An update for gstreamer1-plugins-good is now available for Red Hat EnterpriseLinux 7.Red Hat Product Security has rated this update as having a security impact ofModerate.

A Common Vulnerability Scoring System (CVSS) base score, which gives adetailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.
GStreamer is a streaming media framework based on graphs of filters whichoperate on media data.

The gstreamer1-plugins-good packages contain a collectionof well-supported plug-ins of good quality and under the LGPL license.Security Fix(es):* Multiple flaws were discovered in GStreamer’s FLC/FLI/FLX media file formatdecoding plug-in.

A remote attacker could use these flaws to cause anapplication using GStreamer to crash or, potentially, execute arbitrary codewith the privileges of the user running the application. (CVE-2016-9634,CVE-2016-9635, CVE-2016-9636, CVE-2016-9808)* An invalid memory read access flaw was found in GStreamer’s FLC/FLI/FLX mediafile format decoding plug-in.

A remote attacker could use this flaw to cause anapplication using GStreamer to crash. (CVE-2016-9807)Note: This update removes the vulnerable FLC/FLI/FLX plug-in.
Red Hat Enterprise Linux Desktop (v. 7)

SRPMS:
gstreamer1-plugins-good-1.4.5-3.el7_3.src.rpm
    MD5: b2cdc74b820731a24c4e1bd522588a1aSHA-256: 21e4e2200496ed706dee127b3df390ee5c29249968ac9fd266ca75d40008f65a
 
x86_64:
gstreamer1-plugins-good-1.4.5-3.el7_3.i686.rpm
    MD5: 9a82dd2e50c0495eff1a190e28f0bfc5SHA-256: 40d1b910a6c7d5aca779612f94c3385ec75df94f4d3591330b8142bc8424cc14
gstreamer1-plugins-good-1.4.5-3.el7_3.x86_64.rpm
    MD5: 2e6f21e6c0c6af77c057e95ae1e9acd0SHA-256: d86b6bb9bff52a16dd9cd8749d1ffd0d4d80f80ea7d5a081b2e8fd3c958db02f
gstreamer1-plugins-good-debuginfo-1.4.5-3.el7_3.i686.rpm
    MD5: c1c60df85d405e447cc0075a894ee50fSHA-256: 878e8a1203bdfa48e7b95870c01ffbe0651218b1418ff64fa20e2aa0a9bb3b85
gstreamer1-plugins-good-debuginfo-1.4.5-3.el7_3.x86_64.rpm
    MD5: ffb235e8896717085ccf2156d3e8218fSHA-256: d949ee125ef4bff0b1c720115eb820f7f90bbb04c1bbbd4d42b228e3ed618e56
 
Red Hat Enterprise Linux HPC Node (v. 7)

SRPMS:
gstreamer1-plugins-good-1.4.5-3.el7_3.src.rpm
    MD5: b2cdc74b820731a24c4e1bd522588a1aSHA-256: 21e4e2200496ed706dee127b3df390ee5c29249968ac9fd266ca75d40008f65a
 
x86_64:
gstreamer1-plugins-good-1.4.5-3.el7_3.i686.rpm
    MD5: 9a82dd2e50c0495eff1a190e28f0bfc5SHA-256: 40d1b910a6c7d5aca779612f94c3385ec75df94f4d3591330b8142bc8424cc14
gstreamer1-plugins-good-1.4.5-3.el7_3.x86_64.rpm
    MD5: 2e6f21e6c0c6af77c057e95ae1e9acd0SHA-256: d86b6bb9bff52a16dd9cd8749d1ffd0d4d80f80ea7d5a081b2e8fd3c958db02f
gstreamer1-plugins-good-debuginfo-1.4.5-3.el7_3.i686.rpm
    MD5: c1c60df85d405e447cc0075a894ee50fSHA-256: 878e8a1203bdfa48e7b95870c01ffbe0651218b1418ff64fa20e2aa0a9bb3b85
gstreamer1-plugins-good-debuginfo-1.4.5-3.el7_3.x86_64.rpm
    MD5: ffb235e8896717085ccf2156d3e8218fSHA-256: d949ee125ef4bff0b1c720115eb820f7f90bbb04c1bbbd4d42b228e3ed618e56
 
