AVG-166 log

Package gst-plugins-ugly
Status Fixed
Severity Low
Type denial of service
Affected 1.10.2-1
Fixed 1.10.3-1
Current 1.24.9-3 [extra]
Ticket None
Created Thu Feb 2 21:34:46 2017
Issue Severity Remote Type Description
CVE-2017-5847 Low Yes Denial of service
An out-of-bounds read has been found in gstreamer before 1.10.3, in gst_asf_demux_process_ext_content_desc.
CVE-2017-5846 Low Yes Denial of service
An out-of-bounds read has been found in gstreamer before 1.10.3, in gst_asf_demux_process_ext_stream_props.
Date Advisory Package Type
03 Feb 2017 ASA-201702-6 gst-plugins-ugly denial of service
References
http://seclists.org/oss-sec/2017/q1/284