Univention Bugzilla – Bug 44417
gst-plugins-base1.0: multiple issues (4.2)
Last modified: 2018-02-14 13:31:34 CET
Upstream Debian package version 1.4.4-2+deb8u1 fixes these issues: * 4 byte heap out of bounds read in windows_icon_typefind (CVE-2016-9811) * The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (floating point exception and crash) via a crafted video file. (CVE-2017-5837) * The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 does not properly limit recursion, which allows remote attackers to cause a denial of service (stack overflow and crash) via vectors involving nested WAVEFORMATEX. (CVE-2017-5839) * The html_context_handle_element function in gst/subparse/samiparse.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted SMI file, as demonstrated by OneNote_Manager.smi. (CVE-2017-5842) * The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (floating point exception and crash) via a crafted ASF file. (CVE-2017-5844)
Mass-import from Debian-Security: python -m univention.repong.^Cbmirror -s jessie -r 4.2-3 --override=$HOME/REPOS/repo-ng/mirror/update_ucs42_mirror_from_debian.yml --errata=doc/errata --sql --process=ALL -vvvv --now=201801211553 YAML: git:bd6159834a..449aa5a7cf
YAML: OK Build: OK (No patches) Tests: OK - installation works
<http://errata.software-univention.de/ucs/4.2/297.html>