Security update for gstreamer-0_10-plugins-good
This update for gstreamer-0_10-plugins-good fixes the following issues:
- CVE-2016-9634: Invalid FLIC files could have caused and an out-of-bounds write (bsc#1012102)
- CVE-2016-9635: Invalid FLIC files could have caused and an out-of-bounds write (bsc#1012103)
- CVE-2016-9636: Prevent maliciously crafted flic files from causing invalid memory writes (bsc#1012104)
- CVE-2016-9807: Prevent the reading of invalid memory in flx_decode_chunks, leading to DoS (bsc#1013655)
- CVE-2016-9808: Prevent maliciously crafted flic files from causing invalid memory accesses (bsc#1013653)
- CVE-2016-9810: Invalid files can be used to extraneous unreferences, leading to invalid memory access and DoS (bsc#1013663)
-
Submitted by
Michael Gorse (mgorse)
Fixed bugs
bnc#1013655
VUL-0: CVE-2016-9807: gstreamer-plugins-good: flic decoder invalid read
bnc#1012102
VUL-0: CVE-2016-9634: gstreamer-plugins-good: out-of-bounds write 1
bnc#1012103
VUL-0: CVE-2016-9635: gstreamer-plugins-good: out-of-bounds write 2
bnc#1013653
VUL-0: CVE-2016-9808: gstreamer-plugins-good: still a bug in flic decoder
bnc#1012104
VUL-0: CVE-2016-9635: gstreamer-plugins-good: out-of-bounds write 3
bnc#1013663
VUL-0: CVE-2016-9810: gstreamer-plugins-good: flxdec: Unreferences itself one time too many on invalid files
