[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 2226-1] gst-plugins-ugly0.10 security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : gst-plugins-ugly0.10
Version        : 0.10.19-2.1+deb8u1
CVE ID         : CVE-2017-5846 CVE-2017-5847


Two memory management issues were found in the asfdemux element of the
GStreamer "ugly" plugin collection, which can be triggered via a
maliciously crafted file.


For Debian 8 "Jessie", these problems have been fixed in version
0.10.19-2.1+deb8u1.

We recommend that you upgrade your gst-plugins-ugly0.10 packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl7SgZxfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEeW5RAAiwmPGvShuiP34TwS7oG82s+E9NRzJkfm/ox7U29VSxTsxSK8SbnwL8cZ
go/kSC9QXcZ1Vz3uVNwtLVROX2yPvu42MdHFWbuOIvl4jidUw5tyh3zFKY1uq73L
W6gPnGyJo1QmT0ZJzopTGhhLGY04sd5qklmwOus+qrB18HmySXU0LOnAKzF0VvzK
3rUXneuW8NjVdVgYCbPvmrym5+zZ7pYoT8KMwrdhx182LX3QoHMJS27BNbCzMDPy
OWGF/8Cccw93kvGzv+c3fT0Ki8HFSnF70H7oF/+QbZvMM33OjarfC7HKm27/7FDP
lUQl+WJmN4eZWmmq0e6fNvLyWyLEfkwq4OfDFEeLg6FjPZxhXDf9h3DyVuNMhqVz
MET5FNyQqtAHmc9D9aKxuxBNt0IVjwLYvnr6uZIMfp/ZnrD/lFnp76GnlVcHEKVP
mY27VQHfAJyR8Ffp3JtQSOs8UEhn/MMC9i5LFL/NZKRIoVhWKkqrWS3yvooLWu7f
bxwgdnrsGJfxUbrqvX38XKOarZ0ZPTDFdt7VJ9+GbprWoarLkFwDBVKC+eugUjCG
br4O76dk3AA6T70AIUFH1214unu3gDRVau2jXTIqEhYFpDt63AM2FJUNvLc+ggzD
62FSPNa77ycw42xG1VouRA3/b+9g6PU8EHeoR7d+NfescS37dc4=
=v6Vd
-----END PGP SIGNATURE-----


Reply to: