[SECURITY] Fedora 10 Update: gstreamer-plugins-good-0.10.13-1.fc10

updates at fedoraproject.org updates at fedoraproject.org
Tue Feb 24 20:57:18 UTC 2009 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2009-1213
2009-02-05 01:15:47
--------------------------------------------------------------------------------

Name        : gstreamer-plugins-good
Product     : Fedora 10
Version     : 0.10.13
Release     : 1.fc10
URL         : http://gstreamer.freedesktop.org/
Summary     : GStreamer plug-ins with good code and licensing
Description :
GStreamer is a streaming media framework, based on graphs of filters which
operate on media data. Applications using this library can do anything
from real-time sound processing to playing videos, and just about anything
else media-related.  Its plugin-based architecture means that new data
types or processing capabilities can be added simply by installing new
plug-ins.

GStreamer Good Plug-ins is a collection of well-supported plug-ins of
good quality and under the LGPL license.

--------------------------------------------------------------------------------
ChangeLog:

* Mon Jan 26 2009 - Bastien Nocera <bnocera at redhat.com> - 0.10.13-1
- Update to 0.10.13
- Update libv4l patch
* Wed Jan 14 2009 Warren Togami <wtogami at redhat.com> 0.10.11-4
- Bug #477877 Fix multilib conflict in -devel
- Bug #478449 Fix ladspa on lib64
* Wed Jan 14 2009 Lennart Poettering <lpoetter at redhat.com> 0.10.11-3
- Bug #470000 Fix thread/memleak due to ref-loop
* Tue Jan 13 2009 Bastien Nocera <bnocera at redhat.com> - 0.10.11-2
- Avoid pulsesink hang when PulseAudio disappears
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #481267 - gstreamer-plugins, gstreamer-plugins-good: heap-based buffer overflows / an array index out of bounds vulnerability while parsing malformed QuickTime media files
        https://bugzilla.redhat.com/show_bug.cgi?id=481267
  [ 2 ] Bug #483736 - CVE-2009-0386 gstreamer-plugins-good: heap-based buffer overflow while parsing malformed QuickTime media files via crafted Composition Time To Sample (aka ctts) atom data
        https://bugzilla.redhat.com/show_bug.cgi?id=483736
  [ 3 ] Bug #483737 - CVE-2009-0387 gstreamer-plugins-good: Array index error while parsing malformed QuickTime media files via crafted Sync Sample (aka stss) atom data
        https://bugzilla.redhat.com/show_bug.cgi?id=483737
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update gstreamer-plugins-good' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------

More information about the package-announce mailing list