An invalid memory read in gst_aac_parse_sink_setcaps was found that can be triggered by specially crafted file. Upstream bug: https://bugzilla.gnome.org/show_bug.cgi?id=775450 Upstream patch: https://github.com/GStreamer/gst-plugins-good/commit/87a2c140ca54c5128093377e9b25a5c24b346727 CVE assignment: http://seclists.org/oss-sec/2017/q1/284
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2017:2060 https://access.redhat.com/errata/RHSA-2017:2060