openSUSE-SU-2017:1031-1

Опубликовано: 18 апр. 2017

Источник: suse-cvrf

Описание

Security update for gstreamer

This update for gstreamer fixes the following security issues:

A crafted AVI file could have caused an invalid memory read, possibly causing DoS or corruption (bsc#1024051, CVE-2017-5838)

This update was imported from the SUSE:SLE-12-SP2:Update update project.

Список пакетов

openSUSE Leap 42.2

gstreamer-1.8.3-2.3.1

gstreamer-32bit-1.8.3-2.3.1

gstreamer-devel-1.8.3-2.3.1

gstreamer-doc-1.8.3-2.3.1

gstreamer-lang-1.8.3-2.3.1

gstreamer-utils-1.8.3-2.3.1

libgstreamer-1_0-0-1.8.3-2.3.1

libgstreamer-1_0-0-32bit-1.8.3-2.3.1

typelib-1_0-Gst-1_0-1.8.3-2.3.1

Ссылки

https://lists.opensuse.org/opensuse-updates/2017-04/msg00058.html
E-Mail link for openSUSE-SU-2017:1031-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

The gst_date_time_new_from_iso8601_string function in gst/gstdatetime.c in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a malformed datetime string.

Затронутые продукты

openSUSE Leap 42.2:gstreamer-1.8.3-2.3.1

openSUSE Leap 42.2:gstreamer-32bit-1.8.3-2.3.1

openSUSE Leap 42.2:gstreamer-devel-1.8.3-2.3.1

openSUSE Leap 42.2:gstreamer-doc-1.8.3-2.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2017-5838.html
CVE-2017-5838
https://bugzilla.suse.com/1023259
SUSE Bug 1023259
https://bugzilla.suse.com/1024051
SUSE Bug 1024051

openSUSE-SU-2017:1031-1

Описание

Список пакетов

openSUSE Leap 42.2

Ссылки

Уязвимость: CVE-2017-5838

Описание

Затронутые продукты

Ссылки