it-securitynotifies AT lists.piratenpartei.de
Betreff: Sicherheitsankündigungen
Listenarchiv
- From: Moritz Muehlenhoff <jmm AT debian.org>
- To: debian-security-announce AT lists.debian.org
- Subject: [IT-SecNots] [SECURITY] [DSA 5831-1] gst-plugins-base1.0 security update
- Date: Sat, 14 Dec 2024 19:12:42 +0000
- Authentication-results: lists.piratenpartei.de; dkim=none; spf=none (lists.piratenpartei.de: domain of "bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org" has no SPF policy when checking 2001:41b8:202:deb:216:36ff:fe40:4002) smtp.mailfrom="bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org"; dmarc=none
- List-archive: https://lists.debian.org/msgid-search/Z13Yqi30b42goRq8 AT seger.debian.org
- List-id: <debian-security-announce.lists.debian.org>
- List-url: <http://lists.debian.org/debian-security-announce/>
- Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From:Date :Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=iefokmuBJg2U2OjQ43+dpyndLB8LMUS7bCCsPwavZHM=; b=Zg 0eEEcrCaTL+k5ImuP/cmCdmbal9Fp1Sxd7LD/E8ABRG/36DiuvukEOqrX1/Z3d71bzHiVhC2z4w4N N5GziStI1iJjH7BjyZKHD1V95qIBXan6+xWDPEYr70CJ45U2aPxCWCMB/juKFCKy2y/G9ttpuca3Q 9EL6EL+aPYT61GzZ99j9VeI3HBJrc660XFbCrTcfSV+xO0IioD0XRGOA1DJrdLtrcfsTElgKZPM5k ebMz6SPGqGTckcI5AlHeEz/+HdNmKL+RTy1O1B9CUXCrOByjttsSxxBTKGf167nSsFBASZhByRWPA VMEDHh7KOiVifRA+ty7C5shbntKBuE2w==;
- Old-return-path: <jmm AT seger.debian.org>
- Priority: urgent
- Resent-date: Sat, 14 Dec 2024 19:13:03 +0000 (UTC)
- Resent-from: debian-security-announce AT lists.debian.org
- Resent-message-id: <1KOmq4pIdzL.A.VNCN._idXnB@bendel>
- Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-5831-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
December 14, 2024 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : gst-plugins-base1.0
CVE ID : CVE-2024-47538 CVE-2024-47541 CVE-2024-47600
CVE-2024-47607 CVE-2024-47615 CVE-2024-47835
Multiple multiple vulnerabilities were discovered in plugins for the
GStreamer media framework and its codecs and demuxers, which may result
in denial of service or potentially the execution of arbitrary code if
a malformed media file is opened.
For the stable distribution (bookworm), these problems have been fixed in
version 1.22.0-3+deb12u3.
We recommend that you upgrade your gst-plugins-base1.0 packages.
For the detailed security status of gst-plugins-base1.0 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/gst-plugins-base1.0
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmdd2HEACgkQEMKTtsN8
TjZTrQ//SGWQwC1bdGVNIia2ApiNK3dqEONlLzbiJahaRlY0hG8lbGeu0SqnY3WG
uc0q6RDqRTAdvz7vxgo2J+mC8w+gBMQCe88xEh3nc7khNy6rAOB31eP3M/82vqja
QotwDR+TnLBSXsAauxUUVcxKbe3GmWXHvGHOrqdocjbztIzQBH2IbtcI5L58HRDR
ESdDYBQfcsXGL7WpShO8/wn4Atptqt3ZuTIqw8VdoK0aA1/aeOe6skHaYv/5JGG8
XnulaCChewxrpLgcUSvcH4/LEQ/PnxAOoPfbrvIqwoeU6zL8u3F8zzD3QqtOc4mj
XGYoWooL7PYlO2GyA9DvyVCsLKhsWHThV/9S62rtAL+cYCrcti5BtPlaUIkRybgO
3eWAwEEiAmT+1ORO6svuV7AEN7V3aKnJiE7lYGWkiC6/dyr2apMGqBl7kQ/Nmciq
0eHDXkLh4AO4W4BY+Vmm42eHve5nnppuQDuVMSCSXbKTQG90u31bmxFmeSk3ECSW
k/ibQ3MLbxL1WfIvy3BL3qGdnxBHxWzSsbaAEdqXzVjG6dlmt3SHpxHE+rQ+DB6e
rnjvFtDlwASeOg9I/VI6CPnNrPLRrh0pDz8bhQWVwdl4mblCIubux1WZmosWNomo
/cSib//wGlnLpYvzbplvsawTM4IU0SeNORZsP2j619GrvWkEoKE=
=04kk
-----END PGP SIGNATURE-----
- [IT-SecNots] [SECURITY] [DSA 5831-1] gst-plugins-base1.0 security update, Moritz Muehlenhoff, 14.12.2024
Archiv bereitgestellt durch MHonArc 2.6.19+.