[Buildroot] [PATCH] gst1-plugins-good: add upstream patches to fix security issue in flic decoder

Baruch Siach baruch at tkos.co.il
Mon Nov 28 04:19:08 UTC 2016

Hi Peter,

On Sun, Nov 27, 2016 at 10:41:18PM +0100, Peter Korsgaard wrote:
> As detailed by Chris Evans, the flic decoder contains a buffer overflow which
> can be exploited to cause arbitrary code execution as the user running
> gstreamer:
> https://scarybeastsecurity.blogspot.be/2016/11/0day-exploit-advancing-exploitation.html
> Fixes CVE-2016-963{4,5,6}.

The expanded form of this pattern would be nicer to future 'git log --grep'.

> add the upstream patches to fix this issue.
> Signed-off-by: Peter Korsgaard <peter at korsgaard.com>


     http://baruch.siach.name/blog/                  ~. .~   Tk Open Systems
   - baruch at tkos.co.il - tel: +972.52.368.4656, http://www.tkos.co.il -

More information about the buildroot mailing list