drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in GStreamer Plugins und GStreamer
Name: |
Mehrere Probleme in GStreamer Plugins und GStreamer |
|
ID: |
202406-06 |
|
Distribution: |
Gentoo |
|
Plattformen: |
Keine Angabe |
|
Datum: |
Sa, 29. Juni 2024, 21:42 |
|
Referenzen: |
https://nvd.nist.gov/vuln/detail/CVE-2023-44429
https://nvd.nist.gov/vuln/detail/CVE-2023-40476
https://nvd.nist.gov/vuln/detail/CVE-2023-40475
https://nvd.nist.gov/vuln/detail/CVE-2023-44446
https://nvd.nist.gov/vuln/detail/CVE-2023-40474 |
|
Applikationen: |
GStreamer Plugins, GStreamer |
|
Originalnachricht |
--===============0718501641293425653== Content-Type: text/plain; charset="utf-8"
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202406-06 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High Title: GStreamer, GStreamer Plugins: Multiple Vulnerabilities Date: June 28, 2024 Bugs: #917791, #918095 ID: 202406-06
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis ========
Multiple vulnerabilities have been discovered in GStreamer and GStreamer Plugins, the worst of which could lead to code execution.
Background ==========
GStreamer is an open source multimedia framework.
Affected packages =================
Package Vulnerable Unaffected -------------------------- ------------ ------------- media-libs/gst-plugins-bad < 1.22.11-r1 >= 1.22.11-r1 media-libs/gstreamer < 1.22.11 >= 1.22.11
Description ===========
Multiple vulnerabilities have been discovered in GStreamer, GStreamer Plugins. Please review the CVE identifiers referenced below for details.
Impact ======
Please review the referenced CVE identifiers for details.
Workaround ==========
There is no known workaround at this time.
Resolution ==========
All GStreamer, GStreamer Plugins users should upgrade to the latest versions:
# emerge --sync # emerge --ask --oneshot --verbose ">=media-libs/gstreamer-1.22.11" ">=media-libs/gst-plugins-bad-1.22.11-r1"
References ==========
[ 1 ] CVE-2023-40474 https://nvd.nist.gov/vuln/detail/CVE-2023-40474 [ 2 ] CVE-2023-40475 https://nvd.nist.gov/vuln/detail/CVE-2023-40475 [ 3 ] CVE-2023-40476 https://nvd.nist.gov/vuln/detail/CVE-2023-40476 [ 4 ] CVE-2023-44429 https://nvd.nist.gov/vuln/detail/CVE-2023-44429 [ 5 ] CVE-2023-44446 https://nvd.nist.gov/vuln/detail/CVE-2023-44446 [ 6 ] ZDI-CAN-21660 [ 7 ] ZDI-CAN-21661 [ 8 ] ZDI-CAN-21768 [ 9 ] ZDI-CAN-22226 [ 10 ] ZDI-CAN-22299
Availability ============
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202406-06
Concerns? =========
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License =======
Copyright 2024 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5 --===============0718501641293425653== Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEpqTA6ABLMxh/aChGFMQkOaVy+9kFAmZ+RX8ACgkQFMQkOaVy +9l52A//VFNblNRsC74jWsTL7/4jo0LsXjxb1i+OQmo+RXEWGhwrGsWvPhKvLZV9 oFWoZ29g953KrwhgAJLjVRbqGNba3X7YsDSn9qScqU5V6W4EbSLTg254vkZSYWJE k0A1QSNhW/FAxag/Iw0uryWS80foiF94L4gxgBeemKd72tgZNODOODN9HgROnvuM TcQSTM74/SP1qIrYCgoLDAUTtOlduYpuDK+0LRSxANN81r/vhwkF297EH6cryoh5 fCszSowDMkv6DFDUSdNIcO4QjJipWQSXwBAKhuZbyKVgyPd/hBlqtu+3eeJUSiaE i5j64wTBdPsGW5//rey1xFa51LIK3F+M4VIjgksGd/QHWndYOhEE3lOD0/fRmJy4 SbZ1p0V6Xxn8fJDDOJJ8EJhJXCy1yefi9XSnxUDK1Be6JUkC9vdtfCMFH9J4u8Dq gN+bHYFBZVQh3nvBhj41OfZbZIPBqF8VnwlvmvAGtCjxTVnQRQKWizra4JIA/Asc sS3TuW4cqJqPL82321aM4Z5mkeAGbpqtLplnUbVUdTSa4B3iixYKns44K7+0Ycer hK4Xih9Zv3B2vH6hPxKsd15cPqULWS2QIxg4HEZaX5+tsyOt1NCDw9nKq0A8EqFN aIa73YbIAuoNunXEDACULj65joExOtKSOByfX36euo9nFkSFvsU= =2v5f -----END PGP SIGNATURE-----
--===============0718501641293425653==--
|
|
|
|