Security update for gstreamer-plugins-base
This update for gstreamer-plugins-base fixes the following security issues:
- A crafted AVI file could have caused a floating point exception leading to
DoS (bsc#1024076, CVE-2017-5837, bsc#1024079, CVE-2017-5844)
- A crafted AVI file could have caused a stack overflow leading to DoS
(bsc#1024047, CVE-2017-5839)
- A crafted SAMI subtitle file could have caused an invalid memory access
possibly leading to DoS or corruption (bsc#1024041, CVE-2017-5842)
This update was imported from the SUSE:SLE-12-SP2:Update update project.
-
Submitted by
Antonio Larrosa (alarrosa)
Fixed bugs
bnc#1024079
VUL-1: CVE-2017-5844: gstreamer-0_10-plugins-base,gstreamer-plugins-base: Floating point exception in gst_riff_create_audio_caps (follow-up)
bnc#1024047
VUL-1: CVE-2017-5839: gstreamer-plugins-base: Stack overflow in gst_riff_create_audio_caps
bnc#1024041
VUL-1: CVE-2017-5842: gstreamer-plugins-base: Out-of-bounds heap read in html_context_handle_element
bnc#1024076
VUL-1: CVE-2017-5837: gstreamer-0_10-plugins-base,gstreamer-plugins-base: Floating point exception in gst_riff_create_audio_caps
