RHSA-2009:0271: Important: gstreamer-plugins-good security update
First published: Fri Feb 06 2009(Updated: )
GStreamer is a streaming media framework, based on graphs of filters which<br>operate on media data. GStreamer Good Plug-ins is a collection of<br>well-supported, GStreamer plug-ins of good quality released under the LGPL<br>license.<br>Multiple heap buffer overflows and an array indexing error were found in<br>the GStreamer's QuickTime media file format decoding plugin. An attacker<br>could create a carefully-crafted QuickTime media .mov file that would cause<br>an application using GStreamer to crash or, potentially, execute arbitrary<br>code if played by a victim. (CVE-2009-0386, CVE-2009-0387, CVE-2009-0397)<br>All users of gstreamer-plugins-good are advised to upgrade to these updated<br>packages, which contain backported patches to correct these issues. After<br>installing the update, all applications using GStreamer (such as totem or<br>rhythmbox) must be restarted for the changes to take effect.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/gstreamer-plugins-good | <0.10.9-1.el5_3.1 | 0.10.9-1.el5_3.1 |
| redhat/gstreamer-plugins-good | <0.10.9-1.el5_3.1 | 0.10.9-1.el5_3.1 |
| redhat/gstreamer-plugins-good-devel | <0.10.9-1.el5_3.1 | 0.10.9-1.el5_3.1 |
| redhat/gstreamer-plugins-good-devel | <0.10.9-1.el5_3.1 | 0.10.9-1.el5_3.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/title
- agent/type
- agent/weakness
- collector/redhat-errata
- source/Red Hat
- anchor-id/RHSA-2009:0271
- agent/software-canonical-lookup
- package-manager/redhat