Описание
Security update for gstreamer-plugins-base
- CVE-2016-9811: out of bound memory read could lead to crash [bsc#1013669].
Список пакетов
SUSE Linux Enterprise Desktop 12 SP1
gstreamer-plugins-base-1.2.4-2.3.2
gstreamer-plugins-base-lang-1.2.4-2.3.2
libgstallocators-1_0-0-1.2.4-2.3.2
libgstapp-1_0-0-1.2.4-2.3.2
libgstapp-1_0-0-32bit-1.2.4-2.3.2
libgstaudio-1_0-0-1.2.4-2.3.2
libgstaudio-1_0-0-32bit-1.2.4-2.3.2
libgstfft-1_0-0-1.2.4-2.3.2
libgstfft-1_0-0-32bit-1.2.4-2.3.2
libgstpbutils-1_0-0-1.2.4-2.3.2
libgstpbutils-1_0-0-32bit-1.2.4-2.3.2
libgstriff-1_0-0-1.2.4-2.3.2
libgstrtp-1_0-0-1.2.4-2.3.2
libgstrtsp-1_0-0-1.2.4-2.3.2
libgstsdp-1_0-0-1.2.4-2.3.2
libgsttag-1_0-0-1.2.4-2.3.2
libgsttag-1_0-0-32bit-1.2.4-2.3.2
libgstvideo-1_0-0-1.2.4-2.3.2
libgstvideo-1_0-0-32bit-1.2.4-2.3.2
typelib-1_0-GstAudio-1_0-1.2.4-2.3.2
typelib-1_0-GstPbutils-1_0-1.2.4-2.3.2
typelib-1_0-GstTag-1_0-1.2.4-2.3.2
typelib-1_0-GstVideo-1_0-1.2.4-2.3.2
SUSE Linux Enterprise Server 12 SP1
gstreamer-plugins-base-1.2.4-2.3.2
gstreamer-plugins-base-lang-1.2.4-2.3.2
libgstallocators-1_0-0-1.2.4-2.3.2
libgstapp-1_0-0-1.2.4-2.3.2
libgstapp-1_0-0-32bit-1.2.4-2.3.2
libgstaudio-1_0-0-1.2.4-2.3.2
libgstaudio-1_0-0-32bit-1.2.4-2.3.2
libgstfft-1_0-0-1.2.4-2.3.2
libgstpbutils-1_0-0-1.2.4-2.3.2
libgstpbutils-1_0-0-32bit-1.2.4-2.3.2
libgstriff-1_0-0-1.2.4-2.3.2
libgstrtp-1_0-0-1.2.4-2.3.2
libgstrtsp-1_0-0-1.2.4-2.3.2
libgstsdp-1_0-0-1.2.4-2.3.2
libgsttag-1_0-0-1.2.4-2.3.2
libgsttag-1_0-0-32bit-1.2.4-2.3.2
libgstvideo-1_0-0-1.2.4-2.3.2
libgstvideo-1_0-0-32bit-1.2.4-2.3.2
SUSE Linux Enterprise Server for SAP Applications 12 SP1
gstreamer-plugins-base-1.2.4-2.3.2
gstreamer-plugins-base-lang-1.2.4-2.3.2
libgstallocators-1_0-0-1.2.4-2.3.2
libgstapp-1_0-0-1.2.4-2.3.2
libgstapp-1_0-0-32bit-1.2.4-2.3.2
libgstaudio-1_0-0-1.2.4-2.3.2
libgstaudio-1_0-0-32bit-1.2.4-2.3.2
libgstfft-1_0-0-1.2.4-2.3.2
libgstpbutils-1_0-0-1.2.4-2.3.2
libgstpbutils-1_0-0-32bit-1.2.4-2.3.2
libgstriff-1_0-0-1.2.4-2.3.2
libgstrtp-1_0-0-1.2.4-2.3.2
libgstrtsp-1_0-0-1.2.4-2.3.2
libgstsdp-1_0-0-1.2.4-2.3.2
libgsttag-1_0-0-1.2.4-2.3.2
libgsttag-1_0-0-32bit-1.2.4-2.3.2
libgstvideo-1_0-0-1.2.4-2.3.2
libgstvideo-1_0-0-32bit-1.2.4-2.3.2
SUSE Linux Enterprise Software Development Kit 12 SP1
gstreamer-plugins-base-devel-1.2.4-2.3.2
typelib-1_0-GstAllocators-1_0-1.2.4-2.3.2
typelib-1_0-GstApp-1_0-1.2.4-2.3.2
typelib-1_0-GstAudio-1_0-1.2.4-2.3.2
typelib-1_0-GstFft-1_0-1.2.4-2.3.2
typelib-1_0-GstPbutils-1_0-1.2.4-2.3.2
typelib-1_0-GstRiff-1_0-1.2.4-2.3.2
typelib-1_0-GstRtp-1_0-1.2.4-2.3.2
typelib-1_0-GstRtsp-1_0-1.2.4-2.3.2
typelib-1_0-GstSdp-1_0-1.2.4-2.3.2
typelib-1_0-GstTag-1_0-1.2.4-2.3.2
typelib-1_0-GstVideo-1_0-1.2.4-2.3.2
SUSE Linux Enterprise Software Development Kit 12 SP2
typelib-1_0-GstRiff-1_0-1.2.4-2.3.2
SUSE Linux Enterprise Workstation Extension 12 SP1
libgstfft-1_0-0-32bit-1.2.4-2.3.2
typelib-1_0-GstAudio-1_0-1.2.4-2.3.2
typelib-1_0-GstPbutils-1_0-1.2.4-2.3.2
typelib-1_0-GstTag-1_0-1.2.4-2.3.2
typelib-1_0-GstVideo-1_0-1.2.4-2.3.2
Ссылки
- Link for SUSE-SU-2017:0189-1
- E-Mail link for SUSE-SU-2017:0189-1
- SUSE Security Ratings
- SUSE Bug 1013669
- SUSE CVE CVE-2016-9811 page
Описание
The windows_icon_typefind function in gst-plugins-base in GStreamer before 1.10.2, when G_SLICE is set to always-malloc, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ico file.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP1:gstreamer-plugins-base-1.2.4-2.3.2
SUSE Linux Enterprise Desktop 12 SP1:gstreamer-plugins-base-lang-1.2.4-2.3.2
SUSE Linux Enterprise Desktop 12 SP1:libgstallocators-1_0-0-1.2.4-2.3.2
SUSE Linux Enterprise Desktop 12 SP1:libgstapp-1_0-0-1.2.4-2.3.2
Ссылки
- CVE-2016-9811
- SUSE Bug 1013669