[Buildroot] [PATCH] gst1-plugins-good: add upstream patches to fix security issue in flic decoder
Baruch Siach
baruch at tkos.co.il
Mon Nov 28 04:19:08 UTC 2016
Hi Peter,
On Sun, Nov 27, 2016 at 10:41:18PM +0100, Peter Korsgaard wrote:
> As detailed by Chris Evans, the flic decoder contains a buffer overflow which
> can be exploited to cause arbitrary code execution as the user running
> gstreamer:
>
> https://scarybeastsecurity.blogspot.be/2016/11/0day-exploit-advancing-exploitation.html
>
> Fixes CVE-2016-963{4,5,6}.
The expanded form of this pattern would be nicer to future 'git log --grep'.
> add the upstream patches to fix this issue.
>
> Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
baruch
--
http://baruch.siach.name/blog/ ~. .~ Tk Open Systems
=}------------------------------------------------ooO--U--Ooo------------{=
- baruch at tkos.co.il - tel: +972.52.368.4656, http://www.tkos.co.il -
More information about the buildroot
mailing list