Security update for gstreamer-0_10-plugins-bad
SUSE Patch
security@suse.de
SUSE Security Team
SUSE-SU-2017:0330-1
Final
1
1
2017-01-30T12:27:46Z
current
2017-01-30T12:27:46Z
2017-01-30T12:27:46Z
cve-database/bin/generate-cvrf.pl
2017-02-24T01:00:00Z
Security update for gstreamer-0_10-plugins-bad
This update for gstreamer-0_10-plugins-bad fixes the following issue:
- CVE-2016-9809: Off by one read in gst_h264_parse_set_caps() (bsc#1013659)
The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
SUSE-SLE-DESKTOP-12-SP2-2017-167,SUSE-SLE-SDK-12-SP2-2017-167,SUSE-SLE-WE-12-SP2-2017-167
Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0)
https://www.suse.com/support/update/announcement/2017/suse-su-20170330-1/
Link for SUSE-SU-2017:0330-1
https://lists.suse.com/pipermail/sle-security-updates/2017-January/002607.html
E-Mail link for SUSE-SU-2017:0330-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1013659
SUSE Bug 1013659
https://www.suse.com/security/cve/CVE-2016-9809/
SUSE CVE CVE-2016-9809 page
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Software Development Kit 12 SP2
SUSE Linux Enterprise Workstation Extension 12 SP2
gstreamer-0_10-plugins-bad-0.10.23-25.1
gstreamer-0_10-plugins-bad-lang-0.10.23-25.1
libgstbasecamerabinsrc-0_10-23-0.10.23-25.1
libgstbasecamerabinsrc-0_10-23-32bit-0.10.23-25.1
libgstbasevideo-0_10-23-0.10.23-25.1
libgstbasevideo-0_10-23-32bit-0.10.23-25.1
libgstcodecparsers-0_10-23-0.10.23-25.1
libgstphotography-0_10-23-0.10.23-25.1
libgstphotography-0_10-23-32bit-0.10.23-25.1
libgstsignalprocessor-0_10-23-0.10.23-25.1
libgstsignalprocessor-0_10-23-32bit-0.10.23-25.1
libgstvdp-0_10-23-0.10.23-25.1
libgstvdp-0_10-23-32bit-0.10.23-25.1
gstreamer-0_10-plugins-bad-devel-0.10.23-25.1
gstreamer-0_10-plugins-bad-0.10.23-25.1 as a component of SUSE Linux Enterprise Desktop 12 SP2
gstreamer-0_10-plugins-bad-lang-0.10.23-25.1 as a component of SUSE Linux Enterprise Desktop 12 SP2
libgstbasecamerabinsrc-0_10-23-0.10.23-25.1 as a component of SUSE Linux Enterprise Desktop 12 SP2
libgstbasecamerabinsrc-0_10-23-32bit-0.10.23-25.1 as a component of SUSE Linux Enterprise Desktop 12 SP2
libgstbasevideo-0_10-23-0.10.23-25.1 as a component of SUSE Linux Enterprise Desktop 12 SP2
libgstbasevideo-0_10-23-32bit-0.10.23-25.1 as a component of SUSE Linux Enterprise Desktop 12 SP2
libgstcodecparsers-0_10-23-0.10.23-25.1 as a component of SUSE Linux Enterprise Desktop 12 SP2
libgstphotography-0_10-23-0.10.23-25.1 as a component of SUSE Linux Enterprise Desktop 12 SP2
libgstphotography-0_10-23-32bit-0.10.23-25.1 as a component of SUSE Linux Enterprise Desktop 12 SP2
libgstsignalprocessor-0_10-23-0.10.23-25.1 as a component of SUSE Linux Enterprise Desktop 12 SP2
libgstsignalprocessor-0_10-23-32bit-0.10.23-25.1 as a component of SUSE Linux Enterprise Desktop 12 SP2
libgstvdp-0_10-23-0.10.23-25.1 as a component of SUSE Linux Enterprise Desktop 12 SP2
libgstvdp-0_10-23-32bit-0.10.23-25.1 as a component of SUSE Linux Enterprise Desktop 12 SP2
gstreamer-0_10-plugins-bad-devel-0.10.23-25.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP2
libgstbasecamerabinsrc-0_10-23-0.10.23-25.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP2
libgstbasevideo-0_10-23-0.10.23-25.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP2
libgstcodecparsers-0_10-23-0.10.23-25.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP2
libgstphotography-0_10-23-0.10.23-25.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP2
libgstsignalprocessor-0_10-23-0.10.23-25.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP2
libgstvdp-0_10-23-0.10.23-25.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP2
gstreamer-0_10-plugins-bad-0.10.23-25.1 as a component of SUSE Linux Enterprise Workstation Extension 12 SP2
gstreamer-0_10-plugins-bad-lang-0.10.23-25.1 as a component of SUSE Linux Enterprise Workstation Extension 12 SP2
libgstbasecamerabinsrc-0_10-23-0.10.23-25.1 as a component of SUSE Linux Enterprise Workstation Extension 12 SP2
libgstbasecamerabinsrc-0_10-23-32bit-0.10.23-25.1 as a component of SUSE Linux Enterprise Workstation Extension 12 SP2
libgstbasevideo-0_10-23-0.10.23-25.1 as a component of SUSE Linux Enterprise Workstation Extension 12 SP2
libgstbasevideo-0_10-23-32bit-0.10.23-25.1 as a component of SUSE Linux Enterprise Workstation Extension 12 SP2
libgstcodecparsers-0_10-23-0.10.23-25.1 as a component of SUSE Linux Enterprise Workstation Extension 12 SP2
libgstphotography-0_10-23-0.10.23-25.1 as a component of SUSE Linux Enterprise Workstation Extension 12 SP2
libgstphotography-0_10-23-32bit-0.10.23-25.1 as a component of SUSE Linux Enterprise Workstation Extension 12 SP2
libgstsignalprocessor-0_10-23-0.10.23-25.1 as a component of SUSE Linux Enterprise Workstation Extension 12 SP2
libgstsignalprocessor-0_10-23-32bit-0.10.23-25.1 as a component of SUSE Linux Enterprise Workstation Extension 12 SP2
libgstvdp-0_10-23-0.10.23-25.1 as a component of SUSE Linux Enterprise Workstation Extension 12 SP2
libgstvdp-0_10-23-32bit-0.10.23-25.1 as a component of SUSE Linux Enterprise Workstation Extension 12 SP2
Off-by-one error in the gst_h264_parse_set_caps function in GStreamer before 1.10.2 allows remote attackers to have unspecified impact via a crafted file, which triggers an out-of-bounds read.
