(RHSA-2011:1264) Important: gstreamer-plugins security update

2011-09-0600:00:00

access.redhat.com

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.058 Low

EPSS

Percentile

92.5%

JSON

The gstreamer-plugins packages contain plug-ins used by the GStreamer
streaming-media framework to support a wide variety of media formats.

An integer overflow flaw, a boundary error, and multiple off-by-one flaws
were found in various ModPlug music file format library (libmodplug)
modules, embedded in GStreamer. An attacker could create specially-crafted
music files that, when played by a victim, would cause applications using
GStreamer to crash or, potentially, execute arbitrary code. (CVE-2011-2911,
CVE-2011-2912, CVE-2011-2913, CVE-2011-2914, CVE-2011-2915)

All users of gstreamer-plugins are advised to upgrade to these updated
packages, which contain backported patches to correct these issues. After
installing the update, all applications using GStreamer (such as Rhythmbox)
must be restarted for the changes to take effect.

OSVersionArchitecturePackageVersionFilename
RedHatanyx86_64gstreamer-plugins< 0.8.5-1.EL.4gstreamer-plugins-0.8.5-1.EL.4.x86_64.rpm
RedHatanyi386gstreamer-plugins-devel< 0.8.5-1.EL.4gstreamer-plugins-devel-0.8.5-1.EL.4.i386.rpm
RedHatanys390xgstreamer-plugins< 0.8.5-1.EL.4gstreamer-plugins-0.8.5-1.EL.4.s390x.rpm
RedHatanyppcgstreamer-plugins-devel< 0.8.5-1.EL.4gstreamer-plugins-devel-0.8.5-1.EL.4.ppc.rpm
RedHatanys390xgstreamer-plugins-devel< 0.8.5-1.EL.4gstreamer-plugins-devel-0.8.5-1.EL.4.s390x.rpm
RedHatanyia64gstreamer-plugins-devel< 0.8.5-1.EL.4gstreamer-plugins-devel-0.8.5-1.EL.4.ia64.rpm
RedHatanys390gstreamer-plugins-devel< 0.8.5-1.EL.4gstreamer-plugins-devel-0.8.5-1.EL.4.s390.rpm
RedHatanyppcgstreamer-plugins< 0.8.5-1.EL.4gstreamer-plugins-0.8.5-1.EL.4.ppc.rpm
RedHatanyx86_64gstreamer-plugins-devel< 0.8.5-1.EL.4gstreamer-plugins-devel-0.8.5-1.EL.4.x86_64.rpm
RedHatanys390gstreamer-plugins< 0.8.5-1.EL.4gstreamer-plugins-0.8.5-1.EL.4.s390.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	any	x86_64	gstreamer-plugins	< 0.8.5-1.EL.4	gstreamer-plugins-0.8.5-1.EL.4.x86_64.rpm
RedHat	any	i386	gstreamer-plugins-devel	< 0.8.5-1.EL.4	gstreamer-plugins-devel-0.8.5-1.EL.4.i386.rpm
RedHat	any	s390x	gstreamer-plugins	< 0.8.5-1.EL.4	gstreamer-plugins-0.8.5-1.EL.4.s390x.rpm
RedHat	any	ppc	gstreamer-plugins-devel	< 0.8.5-1.EL.4	gstreamer-plugins-devel-0.8.5-1.EL.4.ppc.rpm
RedHat	any	s390x	gstreamer-plugins-devel	< 0.8.5-1.EL.4	gstreamer-plugins-devel-0.8.5-1.EL.4.s390x.rpm
RedHat	any	ia64	gstreamer-plugins-devel	< 0.8.5-1.EL.4	gstreamer-plugins-devel-0.8.5-1.EL.4.ia64.rpm
RedHat	any	s390	gstreamer-plugins-devel	< 0.8.5-1.EL.4	gstreamer-plugins-devel-0.8.5-1.EL.4.s390.rpm
RedHat	any	ppc	gstreamer-plugins	< 0.8.5-1.EL.4	gstreamer-plugins-0.8.5-1.EL.4.ppc.rpm
RedHat	any	x86_64	gstreamer-plugins-devel	< 0.8.5-1.EL.4	gstreamer-plugins-devel-0.8.5-1.EL.4.x86_64.rpm
RedHat	any	s390	gstreamer-plugins	< 0.8.5-1.EL.4	gstreamer-plugins-0.8.5-1.EL.4.s390.rpm