Sicherheit: Zwei Probleme in GStreamer

Lesezeichen hinzufügen

--===============6516880461493427074==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="sm4nu43k4a2Rpi4c"
Content-Disposition: inline

--sm4nu43k4a2Rpi4c
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

==========================================================================
Ubuntu Security Notice USN-4928-1
April 28, 2021

gst-plugins-good1.0 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 20.10
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS

Summary:

Several security issues were fixed in GStreamer Plugins Good.

Software Description:
- gst-plugins-good1.0: GStreamer plugins

Details:

It was discovered that GStreamer Good Plugins incorrectly handled certain
files.
An attacker could possibly use this issue to cause access sensitive information
or cause a crash. (CVE-2021-3497)

It was discovered that GStreamer Good Plugins incorrectly handled certain
files.
An attacker could possibly use this issue to execute arbitrary code or cause
a crash. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and
Ubuntu
20.10. (CVE-2021-3498)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.10:
gstreamer1.0-plugins-good 1.18.0-1ubuntu1.1

Ubuntu 20.04 LTS:
gstreamer1.0-plugins-good 1.16.2-1ubuntu2.1

Ubuntu 18.04 LTS:
gstreamer1.0-plugins-good 1.14.5-0ubuntu1~18.04.2

Ubuntu 16.04 LTS:
gstreamer1.0-plugins-good 1.8.3-1ubuntu0.5

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-4928-1
CVE-2021-3497, CVE-2021-3498

Package Information:
https://launchpad.net/ubuntu/+source/gst-plugins-good1.0/1.18.0-1ubuntu1.1
https://launchpad.net/ubuntu/+source/gst-plugins-good1.0/1.16.2-1ubuntu2.1
https://launchpad.net/ubuntu/+source/gst-plugins-good1.0/1.14.5-0ubuntu1~18.04.2
https://launchpad.net/ubuntu/+source/gst-plugins-good1.0/1.8.3-1ubuntu0.5

--sm4nu43k4a2Rpi4c
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEf+ebRFcoyOoAQoOeRbznW4QLH2kFAmCJ4VQACgkQRbznW4QL
H2mirg/9HCp6RN19KQQ44NtGN2J9UCRJNIZ4ltK2ZBSqOlB4v6wbrhx+wPqqOoLY
RSLgjG6H/krqAHwLIV9HhW0mg8GtroQWwFyqOsZnLSoZm5KXv6HuJTLPdKHlfJUl
+cyMPMihlNIaHLLhAHoBJ0Gxkmncg9twLsJz1V09rihp8O3lqHnaGyi2jVnkWTT+
NIysvswBr127DNqTDAv3Boa6Ho6KPeSzI+rCZgUEi4yqJMn7u75Zv2ysUmFsB6Fu
qqqX6aDPdKGIbP6WBVJMEZfolYpSpjK2TAJtaww6eonTDEoMvygVx10SO8+jqnIs
17TZ+zgvAfSDqI4pyTjkHd6DMWJeFHxNZoseP1KbieRV0WM4A6gQnTW9SxTOPRrl
kDIF4kgi5pmMQGpcC8OPzZEQS5fyLicLT3dkccO9No4Cir8q+XgjyY4biZzRat24
LxXkztWecDfX8w5OOa2Gk08FL9KXKsMUxP+YZ9uzPB9FF/DKIOtWcuIjwOdp5re8
26zkJVtf6utH5aDScf6qGBcfP+HS2c3j8LQ9riuCRMY1SX8ZaatcETupkZl0PPGb
nL30/mllEvKUWag+P+MVPK/w7eRAekM9wOrQOYidoIPE60mBgNDbcqX1tngkLSyK
tr+JsZgP44Ky/aNmr36XY0FOy4BgprgMtwxTvDfD8gJWHZyXP3g=
=BVyz
-----END PGP SIGNATURE-----

--sm4nu43k4a2Rpi4c--

--===============6516880461493427074==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce