-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5204-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff August 09, 2022 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : gst-plugins-good1.0 CVE ID : CVE-2022-1920 CVE-2022-1921 CVE-2022-1922 CVE-2022-1923 CVE-2022-1924 CVE-2022-1925 CVE-2022-2122 Adam Doupe discovered multiple vulnerabilities in the Gstreamer plugins to demux Mastroska and AVI files which could result in denial of service or the execution of arbitrary code. For the stable distribution (bullseye), these problems have been fixed in version 1.18.4-2+deb11u1. We recommend that you upgrade your gst-plugins-good1.0 packages. For the detailed security status of gst-plugins-good1.0 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/gst-plugins-good1.0 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmLysv4ACgkQEMKTtsN8 TjbQ6Q//deQ/E455HEm5jW/IBLsCytvD4d6/mlsKvAuia4b4h6F2d37thjkZ8Cjd zAUBXifep5FT+M4u0P2ig16kvallnhoPiMlFguqx84yigYFhzeDLv1VK3keGTVdv 1Bo+wrDnQeU+ASErCKMbGYevWP+l908FFZ1xq0EFvtmDZuuCS0kcU4ba0LR4wBXy 1opLeYXSlrnnNddXEdW45Xv0NHF/Opx52edEDH2VbOhleVP88SKy0HRq2hc4Qmec HsP4uhEwA9+ZOoJaKK80c+3Nbr53L5/hm52bHMNWKwX+GIvMzXafoI5LxdkaF0sz 35h21ahMSMGPgg5IUXYfuWBjN2cwXF/ICHdLoa5q/zLBXs48kU7A3kGVVm0TNWek NfjJjpcP2/5f36pPRW65HJHcym/jMpMCG8Mru+ra4zu0ixOyKL0h6xIl5g6QZtGz 6PZze9EZ05Wxa2RRr8mA9gal4pWWXTiy1lEczTspohK5tN+WD60r0fRhlGZqrFNy yL/BKSBmZiUOhx3q8WOs5xlhddX9gE9WN+tCZLK2l0sd8b3F6xA+QcPom7UTNCtd PvwI25U2YnudZlssVjEKfT7umrwdaadhvC9MHM1gnCMr8yfkFr+Hc5YIKFxPl6mI gXX1tlWOG3rA9wF6YTFkcr0ldKQqk19aorwGy+WtNg3cDCDNyGM= =nLED -----END PGP SIGNATURE-----