diff options
| author | Thorsten Alteholz <debian@alteholz.de> | 2020-06-07 17:00:53 +0200 |
|---|---|---|
| committer | Thorsten Alteholz <debian@alteholz.de> | 2020-06-07 17:00:53 +0200 |
| commit | 9994d542d20c7a80208ae674a6195422a9e20053 (patch) | |
| tree | a65a3de414a45df62faf19d1fe0e75f1e7e23891 | |
| parent | cee6db00203908ca24d5f51f6e656ce7ce5648fb (diff) | |
DLA 2225
| -rw-r--r-- | english/lts/security/2020/dla-2225.data | 10 | ||||
| -rw-r--r-- | english/lts/security/2020/dla-2225.wml | 34 |
2 files changed, 44 insertions, 0 deletions
diff --git a/english/lts/security/2020/dla-2225.data b/english/lts/security/2020/dla-2225.data new file mode 100644 index 00000000000..931de597880 --- /dev/null +++ b/english/lts/security/2020/dla-2225.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2225-1 gst-plugins-good0.10</define-tag> +<define-tag report_date>2020-5-30</define-tag> +<define-tag secrefs>CVE-2016-10198 CVE-2017-5840</define-tag> +<define-tag packages>gst-plugins-good0.10</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2225.wml b/english/lts/security/2020/dla-2225.wml new file mode 100644 index 00000000000..91ce3a6b1cf --- /dev/null +++ b/english/lts/security/2020/dla-2225.wml @@ -0,0 +1,34 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> + +<p>Two memory handling issues were found in gst-plugins-good0.10, a +collection of GStreamer plugins from the <q>good</q> set:</p> + +<ul> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2016-10198">CVE-2016-10198</a> + + <p>An invalid read can be triggered in the aacparse element via a + maliciously crafted file.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2017-5840">CVE-2017-5840</a> + + <p>An out of bounds heap read can be triggered in the qtdemux element + via a maliciously crafted file.</p> + + +<p>For Debian 8 <q>Jessie</q>, these problems have been fixed in version +0.10.31-3+nmu4+deb8u3.</p> + +<p>We recommend that you upgrade your gst-plugins-good0.10 packages.</p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p></li> + +</ul> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2225.data" +# $Id: $ |