Security update for gstreamer-0_10-plugins-bad
This update for gstreamer-0_10-plugins-bad fixes the following issues:
- Maliciously crafted VMnc files (VMWare video format) could lead to crashes
(CVE-2016-9445, CVE-2016-9446, boo#1010829).
- Maliciously crafted NSF files (NES sound format) could lead to arbitrary
code execution (CESA-2016-0001, boo#1010514). Therefore for security reasons
the NSF plugin has been removed from the package.
-
Submitted by
Adrien Plazas (aplazas)
Fixed bugs
bnc#1010829
VUL-0: CVE-2016-9445 CVE-2016-9446: gstreamer-plugins-bad: code execution during VMNC decoding
bnc#1010514
VUL-0: CVE-2016-9447: gstreamer-0_10-plugins-bad: Missing bounds checks for NSF music file
