Please Install the Updated Packages.

The gstreamer-plugins package contains plugins used by the GStreamer streaming-media framework to support a wide variety of media types. A heap buffer overflow was found in the GStreamer's QuickTime media file format decoding plug-in. An attacker could create a carefully-crafted QuickTime media .mov file that would cause an application using GStreamer to crash or, potentially, execute arbitrary code if played by a victim. (CVE-2009-0397) All users of gstreamer-plugins are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the update, all applications using GStreamer (such as rhythmbox) must be restarted for the changes to take effect.

gstreamer-plugins on CentOS 4

• http://lists.centos.org/pipermail/centos-announce/2009-February/015621.html

---

Updated on 2015-03-25