CVE-2016-9809
SUSE Linux Enterprise Desktop 12 SP2:gstreamer-0_10-plugins-bad-0.10.23-25.1
SUSE Linux Enterprise Desktop 12 SP2:gstreamer-0_10-plugins-bad-lang-0.10.23-25.1
SUSE Linux Enterprise Desktop 12 SP2:libgstbasecamerabinsrc-0_10-23-0.10.23-25.1
SUSE Linux Enterprise Desktop 12 SP2:libgstbasecamerabinsrc-0_10-23-32bit-0.10.23-25.1
SUSE Linux Enterprise Desktop 12 SP2:libgstbasevideo-0_10-23-0.10.23-25.1
SUSE Linux Enterprise Desktop 12 SP2:libgstbasevideo-0_10-23-32bit-0.10.23-25.1
SUSE Linux Enterprise Desktop 12 SP2:libgstcodecparsers-0_10-23-0.10.23-25.1
SUSE Linux Enterprise Desktop 12 SP2:libgstphotography-0_10-23-0.10.23-25.1
SUSE Linux Enterprise Desktop 12 SP2:libgstphotography-0_10-23-32bit-0.10.23-25.1
SUSE Linux Enterprise Desktop 12 SP2:libgstsignalprocessor-0_10-23-0.10.23-25.1
SUSE Linux Enterprise Desktop 12 SP2:libgstsignalprocessor-0_10-23-32bit-0.10.23-25.1
SUSE Linux Enterprise Desktop 12 SP2:libgstvdp-0_10-23-0.10.23-25.1
SUSE Linux Enterprise Desktop 12 SP2:libgstvdp-0_10-23-32bit-0.10.23-25.1
SUSE Linux Enterprise Software Development Kit 12 SP2:gstreamer-0_10-plugins-bad-devel-0.10.23-25.1
SUSE Linux Enterprise Software Development Kit 12 SP2:libgstbasecamerabinsrc-0_10-23-0.10.23-25.1
SUSE Linux Enterprise Software Development Kit 12 SP2:libgstbasevideo-0_10-23-0.10.23-25.1
SUSE Linux Enterprise Software Development Kit 12 SP2:libgstcodecparsers-0_10-23-0.10.23-25.1
SUSE Linux Enterprise Software Development Kit 12 SP2:libgstphotography-0_10-23-0.10.23-25.1
SUSE Linux Enterprise Software Development Kit 12 SP2:libgstsignalprocessor-0_10-23-0.10.23-25.1
SUSE Linux Enterprise Software Development Kit 12 SP2:libgstvdp-0_10-23-0.10.23-25.1
SUSE Linux Enterprise Workstation Extension 12 SP2:gstreamer-0_10-plugins-bad-0.10.23-25.1
SUSE Linux Enterprise Workstation Extension 12 SP2:gstreamer-0_10-plugins-bad-lang-0.10.23-25.1
SUSE Linux Enterprise Workstation Extension 12 SP2:libgstbasecamerabinsrc-0_10-23-0.10.23-25.1
SUSE Linux Enterprise Workstation Extension 12 SP2:libgstbasecamerabinsrc-0_10-23-32bit-0.10.23-25.1
SUSE Linux Enterprise Workstation Extension 12 SP2:libgstbasevideo-0_10-23-0.10.23-25.1
SUSE Linux Enterprise Workstation Extension 12 SP2:libgstbasevideo-0_10-23-32bit-0.10.23-25.1
SUSE Linux Enterprise Workstation Extension 12 SP2:libgstcodecparsers-0_10-23-0.10.23-25.1
SUSE Linux Enterprise Workstation Extension 12 SP2:libgstphotography-0_10-23-0.10.23-25.1
SUSE Linux Enterprise Workstation Extension 12 SP2:libgstphotography-0_10-23-32bit-0.10.23-25.1
SUSE Linux Enterprise Workstation Extension 12 SP2:libgstsignalprocessor-0_10-23-0.10.23-25.1
SUSE Linux Enterprise Workstation Extension 12 SP2:libgstsignalprocessor-0_10-23-32bit-0.10.23-25.1
SUSE Linux Enterprise Workstation Extension 12 SP2:libgstvdp-0_10-23-0.10.23-25.1
SUSE Linux Enterprise Workstation Extension 12 SP2:libgstvdp-0_10-23-32bit-0.10.23-25.1
moderate
4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2017/suse-su-20170330-1/
https://www.suse.com/security/cve/CVE-2016-9809.html
CVE-2016-9809
https://bugzilla.suse.com/1013659
SUSE Bug 1013659