RHSA-2017:2060

Description

Red Hat Security Advisory: GStreamer security, bug fix, and enhancement update

CVSS Metrics

• v3.0•MEDIUM•Score: 5.5CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected Systems

• redhat•clutter-gst2

  < 0:2.0.18-1.el7 | < 0:2.0.18-1.el7 | < 0:2.0.18-1.el7 | < 0:2.0.18-1.el7

• redhat•clutter-gst2-debuginfo

  < 0:2.0.18-1.el7 | < 0:2.0.18-1.el7 | < 0:2.0.18-1.el7 | < 0:2.0.18-1.el7

• redhat•clutter-gst2-devel

  < 0:2.0.18-1.el7 | < 0:2.0.18-1.el7 | < 0:2.0.18-1.el7 | < 0:2.0.18-1.el7

• redhat•gnome-video-effects

  < 0:0.4.3-1.el7 | < 0:0.4.3-1.el7 | < 0:0.4.3-1.el7 | < 0:0.4.3-1.el7

• redhat•gstreamer-plugins-bad-free

  < 0:0.10.23-23.el7 | < 0:0.10.23-23.el7 | < 0:0.10.23-23.el7

• redhat•gstreamer-plugins-bad-free-debuginfo

  < 0:0.10.23-23.el7 | < 0:0.10.23-23.el7 | < 0:0.10.23-23.el7

• redhat•gstreamer-plugins-bad-free-devel

  < 0:0.10.23-23.el7 | < 0:0.10.23-23.el7 | < 0:0.10.23-23.el7

• redhat•gstreamer-plugins-bad-free-devel-docs

  < 0:0.10.23-23.el7 | < 0:0.10.23-23.el7 | < 0:0.10.23-23.el7

• redhat•gstreamer-plugins-good

  < 0:0.10.31-13.el7 | < 0:0.10.31-13.el7 | < 0:0.10.31-13.el7 | < 0:0.10.31-13.el7

• redhat•gstreamer-plugins-good-debuginfo

  < 0:0.10.31-13.el7 | < 0:0.10.31-13.el7 | < 0:0.10.31-13.el7 | < 0:0.10.31-13.el7

• redhat•gstreamer-plugins-good-devel-docs

  < 0:0.10.31-13.el7 | < 0:0.10.31-13.el7 | < 0:0.10.31-13.el7 | < 0:0.10.31-13.el7

