USN-3135-2: GStreamer Good Plugins vulnerability
USN-3135-2: GStreamer Good Plugins vulnerability Ubuntu Security Notice USN-3135-2 28th November, 2016 gst-plugins-good0.10, gst-plugins-good1.0 vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary GStreamer could be made to crash or run programs as your login if it opened a specially crafted file. Software description gst-plugins-good0.10 – GStreamer plugins gst-plugins-good1.0 – GStreamer plugins Details USN-3135-1 fixed a vulnerability in GStreamer Good Plugins. The originalsecurity fix was incomplete. This update fixes the problem. Original advisory details: Chris Evans discovered that GStreamer Good Plugins did not correctly handle malformed FLC movie files. If a user were tricked into opening a crafted FLC movie file with a GStreamer application, an attacker could cause a denial of service via application crash, or execute arbitrary code with the privileges of the [ more… ]