Name : mingw-gstreamer1-plugins-bad-free Product : Fedora 25 Version : 1.10.3 Release : 1.fc25 URL : http://gstreamer.freedesktop.org/ Summary : Cross compiled GStreamer1 plug-ins "bad" Description : GStreamer is a streaming media framework, based on graphs of elements which operate on media data.
This package contains plug-ins that aren't tested well enough, or the code is not of good enough quality.
Security fix for CVE-2017-5848, CVE-2017-5843 - Downgrade to 1.10.3 as it is the latest stable release ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #1419583 - CVE-2017-5848 gstreamer-plugins-bad-free: Invalid memory read in gst_ps_demux_parse_psm https://bugzilla.redhat.com/show_bug.cgi?id=1419583 [ 2 ] Bug #1419592 - CVE-2017-5843 gstreamer-plugins-bad-free: Use after free in gst_mini_object_unref / gst_tag_list_unref / gst_mxf_demux_update_essence_tracks https://bugzilla.redhat.com/show_bug.cgi?id=1419592 ------------------------------------------------------------------------------- -