You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa mingw-gstreamer1-plugins-base

Sigurnosni nedostaci programskog paketa mingw-gstreamer1-plugins-base

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

Fedora Update Notification
2017-02-20 15:20:58.380882

Name : mingw-gstreamer1-plugins-base
Product : Fedora 25
Version : 1.10.3
Release : 1.fc25
Summary : Cross compiled GStreamer1 media framework base plug-ins
Description :
GStreamer is a streaming media framework, based on graphs of filters which
operate on media data. Applications using this library can do anything
from real-time sound processing to playing videos, and just about anything
else media-related. Its plugin-based architecture means that new data
types or processing capabilities can be added simply by installing new

This package contains a set of well-maintained base plug-ins.

Update Information:

Security fix for CVE-2017-5837, CVE-2017-5839, CVE-2017-5842, CVE-2017-5844 –
Downgrade to 1.10.3 as it is the latest stable release

[ 1 ] Bug #1419584 – CVE-2017-5837 gstreamer-plugins-base: Floating point exception in gst_riff_create_audio_caps
[ 2 ] Bug #1419586 – CVE-2017-5839 gstreamer-plugins-base: Stack overflow in gst_riff_create_audio_caps
[ 3 ] Bug #1419591 – CVE-2017-5842 gstreamer-plugins-base: Out-of-bounds heap read in html_context_handle_element
[ 4 ] Bug #1419600 – CVE-2017-5844 gstreamer-plugins-base: Floating point exception in gst_riff_create_audio_caps

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade mingw-gstreamer1-plugins-base’ at the command line.
For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list —
To unsubscribe send an email to

AutorDanijel Kozinovic
Cert idNCERT-REF-2017-02-0149-ADV
More in Preporuke
Sigurnosni nedostatak programskog paketa mingw

Otkriven je sigurnosni nedostatak u programskom paketu mingw za operacijski sustav Fedora 25. Otkriveni nedostatak potencijalnim napadačima omogućuje izvođenje napada...