SUSE-SU-2017:1010-1
Vulnerability Summary
Timeline
Description
Security update for gstreamer-plugins-good This update for gstreamer-plugins-good fixes the following issues: - A crafted aac audio file could have caused an invalid read and thus corruption or denial of service (bsc#1024014, CVE-2016-10198) - A crafted mp4 file could have caused an invalid read and thus corruption or denial of service (bsc#1024017, CVE-2016-10199) - A crafted avi file could have caused an invalid read and thus corruption or denial of service (bsc#1024034, CVE-2017-5840) - A crafted AVI file with metadata tag entries (ncdt) could have caused invalid read access and thus corruption or denial of service (bsc#1024030, CVE-2017-5841) - A crafted avi file could have caused an invalid read access resulting in denial of service (bsc#1024062, CVE-2017-5845)
Affected Systems
- suse•gstreamer-plugins-good&distro=SUSE Linux Enterprise Desktop 12 SP2
< 1.8.3-12.12
- suse•gstreamer-plugins-good&distro=SUSE Linux Enterprise Server 12 SP2
< 1.8.3-12.12
- suse•gstreamer-plugins-good&distro=SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
< 1.8.3-12.12
- suse•gstreamer-plugins-good&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP2
< 1.8.3-12.12
References (11)
- https://www.suse.com/support/update/announcement/2017/suse-su-20171010-1/
- https://bugzilla.suse.com/1024014
- https://bugzilla.suse.com/1024017
- https://bugzilla.suse.com/1024030
- https://bugzilla.suse.com/1024034
- https://bugzilla.suse.com/1024062
- https://www.suse.com/security/cve/CVE-2016-10198
- https://www.suse.com/security/cve/CVE-2016-10199
- https://www.suse.com/security/cve/CVE-2017-5840
- https://www.suse.com/security/cve/CVE-2017-5841
- https://www.suse.com/security/cve/CVE-2017-5845