flxdec security update tracking bug
Bug #1643901 reported by
Marc Deslauriers
This bug affects 2 people
Affects | Status | Importance | Assigned to | Milestone | ||
---|---|---|---|---|---|---|
gst-plugins-good0.10 (Ubuntu) | ||||||
Precise |
Fix Released
|
Medium
|
Marc Deslauriers | |||
Trusty |
Fix Released
|
Medium
|
Marc Deslauriers | |||
Xenial |
Fix Released
|
Medium
|
Marc Deslauriers | |||
gst-plugins-good1.0 (Ubuntu) |
Fix Released
|
Medium
|
Unassigned | |||
Trusty |
Fix Released
|
Medium
|
Marc Deslauriers | |||
Xenial |
Fix Released
|
Medium
|
Marc Deslauriers | |||
Yakkety |
Fix Released
|
Medium
|
Marc Deslauriers | |||
Zesty |
Confirmed
|
Medium
|
Unassigned |
Bug Description
This bug is to track the security update to fix the flxdec out-of-bounds write.
Changed in gst-plugins-good1.0 (Ubuntu Precise): | |
status: | New → Invalid |
Changed in gst-plugins-good0.10 (Ubuntu Yakkety): | |
status: | New → Invalid |
Changed in gst-plugins-good0.10 (Ubuntu Zesty): | |
status: | New → Invalid |
Changed in gst-plugins-good0.10 (Ubuntu Precise): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
importance: | Undecided → Medium |
status: | New → In Progress |
Changed in gst-plugins-good0.10 (Ubuntu Trusty): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
importance: | Undecided → Medium |
status: | New → In Progress |
Changed in gst-plugins-good0.10 (Ubuntu Xenial): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
importance: | Undecided → Medium |
status: | New → In Progress |
Changed in gst-plugins-good1.0 (Ubuntu Trusty): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
importance: | Undecided → Medium |
status: | New → In Progress |
Changed in gst-plugins-good1.0 (Ubuntu Xenial): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
importance: | Undecided → Medium |
status: | New → In Progress |
Changed in gst-plugins-good1.0 (Ubuntu Yakkety): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
importance: | Undecided → Medium |
status: | New → In Progress |
Changed in gst-plugins-good1.0 (Ubuntu Zesty): | |
status: | New → Confirmed |
Changed in gst-plugins-good0.10 (Ubuntu Precise): | |
status: | In Progress → Fix Released |
Changed in gst-plugins-good0.10 (Ubuntu Trusty): | |
status: | In Progress → Fix Released |
Changed in gst-plugins-good0.10 (Ubuntu Xenial): | |
status: | In Progress → Fix Released |
Changed in gst-plugins-good1.0 (Ubuntu Trusty): | |
status: | In Progress → Fix Released |
Changed in gst-plugins-good1.0 (Ubuntu Xenial): | |
status: | In Progress → Fix Released |
Changed in gst-plugins-good1.0 (Ubuntu Yakkety): | |
status: | In Progress → Fix Released |
no longer affects: | gst-plugins-good0.10 (Ubuntu Yakkety) |
no longer affects: | gst-plugins-good0.10 (Ubuntu Zesty) |
Changed in gst-plugins-good0.10 (Ubuntu): | |
importance: | Undecided → Medium |
status: | Invalid → Fix Released |
no longer affects: | gst-plugins-good1.0 (Ubuntu Precise) |
no longer affects: | gst-plugins-good0.10 (Ubuntu) |
Changed in gst-plugins-good1.0 (Ubuntu Zesty): | |
importance: | Undecided → Medium |
Changed in gst-plugins-good1.0 (Ubuntu): | |
status: | Confirmed → Fix Released |
To post a comment you must log in.
Marc, I'm assuming this is related to this https:/ /scarybeastsecu rity.blogspot. ca/2016/ 11/0day- exploit- advancing- exploitation. html, right?
Like the author, I question the upstream decision to include FLIC support in the "good" set. Would it be possible to move that plugin to the "bad" or the "ugly" set since it's presumably a very rarely used format?