Huawei EulerOS: Security Advisory for gstreamer1-plugins-good (EulerOS-SA-2017-1064)

The remote host is missing an update for the Huawei EulerOS 'gstreamer1-plugins-good' package(s) announced via the EulerOS-SA-2017-1064 advisory.

Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'write count' that goes beyond the initialized buffer.(CVE-2016-9636) Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'skip count' that goes beyond initialized buffer.(CVE-2016-9635) Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via the start_line parameter.(CVE-2016-9634) The FLIC decoder in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (out-of-bounds write and crash) via a crafted series of skip and count pairs.(CVE-2016-9808) The flx_decode_chunks function in gst/flx/gstflxdec.c in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted FLIC file.(CVE-2016-9807)

'gstreamer1-plugins-good' package(s) on Huawei EulerOS V2.0SP1.

Checks if a vulnerable package version is present on the target host.

Please install the updated package(s).