1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 5583-1] gst-plugins-bad1.0 security update

    From Moritz Muehlenhoff@21:1/5 to All on Thu Dec 21 20:40:01 2023
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5583-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff December 21, 2023 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : gst-plugins-bad1.0
    CVE ID : not yet available

    A buffer overflow was discovered in the AV1 video plugin for the
    GStreamer media framework, which may result in denial of service or
    potentially the execution of arbitrary code if a malformed media file
    is opened.

    The oldstable distribution (bullseye) is not affected.

    For the stable distribution (bookworm), this problem has been fixed in
    version 1.22.0-4+deb12u4.

    We recommend that you upgrade your gst-plugins-bad1.0 packages.

    For the detailed security status of gst-plugins-bad1.0 please refer to
    its security tracker page at: https://security-tracker.debian.org/tracker/gst-plugins-bad1.0

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmWEkCMACgkQEMKTtsN8 TjZOGQ/+P4p0HpeYQLjyb0UwvQ8XuLMd0BHI9AeBXAAvm2apCwIALqqTeMZ86YId XE/QiVqFccIMJ4GiyQyiSZLcS9py9RDLzw/y3pefi8n1gZdfLBJEvJtlYsPV0FD2 /a71aMG2hHqK2ez45mvsLJmGbanBaslC6cbJ5+/Y8psWBDq28VYEp3Zb5HnuHy2U 7lZIpZ1cQeChaE7ef+Qbnep6c8Lxyjf4fyBj2K5PqgsFuxqwCzzkPQDDA6A5AAUI DsdA27iTthBAOKjFJvh3TPuEdnFtMZghsYo0YU8OoJl47/gJhx36gFFivyudWYKN IHxOVbyNsmAphUDfwUyJUxKKbcFgx59AvTNSD2v2N7ulehYIN3GWjRgLtm30HX45 fPMhzoVQJHTBLmqtUviKc9pJPPV4bctt82p5iuCQ8DZHHImtYsJQbbBzzpjtv9DA zXRp/XyJoZwCLuIvwvcc0kYMo0E7CkGFHWfMJvVFmAkokc4N1bw3F/PEolhrlXwE Kx25Zif6HlX2QR7ReADL/fe9JdJqGYjLkq9KXHteg4VLpBx6cB+6Wcie76ONeA5C MWzancxEwMN2gSXymwB7gAtA3dKA2Dct34Gm0rdnRVR2Iafy4YyaIVbszUvHX5XB LHTHg0UNz7plbefH3kPBVCCz/G/AwHeK0DNusO8HNIwQAVZyV60=
    =6D0j
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)