openSUSE-SU-2017:0580-1

Опубликовано: 28 фев. 2017

Источник: suse-cvrf

Описание

Security update for gstreamer

This update for gstreamer fixes the following security issues:

A crafted AVI file could have caused an invalid memory read, possibly causing DoS or corruption (bsc#1024051, CVE-2017-5838)

Список пакетов

openSUSE Leap 42.1

gstreamer-1.4.5-5.1

gstreamer-32bit-1.4.5-5.1

gstreamer-devel-1.4.5-5.1

gstreamer-doc-1.4.5-5.1

gstreamer-lang-1.4.5-5.1

gstreamer-utils-1.4.5-5.1

libgstreamer-1_0-0-1.4.5-5.1

libgstreamer-1_0-0-32bit-1.4.5-5.1

typelib-1_0-Gst-1_0-1.4.5-5.1

Ссылки

https://lists.opensuse.org/opensuse-updates/2017-02/msg00120.html
E-Mail link for openSUSE-SU-2017:0580-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

The gst_date_time_new_from_iso8601_string function in gst/gstdatetime.c in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a malformed datetime string.

Затронутые продукты

openSUSE Leap 42.1:gstreamer-1.4.5-5.1

openSUSE Leap 42.1:gstreamer-32bit-1.4.5-5.1

openSUSE Leap 42.1:gstreamer-devel-1.4.5-5.1

openSUSE Leap 42.1:gstreamer-doc-1.4.5-5.1

Ссылки

https://www.suse.com/security/cve/CVE-2017-5838.html
CVE-2017-5838
https://bugzilla.suse.com/1023259
SUSE Bug 1023259
https://bugzilla.suse.com/1024051
SUSE Bug 1024051

openSUSE-SU-2017:0580-1

Описание

Список пакетов

openSUSE Leap 42.1

Ссылки

Уязвимость: CVE-2017-5838

Описание

Затронутые продукты

Ссылки