Am Mittwoch, den 04.02.2009, 17:43 -0500 schrieb Steffen Joeris: > Package: gstreamer0.10-plugins-good > Version: 0.10.8-4.1 > Severity: grave > Tags: security > Justification: user security hole > > Hi, > the following CVE (Common Vulnerabilities & Exposures) ids were > published for gst-plugins-good0.10. > > CVE-2009-0386[0]: > | Heap-based buffer overflow in the qtdemux_parse_samples function in > | gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka > | gst-plugins-good) 0.10.9 through 0.10.11 might allow remote attackers > | to execute arbitrary code via crafted Composition Time To Sample > | (ctts) atom data in a malformed QuickTime media .mov file. > > CVE-2009-0387[1]: > | Array index error in the qtdemux_parse_samples function in > | gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka > | gst-plugins-good) 0.10.9 through 0.10.11 allows remote attackers to > | cause a denial of service (application crash) and possibly execute > | arbitrary code via crafted Sync Sample (aka stss) atom data in a > | malformed QuickTime media .mov file, related to "mark keyframes." > > CVE-2009-0397[2]: > | Heap-based buffer overflow in the qtdemux_parse_samples function in > | gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka > | gst-plugins-good) 0.10.9 through 0.10.11, and GStreamer Plug-ins (aka > | gstreamer-plugins) 0.8.5, might allow remote attackers to execute > | arbitrary code via crafted Time-to-sample (aka stts) atom data in a > | malformed QuickTime media .mov file. > > CVE-2009-0398[3]: > | Array index error in the gst_qtp_trak_handler function in > | gst/qtdemux/qtdemux.c in GStreamer Plug-ins (aka gstreamer-plugins) > | 0.6.0 allows remote attackers to have an unknown impact via a crafted > | QuickTime media file. > > There is also a redhat bugreport[4] and a mail[5] on the public security > list with more information. The upstream patch[6] seems to fix all, but > CVE-2009-0398 according to upstream.
Hi, the patch is already in unstable, testing and experimental. I'll take a look at the other issue later, thanks.
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil
