From Secunia: A vulnerability has been discovered in GStreamer Good Plug-ins, which can be exploited by malicious people to potentially compromise an application using the library. The vulnerability is caused due to an integer overflow error in ext/libpng/gstpngdec.c, which can be exploited to cause a heap-based buffer overflow via a specially crafted PNG file. Successful exploitation may allow execution of arbitrary code. The vulnerability is confirmed in version 0.10.15. Other versions may also be affected.
====================================================== Name: CVE-2009-1932 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1932 Multiple integer overflows in the (1) user_info_callback, (2) user_endrow_callback, and (3) gst_pngdec_task functions (ext/libpng/gstpngdec.c) in GStreamer Good Plug-ins (aka gst-plugins-good or gstreamer-plugins-good) 0.10.15 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PNG file, which triggers a buffer overflow.
Please stabilize gst-plugins-good 0.10.14-r1 which includes the patch.
Sorry guys, but this isn't working like that. The patch needs to be applied in gst-plugins-libpng, thanks to our wonderful gst layout. But it's nice to recompile gst-plugins-good for just the kicks :-)
Damn mid-air collisions, was just about to do mostly the same change. Adjusting summary. Maintainers, please add the patch to gst-plugins-libpng.
media-plugins/gst-plugins-libpng-0.10.14-r1 is now there and needs to be stabilized. Sorry for the fuck up.. Sparc will also need to do bug #266986 which I've set as a dep.
Stable on alpha.
x86 stable
amd64 stable
ppc64 done
ppc done
sparc stable
GLSA 200907-11