- Issued:
- 2016-12-21
- Updated:
- 2016-12-21
RHSA-2016:2975 - Security Advisory
Synopsis
Important: gstreamer-plugins-good security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An update for gstreamer-plugins-good is now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer-plugins-good packages contain a collection of well-supported plug-ins of good quality and under the LGPL license.
Security Fix(es):
- Multiple flaws were discovered in GStreamer's FLC/FLI/FLX media file format decoding plug-in. A remote attacker could use these flaws to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9634, CVE-2016-9635, CVE-2016-9636, CVE-2016-9808)
- An invalid memory read access flaw was found in GStreamer's FLC/FLI/FLX media file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash. (CVE-2016-9807)
Note: This updates removes the vulnerable FLC/FLI/FLX plug-in.
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
Affected Products
- Red Hat Enterprise Linux Server 6 x86_64
- Red Hat Enterprise Linux Server 6 i386
- Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 x86_64
- Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 i386
- Red Hat Enterprise Linux Workstation 6 x86_64
- Red Hat Enterprise Linux Workstation 6 i386
- Red Hat Enterprise Linux Desktop 6 x86_64
- Red Hat Enterprise Linux Desktop 6 i386
- Red Hat Enterprise Linux for IBM z Systems 6 s390x
- Red Hat Enterprise Linux for Power, big endian 6 ppc64
- Red Hat Enterprise Linux for Scientific Computing 6 x86_64
- Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6 s390x
Fixes
- BZ - 1397441 - CVE-2016-9634 CVE-2016-9635 CVE-2016-9636 CVE-2016-9808 gstreamer-plugins-good: Heap buffer overflow in FLIC decoder
- BZ - 1401874 - CVE-2016-9807 gstreamer-plugins-good: Invalid memory read in flx_decode_chunks
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux Server 6
| SRPM | |
|---|---|
| gstreamer-plugins-good-0.10.23-4.el6_8.src.rpm | SHA-256: 90958fe61c4b009411e1d5d087094f6f12688717809399ce495479c202e7944c |
| x86_64 | |
| gstreamer-plugins-good-0.10.23-4.el6_8.i686.rpm | SHA-256: 2ec524bf5c19420ec89a1ed87a7b6c660244cc424a2e82d289cc7dcb015cad13 |
| gstreamer-plugins-good-0.10.23-4.el6_8.x86_64.rpm | SHA-256: 2f9da36e257e5b42c61e621afd43516f71fdc7ce3767ecabb8af5ffec111c7de |
| gstreamer-plugins-good-debuginfo-0.10.23-4.el6_8.i686.rpm | SHA-256: 2439d08bfd08311b91f05f2d2ffc54a79eb95b1b0fb9d5776cc2e31b3bd58dc9 |
| gstreamer-plugins-good-debuginfo-0.10.23-4.el6_8.i686.rpm | SHA-256: 2439d08bfd08311b91f05f2d2ffc54a79eb95b1b0fb9d5776cc2e31b3bd58dc9 |
| gstreamer-plugins-good-debuginfo-0.10.23-4.el6_8.x86_64.rpm | SHA-256: 02db947ff4e203bd9aa9f436f846f4131b7ab6ea93988e59c557afde3a993113 |
| gstreamer-plugins-good-debuginfo-0.10.23-4.el6_8.x86_64.rpm | SHA-256: 02db947ff4e203bd9aa9f436f846f4131b7ab6ea93988e59c557afde3a993113 |
