Login
Newsletter
Werbung

Sicherheit: Ausführen beliebiger Kommandos in gst-plugins-bad1.0 und gst-plugins-bad0.10
Aktuelle Meldungen Distributionen
Name: Ausführen beliebiger Kommandos in gst-plugins-bad1.0 und gst-plugins-bad0.10
ID: DSA-3717-1
Distribution: Debian
Plattformen: Debian sid, Debian jessie
Datum: Do, 17. November 2016, 23:44
Referenzen: Keine Angabe
Applikationen: GStreamer, GStreamer

Originalnachricht

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3717-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
November 17, 2016 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : gst-plugins-bad1.0 / gst-plugins-bad0.10
CVE ID : not yet available

Chris Evans discovered that the GStreamer plugin to decode VMware screen
capture files allowed the execution of arbitrary code.

For the stable distribution (jessie), this problem has been fixed in
version 1.4.4-2.1+deb8u1 of gst-plugins-bad1.0 and version
0.10.23-7.4+deb8u2 of gst-plugins-bad0.10.

For the unstable distribution (sid), this problem has been fixed in
version 1.10.1-1 of gst-plugins-bad1.0.

We recommend that you upgrade your gst-plugins-bad1.0 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCAAGBQJYLg3tAAoJEBDCk7bDfE42v3UP/jQFTA+A157AP810HVxpxOZr
XbSTowmdFOFoo2OA2oYKfZUc33js4j9Xwjusuwfp5eNRz5Q0QDJyc07oNhkrHS3w
BKQmuaprS0hCYoSzKti5RbAJHy6YMrlz8k39bVQZ4O/mslqCvh4QljbfMwlBBWzU
M2Ro6kEiedq+rkONyiuEV63SwaA1NgrlDBZDnHYQezVdO3XSHOr9+R2RZaaziGCF
KCe3lbQEmn73PjODFGeovykzYHPuVExkJ/9LEJMIggoy8O5dz6OfVtznZCqGv/fs
Nz5PRaoxGTY1H+L5S4y90gDa2HSI3wGq1zRBSS0E/RD2oZREe36FzwUjh4oc7K/j
KKymvcJxlBPoH3SJtTGWvb3myTbyFghKnfz0MtdfAbOwJxHVdA5CHKkPeIxifZLU
yVu9jwEAntCHpMAxD/fqsJfzsomKBkD/0ahczVTCfW/FLt+VhItzB2CwAM7McKZL
l4gS1ESXqH/AWDZnF1smst91cNBLZnRrURAGMuBd8xJO/biIJdYSKjrKgVpn9ZE8
wQpIa5jU92dbCJ/8hkhD3lXiFWNx4MDbSv3uWIwE9qJdiHnsibep1NFaAAlh7z+c
K7FkUcPF25cXkEZKkSIkVijkE+c3jBrXI2B+T/Z6M2toMCdzDms/uoy8Xa56REQ8
j8y6SbW5hS2GmSmfG9MG
=VvCC
-----END PGP SIGNATURE-----
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung