Overview

File _patchinfo of Package patchinfo.4238

<patchinfo incident="4238">
  <issue id="1024034" tracker="bnc">VUL-1: CVE-2017-5840: gstreamer-plugins-good: Out of bounds heap read in qtdemux_parse_samples</issue>
  <issue id="1024017" tracker="bnc">VUL-1: CVE-2016-10199 gstreamer-plugins-good: Out of bounds read in qtdemux_tag_add_str_full</issue>
  <issue id="1024014" tracker="bnc">VUL-1: CVE-2016-10198: gstreamer-plugins-good: Invalid memory read in gst_aac_parse_sink_setcaps</issue>
  <issue id="2016-10199" tracker="cve" />
  <issue id="2016-10198" tracker="cve" />
  <issue id="2017-5840" tracker="cve" />
  <category>security</category>
  <rating>low</rating>
  <packager>alarrosa</packager>
  <description>
This update for gstreamer-plugins-good fixes the following issues:

- A crafted aac audio file could have caused an invalid read and thus
  corruption or denial of service (bsc#1024014, CVE-2016-10198)
- A crafted mp4 file could have caused an invalid read and thus corruption or
  denial of service (bsc#1024017, CVE-2016-10199)
- A crafted avi file could have caused an invalid read and thus corruption or
  denial of service (bsc#1024034, CVE-2017-5840)
</description>
  <summary>Security update for gstreamer-plugins-good</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places