Описание
Security update for gstreamer-0_10-plugins-bad
This update for gstreamer-0_10-plugins-bad fixes the following issue:
- CVE-2016-9809: Off by one read in gst_h264_parse_set_caps() (bsc#1013659)
Список пакетов
SUSE Linux Enterprise Desktop 12 SP2
gstreamer-0_10-plugins-bad-0.10.23-25.1
gstreamer-0_10-plugins-bad-lang-0.10.23-25.1
libgstbasecamerabinsrc-0_10-23-0.10.23-25.1
libgstbasecamerabinsrc-0_10-23-32bit-0.10.23-25.1
libgstbasevideo-0_10-23-0.10.23-25.1
libgstbasevideo-0_10-23-32bit-0.10.23-25.1
libgstcodecparsers-0_10-23-0.10.23-25.1
libgstphotography-0_10-23-0.10.23-25.1
libgstphotography-0_10-23-32bit-0.10.23-25.1
libgstsignalprocessor-0_10-23-0.10.23-25.1
libgstsignalprocessor-0_10-23-32bit-0.10.23-25.1
libgstvdp-0_10-23-0.10.23-25.1
libgstvdp-0_10-23-32bit-0.10.23-25.1
SUSE Linux Enterprise Software Development Kit 12 SP2
gstreamer-0_10-plugins-bad-devel-0.10.23-25.1
libgstbasecamerabinsrc-0_10-23-0.10.23-25.1
libgstbasevideo-0_10-23-0.10.23-25.1
libgstcodecparsers-0_10-23-0.10.23-25.1
libgstphotography-0_10-23-0.10.23-25.1
libgstsignalprocessor-0_10-23-0.10.23-25.1
libgstvdp-0_10-23-0.10.23-25.1
SUSE Linux Enterprise Workstation Extension 12 SP2
gstreamer-0_10-plugins-bad-0.10.23-25.1
gstreamer-0_10-plugins-bad-lang-0.10.23-25.1
libgstbasecamerabinsrc-0_10-23-0.10.23-25.1
libgstbasecamerabinsrc-0_10-23-32bit-0.10.23-25.1
libgstbasevideo-0_10-23-0.10.23-25.1
libgstbasevideo-0_10-23-32bit-0.10.23-25.1
libgstcodecparsers-0_10-23-0.10.23-25.1
libgstphotography-0_10-23-0.10.23-25.1
libgstphotography-0_10-23-32bit-0.10.23-25.1
libgstsignalprocessor-0_10-23-0.10.23-25.1
libgstsignalprocessor-0_10-23-32bit-0.10.23-25.1
libgstvdp-0_10-23-0.10.23-25.1
libgstvdp-0_10-23-32bit-0.10.23-25.1
Ссылки
- Link for SUSE-SU-2017:0330-1
- E-Mail link for SUSE-SU-2017:0330-1
- SUSE Security Ratings
- SUSE Bug 1013659
- SUSE CVE CVE-2016-9809 page
Описание
Off-by-one error in the gst_h264_parse_set_caps function in GStreamer before 1.10.2 allows remote attackers to have unspecified impact via a crafted file, which triggers an out-of-bounds read.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:gstreamer-0_10-plugins-bad-0.10.23-25.1
SUSE Linux Enterprise Desktop 12 SP2:gstreamer-0_10-plugins-bad-lang-0.10.23-25.1
SUSE Linux Enterprise Desktop 12 SP2:libgstbasecamerabinsrc-0_10-23-0.10.23-25.1
SUSE Linux Enterprise Desktop 12 SP2:libgstbasecamerabinsrc-0_10-23-32bit-0.10.23-25.1
Ссылки
- CVE-2016-9809
- SUSE Bug 1013659