(RHSA-2016:2975) Important: gstreamer-plugins-good security update

2016-12-21T16:39:29
ID RHSA-2016:2975
Type redhat
Reporter RedHat
Modified 2018-06-06T20:24:17

Description

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer-plugins-good packages contain a collection of well-supported plug-ins of good quality and under the LGPL license.

Security Fix(es):

  • Multiple flaws were discovered in GStreamer's FLC/FLI/FLX media file format decoding plug-in. A remote attacker could use these flaws to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9634, CVE-2016-9635, CVE-2016-9636, CVE-2016-9808)

  • An invalid memory read access flaw was found in GStreamer's FLC/FLI/FLX media file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash. (CVE-2016-9807)

Note: This updates removes the vulnerable FLC/FLI/FLX plug-in.