openSUSE-SU-2017:0311-1

Опубликовано: 28 янв. 2017

Источник: suse-cvrf

Описание

Security update for gstreamer-plugins-base

This update for gstreamer-plugins-base fixes the following issues:

CVE-2016-9811: Malicious file could could cause an invalid read leading to crash [bsc#1013669]

This update was imported from the SUSE:SLE-12-SP2:Update update project.

Список пакетов

openSUSE Leap 42.2

gstreamer-plugins-base-1.8.3-3.1

gstreamer-plugins-base-32bit-1.8.3-3.1

gstreamer-plugins-base-devel-1.8.3-3.1

gstreamer-plugins-base-devel-32bit-1.8.3-3.1

gstreamer-plugins-base-doc-1.8.3-3.1

gstreamer-plugins-base-lang-1.8.3-3.1

libgstallocators-1_0-0-1.8.3-3.1

libgstallocators-1_0-0-32bit-1.8.3-3.1

libgstapp-1_0-0-1.8.3-3.1

libgstapp-1_0-0-32bit-1.8.3-3.1

libgstaudio-1_0-0-1.8.3-3.1

libgstaudio-1_0-0-32bit-1.8.3-3.1

libgstfft-1_0-0-1.8.3-3.1

libgstfft-1_0-0-32bit-1.8.3-3.1

libgstpbutils-1_0-0-1.8.3-3.1

libgstpbutils-1_0-0-32bit-1.8.3-3.1

libgstriff-1_0-0-1.8.3-3.1

libgstriff-1_0-0-32bit-1.8.3-3.1

libgstrtp-1_0-0-1.8.3-3.1

libgstrtp-1_0-0-32bit-1.8.3-3.1

libgstrtsp-1_0-0-1.8.3-3.1

libgstrtsp-1_0-0-32bit-1.8.3-3.1

libgstsdp-1_0-0-1.8.3-3.1

libgstsdp-1_0-0-32bit-1.8.3-3.1

libgsttag-1_0-0-1.8.3-3.1

libgsttag-1_0-0-32bit-1.8.3-3.1

libgstvideo-1_0-0-1.8.3-3.1

libgstvideo-1_0-0-32bit-1.8.3-3.1

typelib-1_0-GstAllocators-1_0-1.8.3-3.1

typelib-1_0-GstApp-1_0-1.8.3-3.1

typelib-1_0-GstAudio-1_0-1.8.3-3.1

typelib-1_0-GstFft-1_0-1.8.3-3.1

typelib-1_0-GstPbutils-1_0-1.8.3-3.1

typelib-1_0-GstRtp-1_0-1.8.3-3.1

typelib-1_0-GstRtsp-1_0-1.8.3-3.1

typelib-1_0-GstSdp-1_0-1.8.3-3.1

typelib-1_0-GstTag-1_0-1.8.3-3.1

typelib-1_0-GstVideo-1_0-1.8.3-3.1

Ссылки

https://lists.opensuse.org/opensuse-updates/2017-01/msg00155.html
E-Mail link for openSUSE-SU-2017:0311-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

The windows_icon_typefind function in gst-plugins-base in GStreamer before 1.10.2, when G_SLICE is set to always-malloc, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ico file.

Затронутые продукты

openSUSE Leap 42.2:gstreamer-plugins-base-1.8.3-3.1

openSUSE Leap 42.2:gstreamer-plugins-base-32bit-1.8.3-3.1

openSUSE Leap 42.2:gstreamer-plugins-base-devel-1.8.3-3.1

openSUSE Leap 42.2:gstreamer-plugins-base-devel-32bit-1.8.3-3.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-9811.html
CVE-2016-9811
https://bugzilla.suse.com/1013669
SUSE Bug 1013669

openSUSE-SU-2017:0311-1

Описание

Список пакетов

openSUSE Leap 42.2

Ссылки

Уязвимость: CVE-2016-9811

Описание

Затронутые продукты

Ссылки