Security update for gstreamer-plugins-good
This update for gstreamer-plugins-good fixes the following security issues:
- CVE-2016-9807: Flic decoder invalid read could lead to crash. (bsc#1013655)
- CVE-2016-9634: Flic out-of-bounds write could lead to code execution. (bsc#1012102)
- CVE-2016-9635: Flic out-of-bounds write could lead to code execution. (bsc#1012103)
- CVE-2016-9635: Flic out-of-bounds write could lead to code execution. (bsc#1012104)
- CVE-2016-9808: A maliciously crafted flic file can still cause invalid memory accesses. (bsc#1013653)
- CVE-2016-9810: A maliciously crafted flic file can still cause invalid memory accesses. (bsc#1013663)
This update was imported from the SUSE:SLE-12-SP2:Update update project.
-
Submitted by
Yifan Jiang (yfjiang)
Fixed bugs
bnc#1013655
VUL-0: CVE-2016-9807: gstreamer-plugins-good: flic decoder invalid read
bnc#1012102
VUL-0: CVE-2016-9634: gstreamer-plugins-good: out-of-bounds write 1
bnc#1012103
VUL-0: CVE-2016-9635: gstreamer-plugins-good: out-of-bounds write 2
bnc#1013653
VUL-0: CVE-2016-9808: gstreamer-plugins-good: still a bug in flic decoder
bnc#1012104
VUL-0: CVE-2016-9635: gstreamer-plugins-good: out-of-bounds write 3
bnc#1013663
VUL-0: CVE-2016-9810: gstreamer-plugins-good: flxdec: Unreferences itself one time too many on invalid files
