GStreamer is a streaming media framework based on graphs of filters whichoperate on media data. GStreamer Base Plug-ins is a collection ofwell-maintained base plug-ins.An integer overflow flaw which caused a heap-based buffer overflow wasdiscovered in the Vorbis comment tags reader. An attacker could create acarefully-crafted Vorbis file that would cause an application usingGStreamer to crash or, potentially, execute arbitrary code if opened by avictim. (CVE-2009-0586)All users of gstreamer-plugins-base are advised to upgrade to these updatedpackages, which contain a backported patch to correct this issue. Afterinstalling this update, all applications using GStreamer (such as Totem orRhythmbox) must be restarted for the changes to take effect.