drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in GStreamer
Name: |
Ausführen beliebiger Kommandos in GStreamer |
|
ID: |
DSA-3713-1 |
|
Distribution: |
Debian |
|
Plattformen: |
Debian jessie |
|
Datum: |
Mi, 16. November 2016, 06:43 |
|
Referenzen: |
http://scarybeastsecurity.blogspot.de/2016/11/0day-exploit-compromising-linux-desktop.html |
|
Applikationen: |
GStreamer |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
- ------------------------------------------------------------------------- Debian Security Advisory DSA-3713-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff November 15, 2016 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : gst-plugins-bad0.10 CVE ID : not yet available
Chris Evans discovered that the GStreamer 0.10 plugin to decode NES Sound Format files allowed the execution of arbitrary code. Further details can be found in his advisory at 0day-exploit-compromising-linux-desktop.html
For the stable distribution (jessie), this problem has been fixed in version 0.10.23-7.4+deb8u1.
The unstable distribution (sid) no longer contains Gstreamer 0.10.
We recommend that you upgrade your gst-plugins-bad0.10 packages.
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQIcBAEBCAAGBQJYK0SHAAoJEBDCk7bDfE42KBEQAIE143QNAPFS/x/advA/V2Tg HyBMzSiC0JGiIiGxAqEnB49RKm0PL8iM91ErYlvT1Y1gOhspMaFyqjYKoeKdczIZ Y8BeTTLALlhEjgx32OsfVO+N3fxY7VZg5tyuWijL19HUhJkL2WsZzjP1covl0T1W oGqruCCZlIKR6rA30GJUePMdefN66MjDPtlKxkm2U4c7DM1bCPhFcjk6ErJcWC25 nEBHFQN7DqzQ7ONhbq0falpJLp64yG6TdVA8mQ+/Q2EVd1e6hcCfLwmLr8EJqv0R qLOTac9f8HDr8FFgWNJVcc7TF1GqQaza59r3NYKz1BU3KtnCUvIRsbuzP1CJ9Nom 1bWJY2MeutDPThRnEBxFyYnEHySkxieaOaqTtoDLna/xx0ddzX4ZnKKU2smoEsH+ UQIk7ItHQmzKC1NK1rUcs5N5TlDUgtK/3ralwEu9JCfqFIq+OnHbv4xhWP4QkKHZ 6Yi3nykMXCkMs+d0OWs0S4wm9E9+XdxKOn2fQ+IJHBI51Ypg+L1aNmf5tV86fRWF o+AZnFZoE47sIVMcP71reJJtjQhldi+DgTfo+b0uT679Z50RHPSx6jDmJjghI+4C 10h5I2XFMDP6XlCxHBnT/adaNExWXScpdLTcr9/aDO88MJKWJQBB2u7xZkDzP9pW I/7DmjfJAlSV+zOk6M/X =r/Df -----END PGP SIGNATURE-----
|
|
|
|