AVG-165 log
| Package | gst-plugins-bad |
| Status | Fixed |
| Severity | Critical |
| Type | multiple issues |
| Affected | 1.10.2-1 |
| Fixed | 1.10.3-1 |
| Current | 1.24.9-3 [extra] |
| Ticket | None |
| Created | Thu Feb 2 21:34:43 2017 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2017-5848 | Low | Yes | Denial of service | An out-of-bounds read has been found in gstreamer before 1.10.3, in gst_ps_demux_parse_psm. |
| CVE-2017-5843 | Critical | Yes | Arbitrary code execution | A double-free issue has been found in gstreamer before 1.10.3, in gst_mxf_demux_update_essence_tracks. |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 03 Feb 2017 | ASA-201702-5 | gst-plugins-bad | multiple issues |
| References |
|---|
http://seclists.org/oss-sec/2017/q1/284 |