Linux Enterprise Software Development Kit 12

gstreamer-0_10-plugins-bad-devel-0.10.23-17.1

libgstbasecamerabinsrc-0_10-23-0.10.23-17.1

libgstbasevideo-0_10-23-0.10.23-17.1

libgstcodecparsers-0_10-23-0.10.23-17.1

libgstphotography-0_10-23-0.10.23-17.1

libgstsignalprocessor-0_10-23-0.10.23-17.1

libgstvdp-0_10-23-0.10.23-17.1

SUSE Linux Enterprise Workstation Extension 12

gstreamer-0_10-plugins-bad-0.10.23-17.1

gstreamer-0_10-plugins-bad-lang-0.10.23-17.1

libgstbasecamerabinsrc-0_10-23-0.10.23-17.1

libgstbasecamerabinsrc-0_10-23-32bit-0.10.23-17.1

libgstbasevideo-0_10-23-0.10.23-17.1

libgstbasevideo-0_10-23-32bit-0.10.23-17.1

libgstcodecparsers-0_10-23-0.10.23-17.1

libgstphotography-0_10-23-0.10.23-17.1

libgstphotography-0_10-23-32bit-0.10.23-17.1

libgstsignalprocessor-0_10-23-0.10.23-17.1

libgstsignalprocessor-0_10-23-32bit-0.10.23-17.1

libgstvdp-0_10-23-0.10.23-17.1

libgstvdp-0_10-23-32bit-0.10.23-17.1

Ссылки

https://www.suse.com/support/update/announcement/2015/suse-su-20150942-1/
Link for SUSE-SU-2015:0942-1
https://lists.suse.com/pipermail/sle-security-updates/2015-May/001405.html
E-Mail link for SUSE-SU-2015:0942-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/927559
SUSE Bug 927559
https://www.suse.com/security/cve/CVE-2015-0797/
SUSE CVE CVE-2015-0797 page

Описание

GStreamer before 1.4.5, as used in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 on Linux, allows remote attackers to cause a denial of service (buffer over-read and application crash) or possibly execute arbitrary code via crafted H.264 video data in an m4v file.

Затронутые продукты

SUSE Linux Enterprise Desktop 12:gstreamer-0_10-plugins-bad-0.10.23-17.1

SUSE Linux Enterprise Desktop 12:gstreamer-0_10-plugins-bad-lang-0.10.23-17.1

SUSE Linux Enterprise Desktop 12:libgstbasecamerabinsrc-0_10-23-0.10.23-17.1

SUSE Linux Enterprise Desktop 12:libgstbasecamerabinsrc-0_10-23-32bit-0.10.23-17.1

Ссылки

https://www.suse.com/security/cve/CVE-2015-0797.html
CVE-2015-0797
https://bugzilla.suse.com/927559
SUSE Bug 927559
https://bugzilla.suse.com/930622
SUSE Bug 930622

SUSE-SU-2015:0942-1

Описание

Список пакетов

SUSE Linux Enterprise Desktop 12

SUSE Linux Enterprise Software Development Kit 12

SUSE Linux Enterprise Workstation Extension 12

Ссылки

Уязвимость: CVE-2015-0797

Описание

Затронутые продукты

Ссылки