(RHSA-2009:0270) Important: gstreamer-plugins security update

2009-02-0600:00:00

access.redhat.com

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.086 Low

EPSS

Percentile

93.8%

JSON

The gstreamer-plugins package contains plugins used by the GStreamer
streaming-media framework to support a wide variety of media types.

A heap buffer overflow was found in the GStreamer’s QuickTime media file
format decoding plug-in. An attacker could create a carefully-crafted
QuickTime media .mov file that would cause an application using GStreamer
to crash or, potentially, execute arbitrary code if played by a victim.
(CVE-2009-0397)

All users of gstreamer-plugins are advised to upgrade to these updated
packages, which contain a backported patch to correct this issue. After
installing the update, all applications using GStreamer (such as rhythmbox)
must be restarted for the changes to take effect.

OSVersionArchitecturePackageVersionFilename
RedHatanyx86_64gstreamer-plugins< 0.8.5-1.EL.2gstreamer-plugins-0.8.5-1.EL.2.x86_64.rpm
RedHatanys390xgstreamer-plugins-devel< 0.8.5-1.EL.2gstreamer-plugins-devel-0.8.5-1.EL.2.s390x.rpm
RedHatanyi386gstreamer-plugins< 0.8.5-1.EL.2gstreamer-plugins-0.8.5-1.EL.2.i386.rpm
RedHatanyia64gstreamer-plugins-devel< 0.8.5-1.EL.2gstreamer-plugins-devel-0.8.5-1.EL.2.ia64.rpm
RedHatanys390xgstreamer-plugins< 0.8.5-1.EL.2gstreamer-plugins-0.8.5-1.EL.2.s390x.rpm
RedHatanyppcgstreamer-plugins-devel< 0.8.5-1.EL.2gstreamer-plugins-devel-0.8.5-1.EL.2.ppc.rpm
RedHatanyia64gstreamer-plugins< 0.8.5-1.EL.2gstreamer-plugins-0.8.5-1.EL.2.ia64.rpm
RedHatanyppcgstreamer-plugins< 0.8.5-1.EL.2gstreamer-plugins-0.8.5-1.EL.2.ppc.rpm
RedHatanysrcgstreamer-plugins< 0.8.5-1.EL.2gstreamer-plugins-0.8.5-1.EL.2.src.rpm
RedHatanys390gstreamer-plugins-devel< 0.8.5-1.EL.2gstreamer-plugins-devel-0.8.5-1.EL.2.s390.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	any	x86_64	gstreamer-plugins	< 0.8.5-1.EL.2	gstreamer-plugins-0.8.5-1.EL.2.x86_64.rpm
RedHat	any	s390x	gstreamer-plugins-devel	< 0.8.5-1.EL.2	gstreamer-plugins-devel-0.8.5-1.EL.2.s390x.rpm
RedHat	any	i386	gstreamer-plugins	< 0.8.5-1.EL.2	gstreamer-plugins-0.8.5-1.EL.2.i386.rpm
RedHat	any	ia64	gstreamer-plugins-devel	< 0.8.5-1.EL.2	gstreamer-plugins-devel-0.8.5-1.EL.2.ia64.rpm
RedHat	any	s390x	gstreamer-plugins	< 0.8.5-1.EL.2	gstreamer-plugins-0.8.5-1.EL.2.s390x.rpm
RedHat	any	ppc	gstreamer-plugins-devel	< 0.8.5-1.EL.2	gstreamer-plugins-devel-0.8.5-1.EL.2.ppc.rpm
RedHat	any	ia64	gstreamer-plugins	< 0.8.5-1.EL.2	gstreamer-plugins-0.8.5-1.EL.2.ia64.rpm
RedHat	any	ppc	gstreamer-plugins	< 0.8.5-1.EL.2	gstreamer-plugins-0.8.5-1.EL.2.ppc.rpm
RedHat	any	src	gstreamer-plugins	< 0.8.5-1.EL.2	gstreamer-plugins-0.8.5-1.EL.2.src.rpm
RedHat	any	s390	gstreamer-plugins-devel	< 0.8.5-1.EL.2	gstreamer-plugins-devel-0.8.5-1.EL.2.s390.rpm