| gstreamer-plugins-good-devel-0.10.23-4.el6_8.i686.rpm | SHA-256: 50cebd56147ab83d768d889f000170334f65e18898d3583317bc27f452621d31 |
| gstreamer-plugins-good-devel-0.10.23-4.el6_8.x86_64.rpm | SHA-256: 53e54b697cc8c93b3b7e5be3ad67c9ab73e1a9fd206b33d159c3dd6cab45302b |
| i386 | |
| gstreamer-plugins-good-0.10.23-4.el6_8.i686.rpm | SHA-256: 2ec524bf5c19420ec89a1ed87a7b6c660244cc424a2e82d289cc7dcb015cad13 |
| gstreamer-plugins-good-debuginfo-0.10.23-4.el6_8.i686.rpm | SHA-256: 2439d08bfd08311b91f05f2d2ffc54a79eb95b1b0fb9d5776cc2e31b3bd58dc9 |
| gstreamer-plugins-good-debuginfo-0.10.23-4.el6_8.i686.rpm | SHA-256: 2439d08bfd08311b91f05f2d2ffc54a79eb95b1b0fb9d5776cc2e31b3bd58dc9 |
| gstreamer-plugins-good-devel-0.10.23-4.el6_8.i686.rpm | SHA-256: 50cebd56147ab83d768d889f000170334f65e18898d3583317bc27f452621d31 |
Red Hat Enterprise Linux Server - Extended Life Cycle Support 6
| SRPM | |
|---|---|
| gstreamer-plugins-good-0.10.23-4.el6_8.src.rpm | SHA-256: 90958fe61c4b009411e1d5d087094f6f12688717809399ce495479c202e7944c |
| x86_64 | |
| gstreamer-plugins-good-0.10.23-4.el6_8.i686.rpm | SHA-256: 2ec524bf5c19420ec89a1ed87a7b6c660244cc424a2e82d289cc7dcb015cad13 |
| gstreamer-plugins-good-0.10.23-4.el6_8.x86_64.rpm | SHA-256: 2f9da36e257e5b42c61e621afd43516f71fdc7ce3767ecabb8af5ffec111c7de |
| gstreamer-plugins-good-debuginfo-0.10.23-4.el6_8.i686.rpm | SHA-256: 2439d08bfd08311b91f05f2d2ffc54a79eb95b1b0fb9d5776cc2e31b3bd58dc9 |
| gstreamer-plugins-good-debuginfo-0.10.23-4.el6_8.i686.rpm | SHA-256: 2439d08bfd08311b91f05f2d2ffc54a79eb95b1b0fb9d5776cc2e31b3bd58dc9 |
| gstreamer-plugins-good-debuginfo-0.10.23-4.el6_8.x86_64.rpm | SHA-256: 02db947ff4e203bd9aa9f436f846f4131b7ab6ea93988e59c557afde3a993113 |
| gstreamer-plugins-good-debuginfo-0.10.23-4.el6_8.x86_64.rpm | SHA-256: 02db947ff4e203bd9aa9f436f846f4131b7ab6ea93988e59c557afde3a993113 |
| gstreamer-plugins-good-devel-0.10.23-4.el6_8.i686.rpm | SHA-256: 50cebd56147ab83d768d889f000170334f65e18898d3583317bc27f452621d31 |
| gstreamer-plugins-good-devel-0.10.23-4.el6_8.x86_64.rpm | SHA-256: 53e54b697cc8c93b3b7e5be3ad67c9ab73e1a9fd206b33d159c3dd6cab45302b |
| i386 | |
| gstreamer-plugins-good-0.10.23-4.el6_8.i686.rpm | SHA-256: 2ec524bf5c19420ec89a1ed87a7b6c660244cc424a2e82d289cc7dcb015cad13 |
| gstreamer-plugins-good-debuginfo-0.10.23-4.el6_8.i686.rpm | SHA-256: 2439d08bfd08311b91f05f2d2ffc54a79eb95b1b0fb9d5776cc2e31b3bd58dc9 |
| gstreamer-plugins-good-debuginfo-0.10.23-4.el6_8.i686.rpm | SHA-256: 2439d08bfd08311b91f05f2d2ffc54a79eb95b1b0fb9d5776cc2e31b3bd58dc9 |
| gstreamer-plugins-good-devel-0.10.23-4.el6_8.i686.rpm | SHA-256: 50cebd56147ab83d768d889f000170334f65e18898d3583317bc27f452621d31 |
Red Hat Enterprise Linux Workstation 6
| SRPM | |
|---|---|
| gstreamer-plugins-good-0.10.23-4.el6_8.src.rpm | SHA-256: 90958fe61c4b009411e1d5d087094f6f12688717809399ce495479c202e7944c |
