Scientific Linux Security Update : gstreamer-plugins-good on SL7.x x86_64
High Nessus Plugin ID 96333
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionSecurity Fix(es) :
- Multiple flaws were discovered in GStreamer's FLC/FLI/FLX media file format decoding plug-in. A remote attacker could use these flaws to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9634, CVE-2016-9635, CVE-2016-9636, CVE-2016-9808)
- An invalid memory read access flaw was found in GStreamer's FLC/FLI/FLX media file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash. (CVE-2016-9807)
Note: This update removes the vulnerable FLC/FLI/FLX plug-in.
SolutionUpdate the affected gstreamer-plugins-good, gstreamer-plugins-good-debuginfo and / or gstreamer-plugins-good-devel-docs packages.