Overview

File _patchinfo of Package patchinfo.4247

<patchinfo incident="4247">
  <issue id="1024079" tracker="bnc">VUL-1: CVE-2017-5844: gstreamer-0_10-plugins-base,gstreamer-plugins-base: Floating point exception in gst_riff_create_audio_caps (follow-up)</issue>
  <issue id="1024047" tracker="bnc">VUL-1: CVE-2017-5839: gstreamer-plugins-base: Stack overflow in gst_riff_create_audio_caps</issue>
  <issue id="1024041" tracker="bnc">VUL-1: CVE-2017-5842: gstreamer-plugins-base: Out-of-bounds heap read in html_context_handle_element</issue>
  <issue id="1024076" tracker="bnc">VUL-1: CVE-2017-5837: gstreamer-0_10-plugins-base,gstreamer-plugins-base:  Floating point exception in gst_riff_create_audio_caps</issue>
  <issue id="2017-5839" tracker="cve" />
  <issue id="2017-5842" tracker="cve" />
  <issue id="2017-5844" tracker="cve" />
  <issue id="2017-5837" tracker="cve" />
  <category>security</category>
  <rating>low</rating>
  <packager>alarrosa</packager>
  <description>
This update for gstreamer-plugins-base fixes the following security issues:

- A crafted AVI file could have caused a floating point exception leading to
  DoS (bsc#1024076, CVE-2017-5837, bsc#1024079, CVE-2017-5844)
- A crafted AVI file could have caused a stack overflow leading to DoS
  (bsc#1024047, CVE-2017-5839)
- A crafted SAMI subtitle file could have caused an invalid memory access
  possibly leading to DoS or corruption (bsc#1024041, CVE-2017-5842)
</description>
  <summary>Security update for gstreamer-plugins-base</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places