openSUSE-SU-2017:0148-1

Опубликовано: 16 янв. 2017

Источник: suse-cvrf

Описание

Security update for gstreamer-plugins-base

This update for gstreamer-plugins-base fixes the following issues:

CVE-2016-9811: out of bounds memory read in windows_icon_typefind (bsc#1013669).

Список пакетов

openSUSE Leap 42.1

gstreamer-plugins-base-1.4.5-5.1

gstreamer-plugins-base-32bit-1.4.5-5.1

gstreamer-plugins-base-devel-1.4.5-5.1

gstreamer-plugins-base-doc-1.4.5-5.1

gstreamer-plugins-base-lang-1.4.5-5.1

libgstallocators-1_0-0-1.4.5-5.1

libgstallocators-1_0-0-32bit-1.4.5-5.1

libgstapp-1_0-0-1.4.5-5.1

libgstapp-1_0-0-32bit-1.4.5-5.1

libgstaudio-1_0-0-1.4.5-5.1

libgstaudio-1_0-0-32bit-1.4.5-5.1

libgstfft-1_0-0-1.4.5-5.1

libgstfft-1_0-0-32bit-1.4.5-5.1

libgstpbutils-1_0-0-1.4.5-5.1

libgstpbutils-1_0-0-32bit-1.4.5-5.1

libgstriff-1_0-0-1.4.5-5.1

libgstriff-1_0-0-32bit-1.4.5-5.1

libgstrtp-1_0-0-1.4.5-5.1

libgstrtp-1_0-0-32bit-1.4.5-5.1

libgstrtsp-1_0-0-1.4.5-5.1

libgstrtsp-1_0-0-32bit-1.4.5-5.1

libgstsdp-1_0-0-1.4.5-5.1

libgstsdp-1_0-0-32bit-1.4.5-5.1

libgsttag-1_0-0-1.4.5-5.1

libgsttag-1_0-0-32bit-1.4.5-5.1

libgstvideo-1_0-0-1.4.5-5.1

libgstvideo-1_0-0-32bit-1.4.5-5.1

typelib-1_0-GstAllocators-1_0-1.4.5-5.1

typelib-1_0-GstApp-1_0-1.4.5-5.1

typelib-1_0-GstAudio-1_0-1.4.5-5.1

typelib-1_0-GstFft-1_0-1.4.5-5.1

typelib-1_0-GstPbutils-1_0-1.4.5-5.1

typelib-1_0-GstRiff-1_0-1.4.5-5.1

typelib-1_0-GstRtp-1_0-1.4.5-5.1

typelib-1_0-GstRtsp-1_0-1.4.5-5.1

typelib-1_0-GstSdp-1_0-1.4.5-5.1

typelib-1_0-GstTag-1_0-1.4.5-5.1

typelib-1_0-GstVideo-1_0-1.4.5-5.1

Ссылки

https://lists.opensuse.org/opensuse-updates/2017-01/msg00080.html
E-Mail link for openSUSE-SU-2017:0148-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

The windows_icon_typefind function in gst-plugins-base in GStreamer before 1.10.2, when G_SLICE is set to always-malloc, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ico file.

Затронутые продукты

openSUSE Leap 42.1:gstreamer-plugins-base-1.4.5-5.1

openSUSE Leap 42.1:gstreamer-plugins-base-32bit-1.4.5-5.1

openSUSE Leap 42.1:gstreamer-plugins-base-devel-1.4.5-5.1

openSUSE Leap 42.1:gstreamer-plugins-base-doc-1.4.5-5.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-9811.html
CVE-2016-9811
https://bugzilla.suse.com/1013669
SUSE Bug 1013669

openSUSE-SU-2017:0148-1

Описание

Список пакетов

openSUSE Leap 42.1

Ссылки

Уязвимость: CVE-2016-9811

Описание

Затронутые продукты

Ссылки