1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 3819-1] gst-plugins-base1.0 security update

    From Moritz Muehlenhoff@1:229/2 to All on Mon Mar 27 23:00:01 2017
    From: [email protected]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA256

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-3819-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff
    March 27, 2017 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : gst-plugins-base1.0
    CVE ID : CVE-2016-9811 CVE-2017-5837 CVE-2017-5839 CVE-2017-5842
    CVE-2017-5844

    Hanno Boeck discovered multiple vulnerabilities in the GStreamer media framework and its codecs and demuxers, which may result in denial of
    service or the execution of arbitrary code if a malformed media file is
    opened.

    For the stable distribution (jessie), these problems have been fixed in
    version 1.4.4-2+deb8u1.

    For the upcoming stable distribution (stretch), these problems have been
    fixed in version 1.10.4-1.

    For the unstable distribution (sid), these problems have been fixed in
    version 1.10.4-1.

    We recommend that you upgrade your gst-plugins-base1.0 packages.

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCAAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAljZeU4ACgkQEMKTtsN8 TjaMHBAAlW7taQZX5QmMN2wvpYRqfGKnTDTHYldqqDPtE6yMt50AqBkG7sg0xgMd X93ekmXe840y23g4aElM4pXvBgLJJKhpqddqf67YRlHbhNkTs+NNydYE3Wuhk3tf sHA/SEWr0hwFEl6aw39P3i26W2txemc3siJVlUtqtxluyBXQVsYMoI8BupZAPG+Y LRBq0Oob1r801yt3vcBcXAVv9grFLFFFf6IWnSAeMcyZmZnpLozIgu1UpjT2ABgq qkqfLOd6G0k5Jr+leEekV9UkAivUuiIhmE0w7pEjDsrw+NAeLsO0SIcbiHy5p79n 6RzZDDjSeure1dZkAYdsdQDsFZpYfg+nfnsBFK5Z8ZxqXNT1Eko+S62XvoM4IFfz VmGBSZsTGnBSzc0E0/Thgw+gu9X6uz0hin63QS4cunZdS6V89+ep0r6NxPl9cSTp OmEmUjkRDMCjfixNRQ11YLXqZGvMqSuX5YwKraCdv5xEtxpj/lmZ5uOFUuXl9lwA EcAqkubVbN28XchLGjwfgTWb4P2WC26LtLTvPXUgZ4vSecwh08a+TuOMxXhjX2QY qRq+f/palIPB0j90l1wywLa1tgXh/1nMihctAw3JlDRSFp1QCN/kpaNpHKUCsBG4 Pnr7oBqUCPXQBymKE3VtXxH8nI5jJOfUK4ylj0zjTlqIHFbOncs=
    =a6+v
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)