[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DSA 5204-1] gst-plugins-good1.0 security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5204-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
August 09, 2022                       https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : gst-plugins-good1.0
CVE ID         : CVE-2022-1920 CVE-2022-1921 CVE-2022-1922 CVE-2022-1923 
                 CVE-2022-1924 CVE-2022-1925 CVE-2022-2122

Adam Doupe discovered multiple vulnerabilities in the Gstreamer plugins
to demux Mastroska and AVI files which could result in denial of service
or the execution of arbitrary code.

For the stable distribution (bullseye), these problems have been fixed in
version 1.18.4-2+deb11u1.

We recommend that you upgrade your gst-plugins-good1.0 packages.

For the detailed security status of gst-plugins-good1.0 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/gst-plugins-good1.0

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmLysv4ACgkQEMKTtsN8
TjbQ6Q//deQ/E455HEm5jW/IBLsCytvD4d6/mlsKvAuia4b4h6F2d37thjkZ8Cjd
zAUBXifep5FT+M4u0P2ig16kvallnhoPiMlFguqx84yigYFhzeDLv1VK3keGTVdv
1Bo+wrDnQeU+ASErCKMbGYevWP+l908FFZ1xq0EFvtmDZuuCS0kcU4ba0LR4wBXy
1opLeYXSlrnnNddXEdW45Xv0NHF/Opx52edEDH2VbOhleVP88SKy0HRq2hc4Qmec
HsP4uhEwA9+ZOoJaKK80c+3Nbr53L5/hm52bHMNWKwX+GIvMzXafoI5LxdkaF0sz
35h21ahMSMGPgg5IUXYfuWBjN2cwXF/ICHdLoa5q/zLBXs48kU7A3kGVVm0TNWek
NfjJjpcP2/5f36pPRW65HJHcym/jMpMCG8Mru+ra4zu0ixOyKL0h6xIl5g6QZtGz
6PZze9EZ05Wxa2RRr8mA9gal4pWWXTiy1lEczTspohK5tN+WD60r0fRhlGZqrFNy
yL/BKSBmZiUOhx3q8WOs5xlhddX9gE9WN+tCZLK2l0sd8b3F6xA+QcPom7UTNCtd
PvwI25U2YnudZlssVjEKfT7umrwdaadhvC9MHM1gnCMr8yfkFr+Hc5YIKFxPl6mI
gXX1tlWOG3rA9wF6YTFkcr0ldKQqk19aorwGy+WtNg3cDCDNyGM=
=nLED
-----END PGP SIGNATURE-----


Reply to: