File _patchinfo of Package patchinfo.3929

<patchinfo incident="3929">
  <issue id="1013655" tracker="bnc">VUL-0: CVE-2016-9807: gstreamer-plugins-good: flic decoder invalid read</issue>
  <issue id="1012102" tracker="bnc">VUL-0: CVE-2016-9634: gstreamer-plugins-good: out-of-bounds write 1</issue>
  <issue id="1012103" tracker="bnc">VUL-0: CVE-2016-9635: gstreamer-plugins-good: out-of-bounds write 2</issue>
  <issue id="1013653" tracker="bnc">VUL-0: CVE-2016-9808: gstreamer-plugins-good: still a bug in flic decoder</issue>
  <issue id="1012104" tracker="bnc">VUL-0: CVE-2016-9635: gstreamer-plugins-good: out-of-bounds write 3</issue>
  <issue id="1013663" tracker="bnc">VUL-0: CVE-2016-9810: gstreamer-plugins-good: flxdec: Unreferences itself one time too many on invalid files</issue>
  <issue id="2016-9635" tracker="cve" />
  <issue id="2016-9634" tracker="cve" />
  <issue id="2016-9636" tracker="cve" />
  <issue id="2016-9810" tracker="cve" />
  <issue id="2016-9807" tracker="cve" />
  <issue id="2016-9808" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>mgorse</packager>
  <description>
gstreamer-0_10-plugins-good was updated to fix five security issues.

These security issues were fixed:

- CVE-2016-9635: Invalid FLIC files could have caused and an out-of-bounds write (bsc#1012103).
- CVE-2016-9634: Invalid FLIC files could have caused and an out-of-bounds write (bsc#1012102).
- CVE-2016-9810: Invalid files can be used to extraneous unreferences, leading to invalid memory access and DoS (bsc#1013663).
- CVE-2016-9807: Prevent the reading of invalid memory in flx_decode_chunks, leading to DoS (bsc#1013655).
- CVE-2016-9808: Prevent maliciously crafted flic files from causing invalid memory accesses (bsc#1013653).

To install this update libbz2-1 needs to be installed if it isn't already present on the system.
</description>
  <summary>Security update for gstreamer-0_10-plugins-good</summary>
</patchinfo>