[SECURITY] Fedora 10 Update: gstreamer-plugins-good-0.10.13-1.fc10
updates at fedoraproject.org
updates at fedoraproject.org
Tue Feb 24 20:57:18 UTC 2009
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2009-1213
2009-02-05 01:15:47
--------------------------------------------------------------------------------
Name : gstreamer-plugins-good
Product : Fedora 10
Version : 0.10.13
Release : 1.fc10
URL : http://gstreamer.freedesktop.org/
Summary : GStreamer plug-ins with good code and licensing
Description :
GStreamer is a streaming media framework, based on graphs of filters which
operate on media data. Applications using this library can do anything
from real-time sound processing to playing videos, and just about anything
else media-related. Its plugin-based architecture means that new data
types or processing capabilities can be added simply by installing new
plug-ins.
GStreamer Good Plug-ins is a collection of well-supported plug-ins of
good quality and under the LGPL license.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 26 2009 - Bastien Nocera <bnocera at redhat.com> - 0.10.13-1
- Update to 0.10.13
- Update libv4l patch
* Wed Jan 14 2009 Warren Togami <wtogami at redhat.com> 0.10.11-4
- Bug #477877 Fix multilib conflict in -devel
- Bug #478449 Fix ladspa on lib64
* Wed Jan 14 2009 Lennart Poettering <lpoetter at redhat.com> 0.10.11-3
- Bug #470000 Fix thread/memleak due to ref-loop
* Tue Jan 13 2009 Bastien Nocera <bnocera at redhat.com> - 0.10.11-2
- Avoid pulsesink hang when PulseAudio disappears
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #481267 - gstreamer-plugins, gstreamer-plugins-good: heap-based buffer overflows / an array index out of bounds vulnerability while parsing malformed QuickTime media files
https://bugzilla.redhat.com/show_bug.cgi?id=481267
[ 2 ] Bug #483736 - CVE-2009-0386 gstreamer-plugins-good: heap-based buffer overflow while parsing malformed QuickTime media files via crafted Composition Time To Sample (aka ctts) atom data
https://bugzilla.redhat.com/show_bug.cgi?id=483736
[ 3 ] Bug #483737 - CVE-2009-0387 gstreamer-plugins-good: Array index error while parsing malformed QuickTime media files via crafted Sync Sample (aka stss) atom data
https://bugzilla.redhat.com/show_bug.cgi?id=483737
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update gstreamer-plugins-good' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list