| x86_64 | |
| gstreamer-plugins-good-0.10.23-4.el6_8.i686.rpm | SHA-256: 2ec524bf5c19420ec89a1ed87a7b6c660244cc424a2e82d289cc7dcb015cad13 |
| gstreamer-plugins-good-0.10.23-4.el6_8.x86_64.rpm | SHA-256: 2f9da36e257e5b42c61e621afd43516f71fdc7ce3767ecabb8af5ffec111c7de |
| gstreamer-plugins-good-debuginfo-0.10.23-4.el6_8.i686.rpm | SHA-256: 2439d08bfd08311b91f05f2d2ffc54a79eb95b1b0fb9d5776cc2e31b3bd58dc9 |
| gstreamer-plugins-good-debuginfo-0.10.23-4.el6_8.i686.rpm | SHA-256: 2439d08bfd08311b91f05f2d2ffc54a79eb95b1b0fb9d5776cc2e31b3bd58dc9 |
| gstreamer-plugins-good-debuginfo-0.10.23-4.el6_8.x86_64.rpm | SHA-256: 02db947ff4e203bd9aa9f436f846f4131b7ab6ea93988e59c557afde3a993113 |
| gstreamer-plugins-good-debuginfo-0.10.23-4.el6_8.x86_64.rpm | SHA-256: 02db947ff4e203bd9aa9f436f846f4131b7ab6ea93988e59c557afde3a993113 |
| gstreamer-plugins-good-devel-0.10.23-4.el6_8.i686.rpm | SHA-256: 50cebd56147ab83d768d889f000170334f65e18898d3583317bc27f452621d31 |
| gstreamer-plugins-good-devel-0.10.23-4.el6_8.x86_64.rpm | SHA-256: 53e54b697cc8c93b3b7e5be3ad67c9ab73e1a9fd206b33d159c3dd6cab45302b |
| i386 | |
| gstreamer-plugins-good-0.10.23-4.el6_8.i686.rpm | SHA-256: 2ec524bf5c19420ec89a1ed87a7b6c660244cc424a2e82d289cc7dcb015cad13 |
| gstreamer-plugins-good-debuginfo-0.10.23-4.el6_8.i686.rpm | SHA-256: 2439d08bfd08311b91f05f2d2ffc54a79eb95b1b0fb9d5776cc2e31b3bd58dc9 |
| gstreamer-plugins-good-debuginfo-0.10.23-4.el6_8.i686.rpm | SHA-256: 2439d08bfd08311b91f05f2d2ffc54a79eb95b1b0fb9d5776cc2e31b3bd58dc9 |
| gstreamer-plugins-good-devel-0.10.23-4.el6_8.i686.rpm | SHA-256: 50cebd56147ab83d768d889f000170334f65e18898d3583317bc27f452621d31 |
Red Hat Enterprise Linux Desktop 6
| SRPM | |
|---|---|
| gstreamer-plugins-good-0.10.23-4.el6_8.src.rpm | SHA-256: 90958fe61c4b009411e1d5d087094f6f12688717809399ce495479c202e7944c |
| x86_64 | |
| gstreamer-plugins-good-0.10.23-4.el6_8.i686.rpm | SHA-256: 2ec524bf5c19420ec89a1ed87a7b6c660244cc424a2e82d289cc7dcb015cad13 |
| gstreamer-plugins-good-0.10.23-4.el6_8.x86_64.rpm | SHA-256: 2f9da36e257e5b42c61e621afd43516f71fdc7ce3767ecabb8af5ffec111c7de |
| gstreamer-plugins-good-debuginfo-0.10.23-4.el6_8.i686.rpm | SHA-256: 2439d08bfd08311b91f05f2d2ffc54a79eb95b1b0fb9d5776cc2e31b3bd58dc9 |
| gstreamer-plugins-good-debuginfo-0.10.23-4.el6_8.i686.rpm | SHA-256: 2439d08bfd08311b91f05f2d2ffc54a79eb95b1b0fb9d5776cc2e31b3bd58dc9 |
| gstreamer-plugins-good-debuginfo-0.10.23-4.el6_8.x86_64.rpm | SHA-256: 02db947ff4e203bd9aa9f436f846f4131b7ab6ea93988e59c557afde3a993113 |
| gstreamer-plugins-good-debuginfo-0.10.23-4.el6_8.x86_64.rpm | SHA-256: 02db947ff4e203bd9aa9f436f846f4131b7ab6ea93988e59c557afde3a993113 |
| gstreamer-plugins-good-devel-0.10.23-4.el6_8.i686.rpm | SHA-256: 50cebd56147ab83d768d889f000170334f65e18898d3583317bc27f452621d31 |