Red Hat Enterprise Linux Server (v. 7)

SRPMS:
gstreamer1-plugins-good-1.4.5-3.el7_3.src.rpm
    MD5: b2cdc74b820731a24c4e1bd522588a1aSHA-256: 21e4e2200496ed706dee127b3df390ee5c29249968ac9fd266ca75d40008f65a
 
PPC:
gstreamer1-plugins-good-1.4.5-3.el7_3.ppc.rpm
    MD5: 35f3105f4f719f1447c28ebf6d2ffcbdSHA-256: 8e7acc7c3a5dcdbc79e0d2f86fd7140377d517da94320f99153d88e1d6b40dd7
gstreamer1-plugins-good-1.4.5-3.el7_3.ppc64.rpm
    MD5: f2a4931f114357b127b88a45aacf3beaSHA-256: c20bef2319c6c2835274adee4ed5ab6d2fa38f36029011ad86a93827c300c1b9
gstreamer1-plugins-good-debuginfo-1.4.5-3.el7_3.ppc.rpm
    MD5: 08b115f0169c7c8be48c7fd3d2373b3cSHA-256: ce430fc75378aa336b7d13eee25b823a3109daf3fb295c82874d369305d683e0
gstreamer1-plugins-good-debuginfo-1.4.5-3.el7_3.ppc64.rpm
    MD5: d0baa344bc1c061306019b3f404b155dSHA-256: cb3dc4ea7306a0bad7f98b8b78e33faa6fd23c58c6ab8868b1655ebf3439e078
 
PPC64LE:
gstreamer1-plugins-good-1.4.5-3.el7_3.ppc64le.rpm
    MD5: 163c6818578045dceaa48c44dfc8e4b3SHA-256: c6a9782e9e2cd52fbe6d81c18c2cdd3a8ecf3aeb0ca9cd5a4a058be3858ba439
gstreamer1-plugins-good-debuginfo-1.4.5-3.el7_3.ppc64le.rpm
    MD5: 355efc1224ce683c859d464a85aeda47SHA-256: 03866ba9b56433843eb794e0d0994189d3a97a759f34c49a13d580512adccf7d
 
s390x:
gstreamer1-plugins-good-1.4.5-3.el7_3.s390.rpm
    MD5: 808757124482e353f00c5d8b15dab0e1SHA-256: cfdab42673e31ae894a2d91c224e3054b0b524152ab4288239d17747dea04e5e
gstreamer1-plugins-good-1.4.5-3.el7_3.s390x.rpm
    MD5: d0659c5b03252d32ec9e8b601f2bd6ccSHA-256: 6a7e1f93e67ad567ee96a2a69d47274c2400667bb74bc6ed8bcca26e94aea13b
gstreamer1-plugins-good-debuginfo-1.4.5-3.el7_3.s390.rpm
    MD5: c6fea6687b9532233e4f485bf16acbfdSHA-256: 6a5715c1a765def40dd3175542c000fb0a52edc7fa32a30537b9c3604884f65c
gstreamer1-plugins-good-debuginfo-1.4.5-3.el7_3.s390x.rpm
    MD5: 05d75386eb6613c14c057aecf02c1f10SHA-256: 109f7c9a69f575e6862ccb9ef3929d528ffd019fbd6a86e7418ecd3457e5502c
 
x86_64:
gstreamer1-plugins-good-1.4.5-3.el7_3.i686.rpm
    MD5: 9a82dd2e50c0495eff1a190e28f0bfc5SHA-256: 40d1b910a6c7d5aca779612f94c3385ec75df94f4d3591330b8142bc8424cc14
gstreamer1-plugins-good-1.4.5-3.el7_3.x86_64.rpm
    MD5: 2e6f21e6c0c6af77c057e95ae1e9acd0SHA-256: d86b6bb9bff52a16dd9cd8749d1ffd0d4d80f80ea7d5a081b2e8fd3c958db02f
gstreamer1-plugins-good-debuginfo-1.4.5-3.el7_3.i686.rpm
    MD5: c1c60df85d405e447cc0075a894ee50fSHA-256: 878e8a1203bdfa48e7b95870c01ffbe0651218b1418ff64fa20e2aa0a9bb3b85
gstreamer1-plugins-good-debuginfo-1.4.5-3.el7_3.x86_64.rpm
    MD5: ffb235e8896717085ccf2156d3e8218fSHA-256: d949ee125ef4bff0b1c720115eb820f7f90bbb04c1bbbd4d42b228e3ed618e56
 
