gst-plugins-bad: two vulnerabilities
Package(s): | gst-plugins-bad | CVE #(s): | CVE-2017-5843 CVE-2017-5848 | ||||||||||||
Created: | February 6, 2017 | Updated: | February 21, 2017 | ||||||||||||
Description: | From the Arch Linux advisory:
- CVE-2017-5843 (arbitrary code execution): A double-free issue has been found in gstreamer before 1.10.3, in gst_mxf_demux_update_essence_tracks. - CVE-2017-5848 (denial of service): An out-of-bounds read has been found in gstreamer before 1.10.3, in gst_ps_demux_parse_psm. | ||||||||||||||
Alerts: |
|