drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in GStreamer
Name: |
Mehrere Probleme in GStreamer |
|
ID: |
USN-3244-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 12.04 LTS, Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 16.10 |
|
Datum: |
Di, 28. März 2017, 07:22 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5842
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5839
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5837
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5844
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9811 |
|
Applikationen: |
GStreamer |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============0167936448296305111== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="ExxWHWn5IJ2LJNb3fe9SJIMmgI6U4ctF3"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --ExxWHWn5IJ2LJNb3fe9SJIMmgI6U4ctF3 Content-Type: multipart/mixed; boundary="qWtxJlq62mH6BPHFbMjuJOfoKBlcg2Hkt" From: Marc Deslauriers <marc.deslauriers@canonical.com> Reply-To: Ubuntu Security <security@ubuntu.com> To: ubuntu-security-announce@lists.ubuntu.com Message-ID: <b2a7e0e8-3792-53da-2557-215a7caaa82d@canonical.com> Subject: [USN-3244-1] GStreamer Base Plugins vulnerabilities
--qWtxJlq62mH6BPHFbMjuJOfoKBlcg2Hkt Content-Type: text/plain; charset=utf- Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-3244-1 March 27, 2017
gst-plugins-base0.10, gst-plugins-base1.0 vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.10 - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS
Summary:
GStreamer Base Plugins could be made to crash if it opened a specially crafted file.
Software Description: - gst-plugins-base1.0: GStreamer Plugins - gst-plugins-base0.10: GStreamer Plugins
Details:
Hanno Böck discovered that GStreamer Base Plugins did not correctly handle certain malformed media files. If a user were tricked into opening a crafted media file with a GStreamer application, an attacker could cause a denial of service via application crash.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.10: gstreamer1.0-plugins-base 1.8.3-1ubuntu1.1
Ubuntu 16.04 LTS: gstreamer1.0-plugins-base 1.8.3-1ubuntu0.2
Ubuntu 14.04 LTS: gstreamer0.10-plugins-base 0.10.36-1.1ubuntu2.1 gstreamer1.0-plugins-base 1.2.4-1~ubuntu2.1
Ubuntu 12.04 LTS: gstreamer0.10-plugins-base 0.10.36-1ubuntu0.2
In general, a standard system update will make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-3244-1 CVE-2016-9811, CVE-2017-5837, CVE-2017-5839, CVE-2017-5842, CVE-2017-5844
Package Information: https://launchpad.net/ubuntu/+source/gst-plugins-base1.0/1.8.3-1ubuntu1.1 https://launchpad.net/ubuntu/+source/gst-plugins-base1.0/1.8.3-1ubuntu0.2 https://launchpad.net/ubuntu/+source/gst-plugins-base0.10/0.10.36-1.1ubuntu2.1 https://launchpad.net/ubuntu/+source/gst-plugins-base1.0/1.2.4-1~ubuntu2.1 https://launchpad.net/ubuntu/+source/gst-plugins-base0.10/0.10.36-1ubuntu0.2
--qWtxJlq62mH6BPHFbMjuJOfoKBlcg2Hkt--
--ExxWHWn5IJ2LJNb3fe9SJIMmgI6U4ctF3 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2
iQIcBAEBCgAGBQJY2VY7AAoJEGVp2FWnRL6TRscP/26XYkQQowhj5Z1yp7Qpk4BU xFJnbBwkzUPxYGZDyXCar43w+m9UWnVef5ucqtlnl72SvlWOkbfh+35ZtGH4UFIh g+juMhjHiDySTrPJphzRzLf4Hsm84TcjrQ1B+8o7ProNeyxroaep1VRLLkeJ3pay TU+oQYoTVU394eM0pbSEFUvtNmzFKs6LJnEHqckk0hD7kJ2ZpxOoedk1eY8kjVbu 7TBkMlOjoUrudPhsj6wau97+rJg7rjAKQ6Lh9q47dH4IC4qoc4/KrU4jx9dVXqNF Pr8/pMpccgZlxRiNjmGruVVX+KLLnv9CDioH2k2NRx8tuxVAVZO1T4lDO8XXSbry qJjhNO7Sw+RzK47h5QGUcWl2YNqonY//JIFn0rW/lN6folGygUM1rZhAuDG+P6n1 2E4uYWBada6zlPpPOBhafkfVyGlJcIbDAbLAdPw010YRyNAJWBgaMx2IlBtf3R8I g8ntoorgpAe9kt0cN2kS/SOqd0Mv66kGhHOqlZzWezeBbvQcAs3zW3izilKrb1mB UfQw5/L65qkJOleo3TGSoBzDSgT6hAtmHCwFGwxGNCfHtX/v4yY7Zoa4nS3f85eL cbElAUx7Cp0iJaZcaJKONW5j+k4lOPMkH6tje4ngqeNHd4/3oFP0m4Kh+mWDR6r+ lw8vpAfNpiEgBIKIZ9MJ =HGN4 -----END PGP SIGNATURE-----
--ExxWHWn5IJ2LJNb3fe9SJIMmgI6U4ctF3--
--===============0167936448296305111== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============0167936448296305111==--
|
|
|
|