Jump to content

Sign in to follow this

Followers 0

news

[Security Announce] [ MDVSA-2009:035 ] gstreamer0.10-plugins-good

By news, February 11, 2009 in Upcoming News

Recommended Posts

news 28

news

Posted February 11, 2009

This is a multi-part message in MIME format...

------------=_1234326014-6173-392

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2009:035

http://www.mandriva.com/security/

_______________________________________________________________________

Package : gstreamer0.10-plugins-good

Date : February 10, 2009

Affected: 2008.0, 2008.1, 2009.0

_______________________________________________________________________

Problem Description:

Security vulnerabilities have been discovered and corrected in

gstreamer0.10-plugins-good, might allow remote attackers to execute

arbitrary code via a malformed QuickTime media file (CVE-2009-0386,

CVE-2009-0387, CVE-2009-0397).

The updated packages have been patched to prevent this.

_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0386

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0387

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0397

_______________________________________________________________________

Updated Packages:

Mandriva Linux 2008.0:

72a2a267f064b3557c0e7da869187920 2008.0/i586/gstreamer0.10-aalib-0.10.6-3.2mdv2008.0.i586.rpm

fe8a04fcd9240eaa887fa5d1147c86e9 2008.0/i586/gstreamer0.10-caca-0.10.6-3.2mdv2008.0.i586.rpm

639e4701b8431b8fff2df2d196ce3b6c 2008.0/i586/gstreamer0.10-dv-0.10.6-3.2mdv2008.0.i586.rpm

c2a123762a863578a24d7ea82ab693cd 2008.0/i586/gstreamer0.10-esound-0.10.6-3.2mdv2008.0.i586.rpm

8fe61dd52cd465ae43beb7e1ba311ce4 2008.0/i586/gstreamer0.10-flac-0.10.6-3.2mdv2008.0.i586.rpm

a80a7ef4f5ac1d7280f4290d2c770485 2008.0/i586/gstreamer0.10-plugins-good-0.10.6-3.2mdv2008.0.i586.rpm

97152f5ecea0a2c23b349191794f2700 2008.0/i586/gstreamer0.10-raw1394-0.10.6-3.2mdv2008.0.i586.rpm

18ad6400d673b07d8f8037177873e144 2008.0/i586/gstreamer0.10-speex-0.10.6-3.2mdv2008.0.i586.rpm

935441a9449d351bf3e0a6bfee3ac64a 2008.0/i586/gstreamer0.10-wavpack-0.10.6-3.2mdv2008.0.i586.rpm

f8e312ce8de8ac8d6d6e2bbfcdaf93aa 2008.0/SRPMS/gstreamer0.10-plugins-good-0.10.6-3.2mdv2008.0.src.rpm

Mandriva Linux 2008.0/X86_64:

a140386b0f5b582d8e64cc5584f86fde 2008.0/x86_64/gstreamer0.10-aalib-0.10.6-3.2mdv2008.0.x86_64.rpm

5eb03a60b115cec41d78478b92586537 2008.0/x86_64/gstreamer0.10-caca-0.10.6-3.2mdv2008.0.x86_64.rpm

564d6a79a523ad54d7f70c02a298bba1 2008.0/x86_64/gstreamer0.10-dv-0.10.6-3.2mdv2008.0.x86_64.rpm

9cfbae1621e6e002f764e780194d0376 2008.0/x86_64/gstreamer0.10-esound-0.10.6-3.2mdv2008.0.x86_64.rpm

a8e034c1ec0bcfb2c3048269940340ed 2008.0/x86_64/gstreamer0.10-flac-0.10.6-3.2mdv2008.0.x86_64.rpm

d14231b2f55e4c9959b765d091e7bafd 2008.0/x86_64/gstreamer0.10-plugins-good-0.10.6-3.2mdv2008.0.x86_64.rpm

312e887d320ae3c36597f3a2085f64e5 2008.0/x86_64/gstreamer0.10-raw1394-0.10.6-3.2mdv2008.0.x86_64.rpm

f4ab3bc506034b9d2e4e64fded34b026 2008.0/x86_64/gstreamer0.10-speex-0.10.6-3.2mdv2008.0.x86_64.rpm

4f9fc5a9aadc3350c32fe95bb4824c82 2008.0/x86_64/gstreamer0.10-wavpack-0.10.6-3.2mdv2008.0.x86_64.rpm

f8e312ce8de8ac8d6d6e2bbfcdaf93aa 2008.0/SRPMS/gstreamer0.10-plugins-good-0.10.6-3.2mdv2008.0.src.rpm

Mandriva Linux 2008.1:

37ee72c4dd8c4d1d65b21d5f7c4174cf 2008.1/i586/gstreamer0.10-aalib-0.10.7-3.2mdv2008.1.i586.rpm

94bc8fbbd6b27f76172be895762a7d22 2008.1/i586/gstreamer0.10-caca-0.10.7-3.2mdv2008.1.i586.rpm

