You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa mingw-gstreamer1-plugins-good

Sigurnosni nedostaci programskog paketa mingw-gstreamer1-plugins-good

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

Fedora Update Notification
2017-02-20 15:20:58.380938

Name : mingw-gstreamer1-plugins-good
Product : Fedora 25
Version : 1.10.3
Release : 1.fc25
Summary : Cross compiled GStreamer1 plug-ins good
Description :
GStreamer is a streaming media framework, based on graphs of filters which
operate on media data. Applications using this library can do anything
from real-time sound processing to playing videos, and just about anything
else media-related. Its plugin-based architecture means that new data
types or processing capabilities can be added simply by installing new

GStreamer Good Plugins is a collection of well-supported plugins of
good quality and under the LGPL license.

Update Information:

Security fix for CVE-2016-10199, CVE-2017-5845, CVE-2017-5840, CVE-2017-5841 –
Downgrade to 1.10.3 as it is the latest stable release

[ 1 ] Bug #1419580 – CVE-2016-10199 gstreamer-plugins-good: Out of bounds read in qtdemux_tag_add_str_full
[ 2 ] Bug #1419582 – CVE-2017-5845 gstreamer-plugins-good: Invalid memory read in gst_avi_demux_parse_ncdt
[ 3 ] Bug #1419588 – CVE-2017-5840 gstreamer-plugins-good: Out of bounds heap read in qtdemux_parse_samples
[ 4 ] Bug #1419589 – CVE-2017-5841 gstreamer-plugins-good: Heap out-of-bounds read in gst_avi_demux_parse_ncdt

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade mingw-gstreamer1-plugins-good’ at the command line.
For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list —
To unsubscribe send an email to

AutorVlatka Misic
Cert idNCERT-REF-2017-02-0154-ADV
More in Preporuke
Sigurnosni nedostaci programskog paketa spice

Otkriveni su sigurnosni nedostaci u programskom paketu spice za Ubuntu 14.04 LTS, 16.04 LTS i 16.10. Otkriveni nedostaci posljedica su...