Package: gstreamer0.10-plugins-good Version: 0.10.8-4.1~lenny1 0.10.4-4 Severity: serious Tags: security patch
Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for gstreamer0.10-plugins-good. CVE-2009-1932[0]: | Multiple integer overflows in the (1) user_info_callback, (2) | user_endrow_callback, and (3) gst_pngdec_task functions | (ext/libpng/gstpngdec.c) in GStreamer Good Plug-ins (aka | gst-plugins-good or gstreamer-plugins-good) 0.10.15 allow remote | attackers to cause a denial of service and possibly execute arbitrary | code via a crafted PNG file, which triggers a buffer overflow. This bug has already been fixed in unstable(http://bugs.debian.org/531631). If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1932 http://security-tracker.debian.net/tracker/CVE-2009-1932 -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
