A use-after-free vulnerability was found in gst_mini_object_unref / gst_tag_list_unref / gst_mxf_demux_update_essence_tracks. Upstream bug: https://bugzilla.gnome.org/show_bug.cgi?id=777503 Upstream patch: https://github.com/GStreamer/gst-plugins-bad/commit/08723e6 CVE assignment: http://seclists.org/oss-sec/2017/q1/284
Created mingw-gstreamer1-plugins-bad-free tracking bugs for this issue: Affects: fedora-all [bug 1419618]
Created gstreamer1-plugins-bad-free tracking bugs for this issue: Affects: fedora-all [bug 1419616]
Created gstreamer-plugins-bad-free tracking bugs for this issue: Affects: fedora-all [bug 1419614]
Created mingw-gstreamer-plugins-bad-free tracking bugs for this issue: Affects: fedora-all [bug 1419617]
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2017:2060 https://access.redhat.com/errata/RHSA-2017:2060