RHSA-2009:0352-01 -- Redhat gstreamer-plugins-base
|ID: oval:org.secpod.oval:def:500656||Date: (C)2012-01-31 (M)2017-10-04|
|Class: PATCH||Family: unix|
GStreamer is a streaming media framework based on graphs of filters which operate on media data. GStreamer Base Plug-ins is a collection of well-maintained base plug-ins. An integer overflow flaw which caused a heap-based buffer overflow was discovered in the Vorbis comment tags reader. An attacker could create a carefully-crafted Vorbis file that would cause an application using GStreamer to crash or, potentially, execute arbitrary code if opened by a victim. All users of gstreamer-plugins-base are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, all applications using GStreamer must be restarted for the changes to take effect.
|Red Hat Enterprise Linux 5|