it-securitynotifies AT lists.piratenpartei.de
Betreff: Sicherheitsankündigungen
Listenarchiv
- From: Moritz Muehlenhoff <jmm AT debian.org>
- To: debian-security-announce AT lists.debian.org
- Subject: [IT-SecNots] [SECURITY] [DSA 5476-1] gst-plugins-ugly1.0 security update
- Date: Sat, 12 Aug 2023 19:07:13 +0000
- Authentication-results: mail.piratenpartei.de; dkim=none; spf=none (mail.piratenpartei.de: domain of "bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org" has no SPF policy when checking 82.195.75.100) smtp.mailfrom="bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org"; dmarc=none
- List-archive: https://lists.debian.org/msgid-search/ZNfYYSc0yu7fcX4j AT seger.debian.org
- List-id: <debian-security-announce.lists.debian.org>
- List-url: <http://lists.debian.org/debian-security-announce/>
- Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From:Date :Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=IsNfjnN5Y7WNr8zclQNKWXo6p7hIBuqY2es4XC1dFHo=; b=rI 8PGptSpv67nxRCpXUCjzSxPzpaHxvGB01UK1bOCDQK+xvjhz6n3OVSZrbzkcI3h6qeGBZ2d0QoWFu i+Ab61NmzXSN0gadvapeB9teGx75Ccb6Ry2uO7egGun3tZFaMjfdoxwPgmXqBxurQiZuIy+Tqur9f 2oJYzeW70khU0xR1+8lsExi92mOL9uiw6x2qOccOBrTUTah0GY2BhLUzgXxbwTGac+eP8O35dwOsT AWtb4918LwWeEPdDr+sMFzTZ6OsSweJxgVY/CwaJ4SenDu9XMpT999iX8N3LETBnG8t/YOV5yrdpZ Yur00h4XGqSEvsMpR9Mz3yUlg21HEiIg==;
- Old-return-path: <jmm AT seger.debian.org>
- Priority: urgent
- Resent-date: Sat, 12 Aug 2023 19:07:36 +0000 (UTC)
- Resent-from: debian-security-announce AT lists.debian.org
- Resent-message-id: <5_L9bBK6KO.A.l6D.4h91kB@bendel>
- Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-5476-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
August 12, 2023 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : gst-plugins-ugly1.0
CVE ID : not yet available
Multiple vulnerabilities were discovered in the RealMedia demuxers for
the GStreamer media framework, which may result in denial of service or
potentially the execution of arbitrary code if a malformed media file
is opened.
For the oldstable distribution (bullseye), this problem has been fixed
in version 1.18.4-2+deb11u1.
For the stable distribution (bookworm), this problem has been fixed in
version 1.22.0-2+deb12u1.
We recommend that you upgrade your gst-plugins-ugly1.0 packages.
For the detailed security status of gst-plugins-ugly1.0 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/gst-plugins-ugly1.0
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmTX2D0ACgkQEMKTtsN8
TjbwIg//RuPTY1bmSNq9PRwNGDaunfEvlVTVsl+BCQmCkdyOOjyrc+87nDqdl2vD
4v4QMYO1mNgf+uBI5cGi6qMTgwLqz5OP1m4ayIZmuLh70jx8T9igt7tr98O86zd5
T5nBK++juQoZ0+1RG9YR8hATrtrZwETYWVHlSro0JMmcfvxw1gn/yT2gqEaT6N7k
0rcUPWXh7H9H2ef7m6saewIQ0Qyvrnz9PULGnX8bJ0q1H7WWpsnCpBIXQFKpc6Gl
VKovdTkLnxHOqTygNkCv1PYFktv8TbtMhMzvrbsB1lFh1oM5DF6K7KtpyY8uHJsa
fMdKBY0nmtnyOxfMsmSJ8B/pG/hC+/xpvkiapfFsL2wNQqXbyK/PaCip0kgcWrAe
jxJb+yGXIk5PeQK+mUuv/gRQOl+SlN6XeB4O/F22iGgOs1x7alhhd8wmnVkmn8iB
fNr7thYgX7k1RJju5TqiCSuWg4okbOwyrLMAhlloN/hERx+wu2FNxbTHk9h+cdtM
pHMq66Fyd6u8eIhqFyvpcCRaaRhgZKTXOXGB9snvQGYYmKfCd6hOsXzqUwFIT5dG
KxbKPOM33W8p3LkzUFXIQqn06v1+O9kRPxca+fTureibTsws7Xy/UKhVBulAuAfC
fY9GN2BhtKpBPVdR09upElAAvEU0l/O5Ly36lYc4tdVtsg2PLd8=
=Bu6f
-----END PGP SIGNATURE-----
- [IT-SecNots] [SECURITY] [DSA 5476-1] gst-plugins-ugly1.0 security update, Moritz Muehlenhoff, 12.08.2023
Archiv bereitgestellt durch MHonArc 2.6.24.