Описание
Security update for gstreamer-0_10-plugins-base
This update for gstreamer-0_10-plugins-base fixes the following issues:
Security issues fixed:
- CVE-2017-5837: Fixed a floating point exception in gst_riff_create_audio_caps (bsc#1024076).
- CVE-2017-5844: Fixed a floating point exception in gst_riff_create_audio_caps (bsc#1024079).
- CVE-2019-9928: Fixed a heap-based overflow in the rtsp connection parser (bsc#1133375).
Список пакетов
SUSE Linux Enterprise Point of Sale 11 SP3
SUSE Linux Enterprise Server 11 SP4-LTSS
Ссылки
- Link for SUSE-SU-2019:14076-1
- E-Mail link for SUSE-SU-2019:14076-1
- SUSE Security Ratings
- SUSE Bug 1024076
- SUSE Bug 1024079
- SUSE Bug 1133375
- SUSE CVE CVE-2017-5837 page
- SUSE CVE CVE-2017-5844 page
- SUSE CVE CVE-2019-9928 page
Описание
The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (floating point exception and crash) via a crafted video file.
Затронутые продукты
Ссылки
- CVE-2017-5837
- SUSE Bug 1023259
- SUSE Bug 1024076
- SUSE Bug 1024079
Описание
The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (floating point exception and crash) via a crafted ASF file.
Затронутые продукты
Ссылки
- CVE-2017-5844
- SUSE Bug 1023259
- SUSE Bug 1024079
Описание
GStreamer before 1.16.0 has a heap-based buffer overflow in the RTSP connection parser via a crafted response from a server, potentially allowing remote code execution.
Затронутые продукты
Ссылки
- CVE-2019-9928
- SUSE Bug 1133375