Security update for gstreamer-0_10-plugins-bad
SUSE Patch
security@suse.de
SUSE Security Team
openSUSE-SU-2017:0291-1
Final
1
1
2017-01-26T11:33:18Z
current
2017-01-26T11:33:18Z
2017-01-26T11:33:18Z
cve-database/bin/generate-cvrf.pl
2017-02-24T01:00:00Z
Security update for gstreamer-0_10-plugins-bad
This update for gstreamer-0_10-plugins-bad fixes the following issue:
- CVE-2016-9809: Off by one read in gst_h264_parse_set_caps() (bsc#1013659)
The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0)
https://lists.opensuse.org/opensuse-updates/2017-01/msg00147.html
E-Mail link for openSUSE-SU-2017:0291-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
openSUSE Leap 42.1
gstreamer-0_10-plugins-bad-0.10.23-25.1
gstreamer-0_10-plugins-bad-32bit-0.10.23-25.1
gstreamer-0_10-plugins-bad-devel-0.10.23-25.1
gstreamer-0_10-plugins-bad-doc-0.10.23-25.1
gstreamer-0_10-plugins-bad-lang-0.10.23-25.1
libgstbasecamerabinsrc-0_10-23-0.10.23-25.1
libgstbasecamerabinsrc-0_10-23-32bit-0.10.23-25.1
libgstbasevideo-0_10-23-0.10.23-25.1
libgstbasevideo-0_10-23-32bit-0.10.23-25.1
libgstcodecparsers-0_10-23-0.10.23-25.1
libgstcodecparsers-0_10-23-32bit-0.10.23-25.1
libgstphotography-0_10-23-0.10.23-25.1
libgstphotography-0_10-23-32bit-0.10.23-25.1
libgstsignalprocessor-0_10-23-0.10.23-25.1
libgstsignalprocessor-0_10-23-32bit-0.10.23-25.1
libgstvdp-0_10-23-0.10.23-25.1
libgstvdp-0_10-23-32bit-0.10.23-25.1
gstreamer-0_10-plugins-bad-0.10.23-25.1 as a component of openSUSE Leap 42.1
gstreamer-0_10-plugins-bad-32bit-0.10.23-25.1 as a component of openSUSE Leap 42.1
gstreamer-0_10-plugins-bad-devel-0.10.23-25.1 as a component of openSUSE Leap 42.1
gstreamer-0_10-plugins-bad-doc-0.10.23-25.1 as a component of openSUSE Leap 42.1
gstreamer-0_10-plugins-bad-lang-0.10.23-25.1 as a component of openSUSE Leap 42.1
libgstbasecamerabinsrc-0_10-23-0.10.23-25.1 as a component of openSUSE Leap 42.1
libgstbasecamerabinsrc-0_10-23-32bit-0.10.23-25.1 as a component of openSUSE Leap 42.1
libgstbasevideo-0_10-23-0.10.23-25.1 as a component of openSUSE Leap 42.1
libgstbasevideo-0_10-23-32bit-0.10.23-25.1 as a component of openSUSE Leap 42.1
libgstcodecparsers-0_10-23-0.10.23-25.1 as a component of openSUSE Leap 42.1
libgstcodecparsers-0_10-23-32bit-0.10.23-25.1 as a component of openSUSE Leap 42.1
libgstphotography-0_10-23-0.10.23-25.1 as a component of openSUSE Leap 42.1
libgstphotography-0_10-23-32bit-0.10.23-25.1 as a component of openSUSE Leap 42.1
libgstsignalprocessor-0_10-23-0.10.23-25.1 as a component of openSUSE Leap 42.1
libgstsignalprocessor-0_10-23-32bit-0.10.23-25.1 as a component of openSUSE Leap 42.1
libgstvdp-0_10-23-0.10.23-25.1 as a component of openSUSE Leap 42.1
libgstvdp-0_10-23-32bit-0.10.23-25.1 as a component of openSUSE Leap 42.1
Off-by-one error in the gst_h264_parse_set_caps function in GStreamer before 1.10.2 allows remote attackers to have unspecified impact via a crafted file, which triggers an out-of-bounds read.
CVE-2016-9809
openSUSE Leap 42.1:gstreamer-0_10-plugins-bad-0.10.23-25.1
openSUSE Leap 42.1:gstreamer-0_10-plugins-bad-32bit-0.10.23-25.1
openSUSE Leap 42.1:gstreamer-0_10-plugins-bad-devel-0.10.23-25.1
openSUSE Leap 42.1:gstreamer-0_10-plugins-bad-doc-0.10.23-25.1
openSUSE Leap 42.1:gstreamer-0_10-plugins-bad-lang-0.10.23-25.1
openSUSE Leap 42.1:libgstbasecamerabinsrc-0_10-23-0.10.23-25.1
openSUSE Leap 42.1:libgstbasecamerabinsrc-0_10-23-32bit-0.10.23-25.1
openSUSE Leap 42.1:libgstbasevideo-0_10-23-0.10.23-25.1
openSUSE Leap 42.1:libgstbasevideo-0_10-23-32bit-0.10.23-25.1
openSUSE Leap 42.1:libgstcodecparsers-0_10-23-0.10.23-25.1
openSUSE Leap 42.1:libgstcodecparsers-0_10-23-32bit-0.10.23-25.1
openSUSE Leap 42.1:libgstphotography-0_10-23-0.10.23-25.1
openSUSE Leap 42.1:libgstphotography-0_10-23-32bit-0.10.23-25.1
openSUSE Leap 42.1:libgstsignalprocessor-0_10-23-0.10.23-25.1
openSUSE Leap 42.1:libgstsignalprocessor-0_10-23-32bit-0.10.23-25.1
openSUSE Leap 42.1:libgstvdp-0_10-23-0.10.23-25.1
openSUSE Leap 42.1:libgstvdp-0_10-23-32bit-0.10.23-25.1
moderate
4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P
Please Install the update.
https://lists.opensuse.org/opensuse-updates/2017-01/msg00147.html
https://www.suse.com/security/cve/CVE-2016-9809.html
CVE-2016-9809
https://bugzilla.suse.com/1013659
SUSE Bug 1013659