| gstreamer-plugins-good-devel-0.10.23-4.el6_8.x86_64.rpm | SHA-256: 53e54b697cc8c93b3b7e5be3ad67c9ab73e1a9fd206b33d159c3dd6cab45302b |
| i386 | |
| gstreamer-plugins-good-0.10.23-4.el6_8.i686.rpm | SHA-256: 2ec524bf5c19420ec89a1ed87a7b6c660244cc424a2e82d289cc7dcb015cad13 |
| gstreamer-plugins-good-debuginfo-0.10.23-4.el6_8.i686.rpm | SHA-256: 2439d08bfd08311b91f05f2d2ffc54a79eb95b1b0fb9d5776cc2e31b3bd58dc9 |
| gstreamer-plugins-good-debuginfo-0.10.23-4.el6_8.i686.rpm | SHA-256: 2439d08bfd08311b91f05f2d2ffc54a79eb95b1b0fb9d5776cc2e31b3bd58dc9 |
| gstreamer-plugins-good-devel-0.10.23-4.el6_8.i686.rpm | SHA-256: 50cebd56147ab83d768d889f000170334f65e18898d3583317bc27f452621d31 |
Red Hat Enterprise Linux for IBM z Systems 6
| SRPM | |
|---|---|
| gstreamer-plugins-good-0.10.23-4.el6_8.src.rpm | SHA-256: 90958fe61c4b009411e1d5d087094f6f12688717809399ce495479c202e7944c |
| s390x | |
| gstreamer-plugins-good-0.10.23-4.el6_8.s390.rpm | SHA-256: 71ea1ced3bf55a219e0bb831fcf784a57594bdf6cacbb5095ce73b6b30d3067b |
| gstreamer-plugins-good-0.10.23-4.el6_8.s390x.rpm | SHA-256: 79ec0ead1b61153eea3bf3f59e7959fa7a5c892f0c668647609329be80830e07 |
| gstreamer-plugins-good-debuginfo-0.10.23-4.el6_8.s390.rpm | SHA-256: 27bc9539368ea0300183c5ae5dca5032176519a4c8ee16391b13c4bb45752f80 |
| gstreamer-plugins-good-debuginfo-0.10.23-4.el6_8.s390.rpm | SHA-256: 27bc9539368ea0300183c5ae5dca5032176519a4c8ee16391b13c4bb45752f80 |
| gstreamer-plugins-good-debuginfo-0.10.23-4.el6_8.s390x.rpm | SHA-256: 82955ac097cd8f2336689434ceb6920888d43dc627420e537b06e23f13164680 |
| gstreamer-plugins-good-debuginfo-0.10.23-4.el6_8.s390x.rpm | SHA-256: 82955ac097cd8f2336689434ceb6920888d43dc627420e537b06e23f13164680 |
| gstreamer-plugins-good-devel-0.10.23-4.el6_8.s390.rpm | SHA-256: 6a5acf70b659a043d368a9e4d074be398a1cb0b8db3649760aa6e27fddf00160 |
| gstreamer-plugins-good-devel-0.10.23-4.el6_8.s390x.rpm | SHA-256: 9f094b14e25c4659b72dbdbc2a924872ff6e57994d30ce7c4d6b1e7515621263 |
Red Hat Enterprise Linux for Power, big endian 6
| SRPM | |
|---|---|
| gstreamer-plugins-good-0.10.23-4.el6_8.src.rpm | SHA-256: 90958fe61c4b009411e1d5d087094f6f12688717809399ce495479c202e7944c |
| ppc64 | |
| gstreamer-plugins-good-0.10.23-4.el6_8.ppc.rpm | SHA-256: d084df2b78ada7d2bc1fde9984924cc60969d9a1312581a66739685bf3660f90 |
| gstreamer-plugins-good-0.10.23-4.el6_8.ppc64.rpm | SHA-256: d909291c53cdae65a9f1b64238830684e7d1cbe39b4e5888a28eaf8d294afd62 |
| gstreamer-plugins-good-debuginfo-0.10.23-4.el6_8.ppc.rpm | SHA-256: e791126041bcbf228a465f4e1efdf85f98efad9de790388312434b58fe8a4165 |
| gstreamer-plugins-good-debuginfo-0.10.23-4.el6_8.ppc.rpm | SHA-256: e791126041bcbf228a465f4e1efdf85f98efad9de790388312434b58fe8a4165 |
| gstreamer-plugins-good-debuginfo-0.10.23-4.el6_8.ppc64.rpm | SHA-256: 33ddbc4815a05e40feb00e92b5c74a73c303dfe2aeaa1d1eb9a3b3af330f6159 |
