Oval Definition:	oval:com.redhat.rhsa:def:20162974
Revision Date: 2016-12-21 Version: 640 Title: RHSA-2016:2974: gstreamer-plugins-bad-free security update (Important) Description: GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fix(es): An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer's VMware VMnc video file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9445) A memory corruption flaw was found in GStreamer's Nintendo NSF music file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9447) Note: This updates removes the vulnerable Nintendo NSF plug-in. Family: unix Class: patch Status: Reference(s): CVE-2016-9445 CVE-2016-9447 RHSA-2016:2974 RHSA-2016:2974-00 RHSA-2016:2974-01 RHSA-2016:2974-01 Platform(s): Red Hat Enterprise Linux 6 Product(s): Definition Synopsis Red Hat Enterprise Linux must be installed OR Package Information Red Hat Enterprise Linux 6 is installed AND gstreamer-plugins-bad-free is earlier than 0:0.10.19-5.el6_8 AND gstreamer-plugins-bad-free is signed with Red Hat redhatrelease2 key gstreamer-plugins-bad-free-devel is earlier than 0:0.10.19-5.el6_8 AND gstreamer-plugins-bad-free-devel is signed with Red Hat redhatrelease2 key gstreamer-plugins-bad-free-devel-docs is earlier than 0:0.10.19-5.el6_8 AND gstreamer-plugins-bad-free-devel-docs is signed with Red Hat redhatrelease2 key gstreamer-plugins-bad-free-extras is earlier than 0:0.10.19-5.el6_8 AND gstreamer-plugins-bad-free-extras is signed with Red Hat redhatrelease2 key
BACK