• redhat•gstreamer1

  < 0:1.10.4-2.el7 | < 0:1.10.4-2.el7 | < 0:1.10.4-2.el7 | < 0:1.10.4-2.el7

• redhat•gstreamer1-debuginfo

  < 0:1.10.4-2.el7 | < 0:1.10.4-2.el7 | < 0:1.10.4-2.el7 | < 0:1.10.4-2.el7

• redhat•gstreamer1-devel

  < 0:1.10.4-2.el7 | < 0:1.10.4-2.el7 | < 0:1.10.4-2.el7 | < 0:1.10.4-2.el7

• redhat•gstreamer1-devel-docs

  < 0:1.10.4-2.el7 | < 0:1.10.4-2.el7 | < 0:1.10.4-2.el7 | < 0:1.10.4-2.el7

• redhat•gstreamer1-plugins-bad-free

  < 0:1.10.4-2.el7 | < 0:1.10.4-2.el7 | < 0:1.10.4-2.el7 | < 0:1.10.4-2.el7

• redhat•gstreamer1-plugins-bad-free-debuginfo

  < 0:1.10.4-2.el7 | < 0:1.10.4-2.el7 | < 0:1.10.4-2.el7 | < 0:1.10.4-2.el7

• redhat•gstreamer1-plugins-bad-free-devel

  < 0:1.10.4-2.el7 | < 0:1.10.4-2.el7 | < 0:1.10.4-2.el7 | < 0:1.10.4-2.el7

• redhat•gstreamer1-plugins-bad-free-gtk

  < 0:1.10.4-2.el7 | < 0:1.10.4-2.el7 | < 0:1.10.4-2.el7 | < 0:1.10.4-2.el7

• redhat•gstreamer1-plugins-base

  < 0:1.10.4-1.el7 | < 0:1.10.4-1.el7 | < 0:1.10.4-1.el7 | < 0:1.10.4-1.el7

• redhat•gstreamer1-plugins-base-debuginfo

  < 0:1.10.4-1.el7 | < 0:1.10.4-1.el7 | < 0:1.10.4-1.el7 | < 0:1.10.4-1.el7

• redhat•gstreamer1-plugins-base-devel

  < 0:1.10.4-1.el7 | < 0:1.10.4-1.el7 | < 0:1.10.4-1.el7 | < 0:1.10.4-1.el7

• redhat•gstreamer1-plugins-base-devel-docs

  < 0:1.10.4-1.el7 | < 0:1.10.4-1.el7 | < 0:1.10.4-1.el7 | < 0:1.10.4-1.el7

• redhat•gstreamer1-plugins-base-tools

  < 0:1.10.4-1.el7 | < 0:1.10.4-1.el7 | < 0:1.10.4-1.el7 | < 0:1.10.4-1.el7

• redhat•gstreamer1-plugins-good

  < 0:1.10.4-2.el7 | < 0:1.10.4-2.el7 | < 0:1.10.4-2.el7 | < 0:1.10.4-2.el7

• redhat•gstreamer1-plugins-good-debuginfo

  < 0:1.10.4-2.el7 | < 0:1.10.4-2.el7 | < 0:1.10.4-2.el7 | < 0:1.10.4-2.el7

• redhat•orc

  < 0:0.4.26-1.el7 | < 0:0.4.26-1.el7 | < 0:0.4.26-1.el7 | < 0:0.4.26-1.el7

• redhat•orc-compiler

  < 0:0.4.26-1.el7 | < 0:0.4.26-1.el7 | < 0:0.4.26-1.el7 | < 0:0.4.26-1.el7

• redhat•orc-debuginfo

  < 0:0.4.26-1.el7 | < 0:0.4.26-1.el7 | < 0:0.4.26-1.el7 | < 0:0.4.26-1.el7

• redhat•orc-devel

  < 0:0.4.26-1.el7 | < 0:0.4.26-1.el7 | < 0:0.4.26-1.el7 | < 0:0.4.26-1.el7

• redhat•orc-doc

  < 0:0.4.26-1.el7 | < 0:0.4.26-1.el7 | < 0:0.4.26-1.el7 | < 0:0.4.26-1.el7

References (74)

