UbuntuUpdates.org

Package "gst-plugins-base1.0"

Name: gst-plugins-base1.0

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Description: GObject introspection data for the GStreamer Plugins Base library
  • GStreamer plugin for ALSA
  • GStreamer plugins from the "base" set
  • GStreamer helper programs from the "base" set
Latest version: 1.2.4-1~ubuntu2.1
Release: trusty (14.04)
Level: security
Repository: main

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "gst-plugins-base1.0" in Trusty

Repository Area Version
base main 1.2.3-1
updates main 1.2.4-1~ubuntu2.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1.2.4-1~ubuntu2.1 2017-03-27 18:06:58 UTC

  gst-plugins-base1.0 (1.2.4-1~ubuntu2.1) trusty-security; urgency=medium

  * SECURITY UPDATE: DoS in windows_icon_typefind
    - debian/patches/CVE-2016-9811.patch: add bounds check in
      gst/typefind/gsttypefindfunctions.c.
    - CVE-2016-9811
  * SECURITY UPDATE: DoS in gst_riff_create_audio_caps
    - debian/patches/CVE-2017-5837.patch: check for valid channels/rate in
      gst-libs/gst/riff/riff-media.c.
    - CVE-2017-5837
  * SECURITY UPDATE: DoS in gst_riff_create_audio_caps
    - debian/patches/CVE-2017-5839.patch: fix infinite recursion in
      gst-libs/gst/riff/riff-media.c.
    - CVE-2017-5839
  * SECURITY UPDATE: DoS in html_context_handle_element
    - debian/patches/CVE-2017-5842.patch: check for non-zero length in
      gst/subparse/samiparse.c.
    - CVE-2017-5842
  * SECURITY UPDATE: DoS in gst_riff_create_audio_caps
    - debian/patches/CVE-2017-5844.patch: fix divide by zero in
      gst-libs/gst/riff/riff-media.c.
    - CVE-2017-5844

 -- Marc Deslauriers <email address hidden> Thu, 23 Mar 2017 13:04:52 -0400
CVE-2016-9811 The windows_icon_typefind function in gst-plugins-base in GStreamer before 1.10.2, when G_SLICE is set to always-malloc, allows remote attackers to c
CVE-2017-5837 The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to c
CVE-2017-5839 The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 does not properly limit recu
CVE-2017-5842 The html_context_handle_element function in gst/subparse/samiparse.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause
CVE-2017-5844 The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to c


About   -   Send Feedback to @ubuntu_updates