Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2017:0263-1

Опубликовано: 23 янв. 2017
Источник: suse-cvrf

Описание

Security update for gstreamer-0_10-plugins-base

gstreamer-0_10-plugins-base was updated to fix one issue.

This security issue was fixed:

  • CVE-2016-9811: Out of bounds memory read in windows_icon_typefind (bsc#1013669).

Список пакетов

SUSE Linux Enterprise Desktop 12 SP1
gstreamer-0_10-plugins-base-0.10.36-11.3.1
gstreamer-0_10-plugins-base-32bit-0.10.36-11.3.1
gstreamer-0_10-plugins-base-lang-0.10.36-11.3.1
libgstapp-0_10-0-0.10.36-11.3.1
libgstapp-0_10-0-32bit-0.10.36-11.3.1
libgstinterfaces-0_10-0-0.10.36-11.3.1
libgstinterfaces-0_10-0-32bit-0.10.36-11.3.1
SUSE Linux Enterprise Server 12 SP1
gstreamer-0_10-plugins-base-32bit-0.10.36-11.3.1
libgstapp-0_10-0-32bit-0.10.36-11.3.1
libgstinterfaces-0_10-0-32bit-0.10.36-11.3.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1
gstreamer-0_10-plugins-base-32bit-0.10.36-11.3.1
libgstapp-0_10-0-32bit-0.10.36-11.3.1
libgstinterfaces-0_10-0-32bit-0.10.36-11.3.1
SUSE Linux Enterprise Software Development Kit 12 SP1
gstreamer-0_10-plugins-base-devel-0.10.36-11.3.1
typelib-1_0-GstApp-0_10-0.10.36-11.3.1
typelib-1_0-GstInterfaces-0_10-0.10.36-11.3.1
SUSE Linux Enterprise Workstation Extension 12 SP1
gstreamer-0_10-plugins-base-0.10.36-11.3.1
gstreamer-0_10-plugins-base-lang-0.10.36-11.3.1
libgstapp-0_10-0-0.10.36-11.3.1
libgstinterfaces-0_10-0-0.10.36-11.3.1

Ссылки

Описание

The windows_icon_typefind function in gst-plugins-base in GStreamer before 1.10.2, when G_SLICE is set to always-malloc, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ico file.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP1:gstreamer-0_10-plugins-base-0.10.36-11.3.1
SUSE Linux Enterprise Desktop 12 SP1:gstreamer-0_10-plugins-base-32bit-0.10.36-11.3.1
SUSE Linux Enterprise Desktop 12 SP1:gstreamer-0_10-plugins-base-lang-0.10.36-11.3.1
SUSE Linux Enterprise Desktop 12 SP1:libgstapp-0_10-0-0.10.36-11.3.1
Ссылки
Уязвимость SUSE-SU-2017:0263-1