| gstreamer-plugins-good-debuginfo-0.10.23-4.el6_8.ppc64.rpm | SHA-256: 33ddbc4815a05e40feb00e92b5c74a73c303dfe2aeaa1d1eb9a3b3af330f6159 |
| gstreamer-plugins-good-devel-0.10.23-4.el6_8.ppc.rpm | SHA-256: c4d8a026dd7e801d280dce70dd61e2a83efb3d5fe7aaebc8f08ae11908e238c2 |
| gstreamer-plugins-good-devel-0.10.23-4.el6_8.ppc64.rpm | SHA-256: 9a2b869da50ca1b93ecd0d46b58cbee8e7b288796e7abc2527f7eb7ddf32408f |
Red Hat Enterprise Linux for Scientific Computing 6
| SRPM | |
|---|---|
| gstreamer-plugins-good-0.10.23-4.el6_8.src.rpm | SHA-256: 90958fe61c4b009411e1d5d087094f6f12688717809399ce495479c202e7944c |
| x86_64 | |
| gstreamer-plugins-good-0.10.23-4.el6_8.i686.rpm | SHA-256: 2ec524bf5c19420ec89a1ed87a7b6c660244cc424a2e82d289cc7dcb015cad13 |
| gstreamer-plugins-good-0.10.23-4.el6_8.x86_64.rpm | SHA-256: 2f9da36e257e5b42c61e621afd43516f71fdc7ce3767ecabb8af5ffec111c7de |
| gstreamer-plugins-good-debuginfo-0.10.23-4.el6_8.i686.rpm | SHA-256: 2439d08bfd08311b91f05f2d2ffc54a79eb95b1b0fb9d5776cc2e31b3bd58dc9 |
| gstreamer-plugins-good-debuginfo-0.10.23-4.el6_8.x86_64.rpm | SHA-256: 02db947ff4e203bd9aa9f436f846f4131b7ab6ea93988e59c557afde3a993113 |
| gstreamer-plugins-good-devel-0.10.23-4.el6_8.i686.rpm | SHA-256: 50cebd56147ab83d768d889f000170334f65e18898d3583317bc27f452621d31 |
| gstreamer-plugins-good-devel-0.10.23-4.el6_8.x86_64.rpm | SHA-256: 53e54b697cc8c93b3b7e5be3ad67c9ab73e1a9fd206b33d159c3dd6cab45302b |
Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6
| SRPM | |
|---|---|
| gstreamer-plugins-good-0.10.23-4.el6_8.src.rpm | SHA-256: 90958fe61c4b009411e1d5d087094f6f12688717809399ce495479c202e7944c |
| s390x | |
| gstreamer-plugins-good-0.10.23-4.el6_8.s390.rpm | SHA-256: 71ea1ced3bf55a219e0bb831fcf784a57594bdf6cacbb5095ce73b6b30d3067b |
| gstreamer-plugins-good-0.10.23-4.el6_8.s390x.rpm | SHA-256: 79ec0ead1b61153eea3bf3f59e7959fa7a5c892f0c668647609329be80830e07 |
| gstreamer-plugins-good-debuginfo-0.10.23-4.el6_8.s390.rpm | SHA-256: 27bc9539368ea0300183c5ae5dca5032176519a4c8ee16391b13c4bb45752f80 |
| gstreamer-plugins-good-debuginfo-0.10.23-4.el6_8.s390.rpm | SHA-256: 27bc9539368ea0300183c5ae5dca5032176519a4c8ee16391b13c4bb45752f80 |
| gstreamer-plugins-good-debuginfo-0.10.23-4.el6_8.s390x.rpm | SHA-256: 82955ac097cd8f2336689434ceb6920888d43dc627420e537b06e23f13164680 |
| gstreamer-plugins-good-debuginfo-0.10.23-4.el6_8.s390x.rpm | SHA-256: 82955ac097cd8f2336689434ceb6920888d43dc627420e537b06e23f13164680 |
| gstreamer-plugins-good-devel-0.10.23-4.el6_8.s390.rpm | SHA-256: 6a5acf70b659a043d368a9e4d074be398a1cb0b8db3649760aa6e27fddf00160 |
| gstreamer-plugins-good-devel-0.10.23-4.el6_8.s390x.rpm | SHA-256: 9f094b14e25c4659b72dbdbc2a924872ff6e57994d30ce7c4d6b1e7515621263 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.