drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in GStreamer
Name: |
Ausführen beliebiger Kommandos in GStreamer |
|
ID: |
USN-6798-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.10, Ubuntu 24.04 LTS |
|
Datum: |
Mi, 29. Mai 2024, 23:42 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4453 |
|
Applikationen: |
GStreamer |
|
Originalnachricht |
--===============7386271141513556881== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="+QahgC5+KEYLbs62" Content-Disposition: inline
--+QahgC5+KEYLbs62 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
========================================================================== Ubuntu Security Notice USN-6798-1 May 29, 2024
gst-plugins-base1.0 vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 24.04 LTS - Ubuntu 23.10 - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS
Summary:
GStreamer Base Plugins could be made to crash or run programs as your login if it opened a specially crafted file.
Software Description: - gst-plugins-base1.0: GStreamer plugins
Details:
It was discovered that GStreamer Base Plugins incorrectly handled certain EXIF metadata. An attacker could possibly use this issue to execute arbitrary code or cause a crash.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 24.04 LTS gstreamer1.0-plugins-base 1.24.2-1ubuntu0.1
Ubuntu 23.10 gstreamer1.0-plugins-base 1.22.6-1ubuntu0.1
Ubuntu 22.04 LTS gstreamer1.0-plugins-base 1.20.1-1ubuntu0.2
Ubuntu 20.04 LTS gstreamer1.0-plugins-base 1.16.3-0ubuntu1.3
In general, a standard system update will make all the necessary changes.
References: https://ubuntu.com/security/notices/USN-6798-1 CVE-2024-4453
Package Information: https://launchpad.net/ubuntu/+source/gst-plugins-base1.0/1.24.2-1ubuntu0.1 https://launchpad.net/ubuntu/+source/gst-plugins-base1.0/1.22.6-1ubuntu0.1 https://launchpad.net/ubuntu/+source/gst-plugins-base1.0/1.20.1-1ubuntu0.2 https://launchpad.net/ubuntu/+source/gst-plugins-base1.0/1.16.3-0ubuntu1.3
--+QahgC5+KEYLbs62 Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEf+ebRFcoyOoAQoOeRbznW4QLH2kFAmZXZO4ACgkQRbznW4QL H2n64Q//dKv8vNY+RziRqihhfluCd9nLheDYyChJU0qdm3Ub94bSM6QpeSJ7USak QE95UN5Pa8HOM91G9F+1SqQGmXryPRKlD56q2IWItxzgs5578SficHG8CRxxvRSJ EkuSjRmPzb6B4O3cALIXqzgUmPOddTFdJ2nQIeYlCDsUf0uO0ZGHtNwWZMUpUC9s yLShnTergrpO2iyyTVEViYNpogcAZDTE5t5inWdAcpTVg11SRnmd75yWLzZgNlh0 TsA1gxp4yxFzsAbasg59Rwj8Tw6m1bvjLvRE/L5MJnwd4M4/z3dAgV+fgmepXNxB GRUD058tYLfyqK9WslT3VOs0/oLbRT+Gb2LBPX5flnlFfQBMuolwhbGxasZmGQPa qliN25l8mto0qQFH0WZcMyy3L3zsuT7Um/fUPw1VY1dl+s/+nzC0E0QaDpwE0Q4A rIFHYO9JC3FxUrtbARC2jZoLg+7GjSEld435sCC5Dfov91xQqvnjBB47tbx3ZnCi OkwKr72SzSPQ8rAKJ7RYYdyeJ8A/fXar81tf98EW7JSrQAUx2j7NHM2gps9DHP85 TEwOp2PUlvNtKNIp2oRrAvxerKintrkZoKT5uB0y7ciqHAVVQD8YtYnUV37Smncd J4FdToqFAdfKeu0qNdIH7TH1ynHoOvughAh6Xgt4TQWnrquyjW0= =Vts2 -----END PGP SIGNATURE-----
--+QahgC5+KEYLbs62--
--===============7386271141513556881== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
--===============7386271141513556881==--
|
|
|
|