Red Hat Enterprise Linux Server TUS (v. 7.3)

SRPMS:
gstreamer1-plugins-good-1.4.5-3.el7_3.src.rpm
    MD5: b2cdc74b820731a24c4e1bd522588a1aSHA-256: 21e4e2200496ed706dee127b3df390ee5c29249968ac9fd266ca75d40008f65a
 
x86_64:
gstreamer1-plugins-good-1.4.5-3.el7_3.i686.rpm
    MD5: 9a82dd2e50c0495eff1a190e28f0bfc5SHA-256: 40d1b910a6c7d5aca779612f94c3385ec75df94f4d3591330b8142bc8424cc14
gstreamer1-plugins-good-1.4.5-3.el7_3.x86_64.rpm
    MD5: 2e6f21e6c0c6af77c057e95ae1e9acd0SHA-256: d86b6bb9bff52a16dd9cd8749d1ffd0d4d80f80ea7d5a081b2e8fd3c958db02f
gstreamer1-plugins-good-debuginfo-1.4.5-3.el7_3.i686.rpm
    MD5: c1c60df85d405e447cc0075a894ee50fSHA-256: 878e8a1203bdfa48e7b95870c01ffbe0651218b1418ff64fa20e2aa0a9bb3b85
gstreamer1-plugins-good-debuginfo-1.4.5-3.el7_3.x86_64.rpm
    MD5: ffb235e8896717085ccf2156d3e8218fSHA-256: d949ee125ef4bff0b1c720115eb820f7f90bbb04c1bbbd4d42b228e3ed618e56
 
Red Hat Enterprise Linux Workstation (v. 7)

SRPMS:
gstreamer1-plugins-good-1.4.5-3.el7_3.src.rpm
    MD5: b2cdc74b820731a24c4e1bd522588a1aSHA-256: 21e4e2200496ed706dee127b3df390ee5c29249968ac9fd266ca75d40008f65a
 
x86_64:
gstreamer1-plugins-good-1.4.5-3.el7_3.i686.rpm
    MD5: 9a82dd2e50c0495eff1a190e28f0bfc5SHA-256: 40d1b910a6c7d5aca779612f94c3385ec75df94f4d3591330b8142bc8424cc14
gstreamer1-plugins-good-1.4.5-3.el7_3.x86_64.rpm
    MD5: 2e6f21e6c0c6af77c057e95ae1e9acd0SHA-256: d86b6bb9bff52a16dd9cd8749d1ffd0d4d80f80ea7d5a081b2e8fd3c958db02f
gstreamer1-plugins-good-debuginfo-1.4.5-3.el7_3.i686.rpm
    MD5: c1c60df85d405e447cc0075a894ee50fSHA-256: 878e8a1203bdfa48e7b95870c01ffbe0651218b1418ff64fa20e2aa0a9bb3b85
gstreamer1-plugins-good-debuginfo-1.4.5-3.el7_3.x86_64.rpm
    MD5: ffb235e8896717085ccf2156d3e8218fSHA-256: d949ee125ef4bff0b1c720115eb820f7f90bbb04c1bbbd4d42b228e3ed618e56
 
(The unlinked packages above are only available from the Red Hat Network)

1397441 – CVE-2016-9634 CVE-2016-9635 CVE-2016-9636 CVE-2016-9808 gstreamer-plugins-good: Heap buffer overflow in FLIC decoder1401874 – CVE-2016-9807 gstreamer-plugins-good: Invalid memory read in flx_decode_chunks

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:

Leave a Reply