An out-of-bounds heap read was found gst_avi_demux_parse_ncdt. Upstream bug: https://bugzilla.gnome.org/show_bug.cgi?id=777500 Upstream patch: https://github.com/GStreamer/gst-plugins-good/commit/32d9f3c CVE assignment: http://seclists.org/oss-sec/2017/q1/284
Created mingw-gstreamer1-plugins-good tracking bugs for this issue: Affects: fedora-all [bug 1419611]
Created mingw-gstreamer-plugins-good tracking bugs for this issue: Affects: fedora-all [bug 1419610]
Created gstreamer-plugins-good tracking bugs for this issue: Affects: fedora-all [bug 1419608]
Created gstreamer1-plugins-good tracking bugs for this issue: Affects: fedora-all [bug 1419609]
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2017:2060 https://access.redhat.com/errata/RHSA-2017:2060