Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] [SECURITY] [DSA 5832-1] gstreamer1.0 security update

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 5832-1] gstreamer1.0 security update


Chronologisch Thread  
    < Chronologisch >       < Thread >
  • From: Salvatore Bonaccorso <carnil AT debian.org>
  • To: debian-security-announce AT lists.debian.org
  • Subject: [IT-SecNots] [SECURITY] [DSA 5832-1] gstreamer1.0 security update
  • Date: Mon, 16 Dec 2024 17:04:40 +0000
  • Authentication-results: lists.piratenpartei.de; dkim=none; spf=none (lists.piratenpartei.de: domain of "bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org" has no SPF policy when checking 2001:41b8:202:deb:216:36ff:fe40:4002) smtp.mailfrom="bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org"; dmarc=none
  • List-archive: https://lists.debian.org/msgid-search/E1tNEWO-00HKhA-Jk AT seger.debian.org
  • List-id: <debian-security-announce.lists.debian.org>
  • List-url: <http://lists.debian.org/debian-security-announce/>
  • Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Date:Message-Id:Subject:To:From:Reply-To:Cc:MIME-Version: Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=Sm2j2okSOf1jQCOFP2Mj/IhzRBKuOAyPyEDTpz0ESD8=; b=Oe 4O6kT/LXXC7sZKIHRbT6hn24In4vuH29HWQ3Wj/gJ5u/itl+wwjruG9HkR9w2F0RL9a4JEZyntDxZ 2gGmBs6Qn9K8IKUfn6hJc5wPXxIvwns86IV5VXyHJLFU0wg4ozz8LOpat6smwApUxpIwkTBR3xmFv yeAtdOTVL7BTI+tU7DKhIfPVewZWLZYszVqF1NeB+/WuWXe+wjpf2bzhHpHaI82jqkc9XsL6OcWGj 2mtrut5p3Mf4t8wga98rktTNtaTd6rotpEW2/42R1wcFKf/8LJZ+/1ZwBGvbFhmFklUrrYzeudDOh ZAJ131DSanWrBx/3Zt11pP7yHYzSsc1g==;
  • Old-return-path: <carnil AT seger.debian.org>
  • Priority: urgent
  • Resent-date: Mon, 16 Dec 2024 17:05:04 +0000 (UTC)
  • Resent-from: debian-security-announce AT lists.debian.org
  • Resent-message-id: <PzmJ_EJs7Q.A.Q1VD.A3FYnB@bendel>
  • Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5832-1 security AT debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
December 16, 2024 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : gstreamer1.0
CVE ID : CVE-2024-47606

Antonio Morales reported an integer overflow vulnerability in the memory
allocator in the Core GStreamer libraries, which may result in denial of
service or potentially the execution of arbitrary code if a malformed
media file is processed.

For the stable distribution (bookworm), this problem has been fixed in
version 1.22.0-2+deb12u1.

We recommend that you upgrade your gstreamer1.0 packages.

For the detailed security status of gstreamer1.0 please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/gstreamer1.0

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmdgXTJfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0THQg/+LPHyqH/H3o26N1DD/ENPemJdmCdoSqT9zSuprpRAYfJBHus2FBm2lPn/
ra0T5Jjr5s2h76bzZS6K3CvGuf/iFAsPpymsPzyleccniCiCN71V9soEx1Tw5ciJ
k6bE3Fg4efyWaDFyBMbYdNTTr2aamLAWdRoFk3Y7Ij+w5IMSlTSh1m9aUbOEGngC
aiVLM9DHScs4DjRcbBRcxRF3Qk9Dq4Rx7oIZLqdV/crW1x9L0WjOi15KJueRi2kj
BCdsEd0SUXRxFQ+xNJlrDFGxBGxjjktMyXvVzzC55jeRC3qMzAQ8ly32BTqdcBgn
3hO0p1wbYjXb0lHuV2VqClrutQjD8gbJj/Y8LmmzlBIvKd7D3ZoFFOI3S8baeewu
p06fnzvvjjeIWZ+2Uh/BXeSb0606L2Rum0Bhc22mkwbWCDHmvBaQ6+r0vsZzXsVz
Y4gGRZ/8uQWeYilM/WiRDRdWADdaRK436BHKW8Ta62ptuHqyxECcuUeck2ZD5C1Y
yQWkik7vaFm061Qold5s1pj/2BE1Jcq1XTBba0uUdyb85j01miceWBifTmKOfxBo
WOXY3x5cneoRQWcOrqHZ1llf8CMC6lMnyoT1uDd0+G1mjmIw/zylNEX7DX6J66FA
GxZggfQDM46W2WgGKdHSZFH5w+al7BVFuq5xN1Ys4mPy8DRnkxw=
=zNVC
-----END PGP SIGNATURE-----


  • [IT-SecNots] [SECURITY] [DSA 5832-1] gstreamer1.0 security update, Salvatore Bonaccorso, 16.12.2024

Archiv bereitgestellt durch MHonArc 2.6.19+.

Seitenanfang