Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] [SECURITY] [DSA 5204-1] gst-plugins-good1.0 security update

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 5204-1] gst-plugins-good1.0 security update


Chronologisch Thread  
  • From: Moritz Muehlenhoff <jmm AT debian.org>
  • To: debian-security-announce AT lists.debian.org
  • Subject: [IT-SecNots] [SECURITY] [DSA 5204-1] gst-plugins-good1.0 security update
  • Date: Tue, 9 Aug 2022 19:19:23 +0000
  • Authentication-results: mail.piratenpartei.de; dkim=none; dmarc=none; spf=none (mail.piratenpartei.de: domain of "bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org" has no SPF policy when checking 82.195.75.100) smtp.mailfrom="bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org"
  • List-archive: https://lists.debian.org/msgid-search/20220809191923.GA17878 AT seger.debian.org
  • List-id: <debian-security-announce.lists.debian.org>
  • List-url: <http://lists.debian.org/debian-security-announce/>
  • Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From: Date:Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=6SZS11HXdPbqDp/CcdD2vn6zERcGxkshLu1mfZaekp4=; b=o4 d4EPdE91e+o2VHGBmmy5Y90OGqNpqHprGSE4kZRGBTYkSta1Pk+U1biqFtpwSOICpfHnmgV2A7HXS muzO7jchlnHT55hYO1KMhXicA0hS5/iqwDlRqzL1pTHYpsri5Njm+R4Tdl8aEQxA1ohDSpJNnsgML INYWQ6X18b0OSd7fZZK4izWbJeeNCAwyd8yyJcTVNn5fWdX0OU3CQ6KoM1+6SPmroesnTMYTeWvsX 8xn9V5FP0msbHaj4LfpUXMAKUufhj2hqinBYvyGURZzQFIO/gL5PBLxisv6zJG1DrF+6sntRwbVbP A3u72ZmiyMdK9yEmZiKwXIg0eeZwwapg==;
  • Old-return-path: <jmm AT seger.debian.org>
  • Priority: urgent
  • Resent-date: Tue, 9 Aug 2022 19:19:44 +0000 (UTC)
  • Resent-from: debian-security-announce AT lists.debian.org
  • Resent-message-id: <MSu7-6r6a_C.A.pOG.QNr8iB@bendel>
  • Resent-sender: debian-security-announce-request AT lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5204-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
August 09, 2022 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : gst-plugins-good1.0
CVE ID : CVE-2022-1920 CVE-2022-1921 CVE-2022-1922 CVE-2022-1923
CVE-2022-1924 CVE-2022-1925 CVE-2022-2122

Adam Doupe discovered multiple vulnerabilities in the Gstreamer plugins
to demux Mastroska and AVI files which could result in denial of service
or the execution of arbitrary code.

For the stable distribution (bullseye), these problems have been fixed in
version 1.18.4-2+deb11u1.

We recommend that you upgrade your gst-plugins-good1.0 packages.

For the detailed security status of gst-plugins-good1.0 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/gst-plugins-good1.0

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmLysv4ACgkQEMKTtsN8
TjbQ6Q//deQ/E455HEm5jW/IBLsCytvD4d6/mlsKvAuia4b4h6F2d37thjkZ8Cjd
zAUBXifep5FT+M4u0P2ig16kvallnhoPiMlFguqx84yigYFhzeDLv1VK3keGTVdv
1Bo+wrDnQeU+ASErCKMbGYevWP+l908FFZ1xq0EFvtmDZuuCS0kcU4ba0LR4wBXy
1opLeYXSlrnnNddXEdW45Xv0NHF/Opx52edEDH2VbOhleVP88SKy0HRq2hc4Qmec
HsP4uhEwA9+ZOoJaKK80c+3Nbr53L5/hm52bHMNWKwX+GIvMzXafoI5LxdkaF0sz
35h21ahMSMGPgg5IUXYfuWBjN2cwXF/ICHdLoa5q/zLBXs48kU7A3kGVVm0TNWek
NfjJjpcP2/5f36pPRW65HJHcym/jMpMCG8Mru+ra4zu0ixOyKL0h6xIl5g6QZtGz
6PZze9EZ05Wxa2RRr8mA9gal4pWWXTiy1lEczTspohK5tN+WD60r0fRhlGZqrFNy
yL/BKSBmZiUOhx3q8WOs5xlhddX9gE9WN+tCZLK2l0sd8b3F6xA+QcPom7UTNCtd
PvwI25U2YnudZlssVjEKfT7umrwdaadhvC9MHM1gnCMr8yfkFr+Hc5YIKFxPl6mI
gXX1tlWOG3rA9wF6YTFkcr0ldKQqk19aorwGy+WtNg3cDCDNyGM=
=nLED
-----END PGP SIGNATURE-----



  • [IT-SecNots] [SECURITY] [DSA 5204-1] gst-plugins-good1.0 security update, Moritz Muehlenhoff, 09.08.2022

Archiv bereitgestellt durch MHonArc 2.6.24.

Seitenanfang