Mehrere Probleme in gst-plugins-base1.0
ID: | DSA-3819-1 |
Distribution: | Debian |
Plattformen: | Debian sid, Debian jessie |
Datum: | Di, 28. März 2017, 07:27 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5837
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5842 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5839 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9811 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5844 |
Applikationen: | GStreamer Base Plug-ins |
Originalnachricht |
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3819-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff March 27, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : gst-plugins-base1.0 CVE ID : CVE-2016-9811 CVE-2017-5837 CVE-2017-5839 CVE-2017-5842 CVE-2017-5844 Hanno Boeck discovered multiple vulnerabilities in the GStreamer media framework and its codecs and demuxers, which may result in denial of service or the execution of arbitrary code if a malformed media file is opened. For the stable distribution (jessie), these problems have been fixed in version 1.4.4-2+deb8u1. For the upcoming stable distribution (stretch), these problems have been fixed in version 1.10.4-1. For the unstable distribution (sid), these problems have been fixed in version 1.10.4-1. We recommend that you upgrade your gst-plugins-base1.0 packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAljZeU4ACgkQEMKTtsN8 TjaMHBAAlW7taQZX5QmMN2wvpYRqfGKnTDTHYldqqDPtE6yMt50AqBkG7sg0xgMd X93ekmXe840y23g4aElM4pXvBgLJJKhpqddqf67YRlHbhNkTs+NNydYE3Wuhk3tf sHA/SEWr0hwFEl6aw39P3i26W2txemc3siJVlUtqtxluyBXQVsYMoI8BupZAPG+Y LRBq0Oob1r801yt3vcBcXAVv9grFLFFFf6IWnSAeMcyZmZnpLozIgu1UpjT2ABgq qkqfLOd6G0k5Jr+leEekV9UkAivUuiIhmE0w7pEjDsrw+NAeLsO0SIcbiHy5p79n 6RzZDDjSeure1dZkAYdsdQDsFZpYfg+nfnsBFK5Z8ZxqXNT1Eko+S62XvoM4IFfz VmGBSZsTGnBSzc0E0/Thgw+gu9X6uz0hin63QS4cunZdS6V89+ep0r6NxPl9cSTp OmEmUjkRDMCjfixNRQ11YLXqZGvMqSuX5YwKraCdv5xEtxpj/lmZ5uOFUuXl9lwA EcAqkubVbN28XchLGjwfgTWb4P2WC26LtLTvPXUgZ4vSecwh08a+TuOMxXhjX2QY qRq+f/palIPB0j90l1wywLa1tgXh/1nMihctAw3JlDRSFp1QCN/kpaNpHKUCsBG4 Pnr7oBqUCPXQBymKE3VtXxH8nI5jJOfUK4ylj0zjTlqIHFbOncs= =a6+v -----END PGP SIGNATURE----- |