openSUSE-SU-2017:0291-1

Опубликовано: 26 янв. 2017

Источник: suse-cvrf

Описание

Security update for gstreamer-0_10-plugins-bad

This update for gstreamer-0_10-plugins-bad fixes the following issue:

CVE-2016-9809: Off by one read in gst_h264_parse_set_caps() (bsc#1013659)

Список пакетов

openSUSE Leap 42.1

gstreamer-0_10-plugins-bad-0.10.23-25.1

gstreamer-0_10-plugins-bad-32bit-0.10.23-25.1

gstreamer-0_10-plugins-bad-devel-0.10.23-25.1

gstreamer-0_10-plugins-bad-doc-0.10.23-25.1

gstreamer-0_10-plugins-bad-lang-0.10.23-25.1

libgstbasecamerabinsrc-0_10-23-0.10.23-25.1

libgstbasecamerabinsrc-0_10-23-32bit-0.10.23-25.1

libgstbasevideo-0_10-23-0.10.23-25.1

libgstbasevideo-0_10-23-32bit-0.10.23-25.1

libgstcodecparsers-0_10-23-0.10.23-25.1

libgstcodecparsers-0_10-23-32bit-0.10.23-25.1

libgstphotography-0_10-23-0.10.23-25.1

libgstphotography-0_10-23-32bit-0.10.23-25.1

libgstsignalprocessor-0_10-23-0.10.23-25.1

libgstsignalprocessor-0_10-23-32bit-0.10.23-25.1

libgstvdp-0_10-23-0.10.23-25.1

libgstvdp-0_10-23-32bit-0.10.23-25.1

Ссылки

https://lists.opensuse.org/opensuse-updates/2017-01/msg00147.html
E-Mail link for openSUSE-SU-2017:0291-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

Off-by-one error in the gst_h264_parse_set_caps function in GStreamer before 1.10.2 allows remote attackers to have unspecified impact via a crafted file, which triggers an out-of-bounds read.

Затронутые продукты

openSUSE Leap 42.1:gstreamer-0_10-plugins-bad-0.10.23-25.1

openSUSE Leap 42.1:gstreamer-0_10-plugins-bad-32bit-0.10.23-25.1

openSUSE Leap 42.1:gstreamer-0_10-plugins-bad-devel-0.10.23-25.1

openSUSE Leap 42.1:gstreamer-0_10-plugins-bad-doc-0.10.23-25.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-9809.html
CVE-2016-9809
https://bugzilla.suse.com/1013659
SUSE Bug 1013659

openSUSE-SU-2017:0291-1

Описание

Список пакетов

openSUSE Leap 42.1

Ссылки

Уязвимость: CVE-2016-9809

Описание

Затронутые продукты

Ссылки