AVG-163 log

Package gst-plugins-good
Status Fixed
Severity Low
Type denial of service
Affected 1.10.2-1
Fixed 1.10.3-1
Current 1.24.2-2 [extra-testing]
1.24.1-2 [extra]
Ticket None
Created Thu Feb 2 21:34:33 2017
Issue Severity Remote Type Description
CVE-2017-5845 Low Yes Denial of service 
An out-of-bounds read has been found in gstreamer before 1.10.3, in gst_avi_demux_parse_ncdt.
CVE-2017-5841 Low Yes Denial of service 
An out-of-bounds read has been found in gstreamer before 1.10.3, in gst_avi_demux_parse_ncdt.
CVE-2017-5840 Low Yes Denial of service 
An out-of-bounds read has been found in gstreamer before 1.10.3, in qtdemux_parse_samples.
CVE-2016-10199 Low Yes Denial of service 
An out of bounds read has been found in gstreamer before 1.10.3, in qtdemux_tag_add_str_full.
CVE-2016-10198 Low Yes Denial of service 
An invalid memory read flaw has been found in gstreamer before 1.10.3, in gst_aac_parse_sink_setcaps.
Date Advisory Package Type
03 Feb 2017 ASA-201702-3 gst-plugins-good denial of service
References 
http://seclists.org/oss-sec/2017/q1/284