• https://access.redhat.com/errata/RHSA-2017:2060
• https://access.redhat.com/security/updates/classification/#moderate
• https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/7.4_Release_Notes/index.html
• https://bugzilla.redhat.com/show_bug.cgi?id=1265905
• https://bugzilla.redhat.com/show_bug.cgi?id=1386833
• https://bugzilla.redhat.com/show_bug.cgi?id=1386968
• https://bugzilla.redhat.com/show_bug.cgi?id=1397063
• https://bugzilla.redhat.com/show_bug.cgi?id=1401913
• https://bugzilla.redhat.com/show_bug.cgi?id=1401918
• https://bugzilla.redhat.com/show_bug.cgi?id=1406039
• https://bugzilla.redhat.com/show_bug.cgi?id=1419558
• https://bugzilla.redhat.com/show_bug.cgi?id=1419580
• https://bugzilla.redhat.com/show_bug.cgi?id=1419582
• https://bugzilla.redhat.com/show_bug.cgi?id=1419583
• https://bugzilla.redhat.com/show_bug.cgi?id=1419584
• https://bugzilla.redhat.com/show_bug.cgi?id=1419586
• https://bugzilla.redhat.com/show_bug.cgi?id=1419587
• https://bugzilla.redhat.com/show_bug.cgi?id=1419588
• https://bugzilla.redhat.com/show_bug.cgi?id=1419589
• https://bugzilla.redhat.com/show_bug.cgi?id=1419591
• https://bugzilla.redhat.com/show_bug.cgi?id=1419592
• https://bugzilla.redhat.com/show_bug.cgi?id=1419600
• https://bugzilla.redhat.com/show_bug.cgi?id=1420650
• https://bugzilla.redhat.com/show_bug.cgi?id=1428918
• https://bugzilla.redhat.com/show_bug.cgi?id=1429577
• https://bugzilla.redhat.com/show_bug.cgi?id=1429587
• https://bugzilla.redhat.com/show_bug.cgi?id=1430051
• https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2060.json
• https://access.redhat.com/security/cve/CVE-2016-9446
• https://www.cve.org/CVERecord?id=CVE-2016-9446
• https://nvd.nist.gov/vuln/detail/CVE-2016-9446
• https://scarybeastsecurity.blogspot.sk/2016/11/0day-poc-risky-design-decisions-in.html
• https://access.redhat.com/security/cve/CVE-2016-9810
• https://www.cve.org/CVERecord?id=CVE-2016-9810
• https://nvd.nist.gov/vuln/detail/CVE-2016-9810
• https://access.redhat.com/security/cve/CVE-2016-9811
• https://www.cve.org/CVERecord?id=CVE-2016-9811
• https://nvd.nist.gov/vuln/detail/CVE-2016-9811
• https://access.redhat.com/security/cve/CVE-2016-10198
• https://www.cve.org/CVERecord?id=CVE-2016-10198
• https://nvd.nist.gov/vuln/detail/CVE-2016-10198
• https://access.redhat.com/security/cve/CVE-2016-10199
• https://www.cve.org/CVERecord?id=CVE-2016-10199
• https://nvd.nist.gov/vuln/detail/CVE-2016-10199
• https://access.redhat.com/security/cve/CVE-2017-5837
• https://www.cve.org/CVERecord?id=CVE-2017-5837
• https://nvd.nist.gov/vuln/detail/CVE-2017-5837
• https://access.redhat.com/security/cve/CVE-2017-5838
• https://www.cve.org/CVERecord?id=CVE-2017-5838
• https://nvd.nist.gov/vuln/detail/CVE-2017-5838
• https://access.redhat.com/security/cve/CVE-2017-5839
• https://www.cve.org/CVERecord?id=CVE-2017-5839
• https://nvd.nist.gov/vuln/detail/CVE-2017-5839
• https://access.redhat.com/security/cve/CVE-2017-5840
• https://www.cve.org/CVERecord?id=CVE-2017-5840
• https://nvd.nist.gov/vuln/detail/CVE-2017-5840
• https://access.redhat.com/security/cve/CVE-2017-5841
• https://www.cve.org/CVERecord?id=CVE-2017-5841
• https://nvd.nist.gov/vuln/detail/CVE-2017-5841
• https://access.redhat.com/security/cve/CVE-2017-5842
• https://www.cve.org/CVERecord?id=CVE-2017-5842
• https://nvd.nist.gov/vuln/detail/CVE-2017-5842
• https://access.redhat.com/security/cve/CVE-2017-5843
• https://www.cve.org/CVERecord?id=CVE-2017-5843
• https://nvd.nist.gov/vuln/detail/CVE-2017-5843
• https://access.redhat.com/security/cve/CVE-2017-5844
• https://www.cve.org/CVERecord?id=CVE-2017-5844
• https://nvd.nist.gov/vuln/detail/CVE-2017-5844
• https://access.redhat.com/security/cve/CVE-2017-5845
• https://www.cve.org/CVERecord?id=CVE-2017-5845
• https://nvd.nist.gov/vuln/detail/CVE-2017-5845
• https://access.redhat.com/security/cve/CVE-2017-5848
• https://www.cve.org/CVERecord?id=CVE-2017-5848
• https://nvd.nist.gov/vuln/detail/CVE-2017-5848