Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] [SECURITY] [DSA 5838-1] gst-plugins-good1.0 security update

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 5838-1] gst-plugins-good1.0 security update


Chronologisch Thread  
    < Chronologisch >       < Thread >
  • From: Salvatore Bonaccorso <carnil AT debian.org>
  • To: debian-security-announce AT lists.debian.org
  • Subject: [IT-SecNots] [SECURITY] [DSA 5838-1] gst-plugins-good1.0 security update
  • Date: Sun, 29 Dec 2024 15:26:41 +0000
  • Authentication-results: lists.piratenpartei.de; dkim=none; spf=none (lists.piratenpartei.de: domain of "bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org" has no SPF policy when checking 2001:41b8:202:deb:216:36ff:fe40:4002) smtp.mailfrom="bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org"; dmarc=none
  • List-archive: https://lists.debian.org/msgid-search/E1tRvBh-004kGr-53 AT seger.debian.org
  • List-id: <debian-security-announce.lists.debian.org>
  • List-url: <http://lists.debian.org/debian-security-announce/>
  • Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Date:Message-Id:Subject:To:From:Reply-To:Cc:MIME-Version: Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=ejIA6MQVDUd00/qJ2dVvqaPwcCsR6nq9zmVyAx0ixfQ=; b=pg kITsSIguGPHB64agLpjgJApJGT3AXDmzrcp25zH1sg7zmSkUDp0J3rwPpzK0laAQvv1pCw10LXHPD Knpi7SJwE3VPP6jNwJgL8/g4VPn7E34tgKJYtTHaCTNveGAcRkC1eGOR9k7asEI3wEZYiNtHXLld2 0yYbV+iGkwBIiWHw7xeid2ELXOBghNOZcihaLANhdkW3q4MPEHGyZIv+RAoTDgdyFc6kJstXdvRtE Kg40o3KeJsdjuSQuoLgaLQCAqprPNrKvXmKv8K0WOQw7P7eKVQ/5AfgcbTtWjRzJMaiAC6xdMuoQX eLo3Yk7o+iWAQKU6KnS0fXQaHyklEogQ==;
  • Old-return-path: <carnil AT seger.debian.org>
  • Priority: urgent
  • Resent-date: Sun, 29 Dec 2024 15:27:02 +0000 (UTC)
  • Resent-from: debian-security-announce AT lists.debian.org
  • Resent-message-id: <FxkjD-82eIM.A.Yw2G.GpWcnB@bendel>
  • Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5838-1 security AT debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
December 29, 2024 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : gst-plugins-good1.0
CVE ID : CVE-2024-47537 CVE-2024-47539 CVE-2024-47540 CVE-2024-47543
CVE-2024-47544 CVE-2024-47545 CVE-2024-47546 CVE-2024-47596
CVE-2024-47597 CVE-2024-47598 CVE-2024-47599 CVE-2024-47601
CVE-2024-47602 CVE-2024-47603 CVE-2024-47606 CVE-2024-47613
CVE-2024-47774 CVE-2024-47775 CVE-2024-47776 CVE-2024-47777
CVE-2024-47778 CVE-2024-47834

Multiple vulnerabilities were discovered in plugins for the GStreamer
media framework and its codecs and demuxers, which may result in denial
of service or potentially the execution of arbitrary code if a malformed
media file is opened.

For the stable distribution (bookworm), these problems have been fixed in
version 1.22.0-5+deb12u2.

We recommend that you upgrade your gst-plugins-good1.0 packages.

For the detailed security status of gst-plugins-good1.0 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/gst-plugins-good1.0

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmdxagdfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0SenhAAjN0+brtUrgM1yPzovrZ3liOBb8QunZ1eSd1gOibK2qfzRGSJy5iMWui3
mAkbYvRJ2B9IWylP+jb3ELcZu1hS1QLcBvMhvRXhmzyusfDcxIuyDfMSdb4EJVzs
yP2zwS86gkGNEqgvrhLZ0S+RgDc/T4aqBBCf5g68CHe/OWdWWnsuQvzyUXct9aX+
39T60CAvfSAbaONcW/qNF5M4MIrwxhefOl/AeO5WOeYFdbLvjali4bKtPDIfaMaw
daJIrwxcsUIXt7IcF/wq12zWOvJiCLPuFCSBRwnoKFpCbZqGBggKlKfakohOAHn5
pm7z+HP53TL0y4u/0v22F2wtujkLOeENTDLQfm/uSGzcvkNC2qr4P0OM6Z1rH6Mr
rqlDhcxQViq8Knph349dtSogbfQrc6Sxr6+3uOg8G08aCr6l9dlNtlz1fnFFujMV
hIaAwDfrMKU+59bPrPTG5WlUE3M3I4T8pZdWfAMVunjiro9ja1SfN10AAHSvZSwA
SjSzS0IM8XyKTpjP4NPk1Od9IsUNqS28rtxpoycFvFs57OhlkSvbMZCgATu/FpJr
PuN5dcMUjHBmdKIY8WYOKyUwitzxqUHD5+v7hOpR2zakIVESqIts9d2P4lZBQ9bD
xruHSrSKkCJxgFEOuGoIGdx6Wfuc8fELEIZGsCM0ViFCGNXXJf0=
=TgaX
-----END PGP SIGNATURE-----


  • [IT-SecNots] [SECURITY] [DSA 5838-1] gst-plugins-good1.0 security update, Salvatore Bonaccorso, 29.12.2024

Archiv bereitgestellt durch MHonArc 2.6.19+.

Seitenanfang