[SECURITY] [DSA 5831-1] gst-plugins-base1.0 security update

To: [email protected]
Subject: [SECURITY] [DSA 5831-1] gst-plugins-base1.0 security update
From: Moritz Muehlenhoff <[email protected]>
Date: Sat, 14 Dec 2024 19:12:42 +0000
Message-id: <[🔎] [email protected]>
Reply-to: [email protected]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5831-1                   [email protected]
https://www.debian.org/security/                       Moritz Muehlenhoff
December 14, 2024                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : gst-plugins-base1.0
CVE ID         : CVE-2024-47538 CVE-2024-47541 CVE-2024-47600
                 CVE-2024-47607 CVE-2024-47615 CVE-2024-47835

Multiple multiple vulnerabilities were discovered in plugins for the
GStreamer media framework and its codecs and demuxers, which may result
in denial of service or potentially the execution of arbitrary code if
a malformed media file is opened.

For the stable distribution (bookworm), these problems have been fixed in
version 1.22.0-3+deb12u3.

We recommend that you upgrade your gst-plugins-base1.0 packages.

For the detailed security status of gst-plugins-base1.0 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/gst-plugins-base1.0

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmdd2HEACgkQEMKTtsN8
TjZTrQ//SGWQwC1bdGVNIia2ApiNK3dqEONlLzbiJahaRlY0hG8lbGeu0SqnY3WG
uc0q6RDqRTAdvz7vxgo2J+mC8w+gBMQCe88xEh3nc7khNy6rAOB31eP3M/82vqja
QotwDR+TnLBSXsAauxUUVcxKbe3GmWXHvGHOrqdocjbztIzQBH2IbtcI5L58HRDR
ESdDYBQfcsXGL7WpShO8/wn4Atptqt3ZuTIqw8VdoK0aA1/aeOe6skHaYv/5JGG8
XnulaCChewxrpLgcUSvcH4/LEQ/PnxAOoPfbrvIqwoeU6zL8u3F8zzD3QqtOc4mj
XGYoWooL7PYlO2GyA9DvyVCsLKhsWHThV/9S62rtAL+cYCrcti5BtPlaUIkRybgO
3eWAwEEiAmT+1ORO6svuV7AEN7V3aKnJiE7lYGWkiC6/dyr2apMGqBl7kQ/Nmciq
0eHDXkLh4AO4W4BY+Vmm42eHve5nnppuQDuVMSCSXbKTQG90u31bmxFmeSk3ECSW
k/ibQ3MLbxL1WfIvy3BL3qGdnxBHxWzSsbaAEdqXzVjG6dlmt3SHpxHE+rQ+DB6e
rnjvFtDlwASeOg9I/VI6CPnNrPLRrh0pDz8bhQWVwdl4mblCIubux1WZmosWNomo
/cSib//wGlnLpYvzbplvsawTM4IU0SeNORZsP2j619GrvWkEoKE=
=04kk
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DSA 5830-1] smarty4 security update
Next by Date: [SECURITY] [DSA 5832-1] gstreamer1.0 security update
Previous by thread: [SECURITY] [DSA 5830-1] smarty4 security update
Next by thread: [SECURITY] [DSA 5832-1] gstreamer1.0 security update
Index(es):
- Date
- Thread