4822f9a52e11966aa1a3b82e8636eafb 2008.1/i586/gstreamer0.10-dv-0.10.7-3.2mdv2008.1.i586.rpm

ed36bf5b66d719c449de031c3973fbf5 2008.1/i586/gstreamer0.10-esound-0.10.7-3.2mdv2008.1.i586.rpm

81bd4565763e2d857d05875fdc299d99 2008.1/i586/gstreamer0.10-flac-0.10.7-3.2mdv2008.1.i586.rpm

fe7dd742de6d0510c337c743fe6da912 2008.1/i586/gstreamer0.10-plugins-good-0.10.7-3.2mdv2008.1.i586.rpm

86f44f42f73a2eb0dea5dc83b11fa4cf 2008.1/i586/gstreamer0.10-raw1394-0.10.7-3.2mdv2008.1.i586.rpm

831da1ff4308a0328280992f62137932 2008.1/i586/gstreamer0.10-speex-0.10.7-3.2mdv2008.1.i586.rpm

6e7590f10fcc99ae46a7e4970df836de 2008.1/i586/gstreamer0.10-wavpack-0.10.7-3.2mdv2008.1.i586.rpm

f18f7ec53b3b8653e449c1aeecb31138 2008.1/SRPMS/gstreamer0.10-plugins-good-0.10.7-3.2mdv2008.1.src.rpm

Mandriva Linux 2008.1/X86_64:

e25059da03c9110f482e2fbf93fd8933 2008.1/x86_64/gstreamer0.10-aalib-0.10.7-3.2mdv2008.1.x86_64.rpm

0dcb67eb17fa5b2268b7dd37233fb261 2008.1/x86_64/gstreamer0.10-caca-0.10.7-3.2mdv2008.1.x86_64.rpm

2efe3887ed7e82ebe16843b083295db6 2008.1/x86_64/gstreamer0.10-dv-0.10.7-3.2mdv2008.1.x86_64.rpm

1f59d9b91fb95b8b88671fd971ef3be2 2008.1/x86_64/gstreamer0.10-esound-0.10.7-3.2mdv2008.1.x86_64.rpm

192b9d4522516d89ebe0b29dfe80107b 2008.1/x86_64/gstreamer0.10-flac-0.10.7-3.2mdv2008.1.x86_64.rpm

0c7510e8bbaf11a984b5d43993fd6606 2008.1/x86_64/gstreamer0.10-plugins-good-0.10.7-3.2mdv2008.1.x86_64.rpm

e78b8da20599d9b3557f3c2d7b3d64a0 2008.1/x86_64/gstreamer0.10-raw1394-0.10.7-3.2mdv2008.1.x86_64.rpm

b2cadc38e7054fa29b2c39341b14c8f8 2008.1/x86_64/gstreamer0.10-speex-0.10.7-3.2mdv2008.1.x86_64.rpm

6f70bd674d5c66af13910a768618dd2b 2008.1/x86_64/gstreamer0.10-wavpack-0.10.7-3.2mdv2008.1.x86_64.rpm

f18f7ec53b3b8653e449c1aeecb31138 2008.1/SRPMS/gstreamer0.10-plugins-good-0.10.7-3.2mdv2008.1.src.rpm

Mandriva Linux 2009.0:

fd0c54e1c7e9e89fee53b87afc6218e8 2009.0/i586/gstreamer0.10-aalib-0.10.10-2.1mdv2009.0.i586.rpm

1e22dfe9f0a620be5d1842ce6651c416 2009.0/i586/gstreamer0.10-caca-0.10.10-2.1mdv2009.0.i586.rpm

065cc2305d32afec3475f3f0e687a81b 2009.0/i586/gstreamer0.10-dv-0.10.10-2.1mdv2009.0.i586.rpm

7d4158cbead8c2f257327fa947183889 2009.0/i586/gstreamer0.10-esound-0.10.10-2.1mdv2009.0.i586.rpm

c12d76e19388a0bc96723252a6882a45 2009.0/i586/gstreamer0.10-flac-0.10.10-2.1mdv2009.0.i586.rpm

5bd137ba566a3fbe0f7a58a293046923 2009.0/i586/gstreamer0.10-plugins-good-0.10.10-2.1mdv2009.0.i586.rpm

2d8ffce05f943cde7237117e51816dc9 2009.0/i586/gstreamer0.10-pulse-0.10.10-2.1mdv2009.0.i586.rpm

5546602310d369d1d9b784e9a4f47577 2009.0/i586/gstreamer0.10-raw1394-0.10.10-2.1mdv2009.0.i586.rpm

fc4922a6c70a5c611647c5ec2f1ae9e7 2009.0/i586/gstreamer0.10-soup-0.10.10-2.1mdv2009.0.i586.rpm

d42916979b54613c3be7591ade5da727 2009.0/i586/gstreamer0.10-speex-0.10.10-2.1mdv2009.0.i586.rpm

c2581f15e3439fe5dbd7096541ad46e8 2009.0/i586/gstreamer0.10-wavpack-0.10.10-2.1mdv2009.0.i586.rpm

08723d4a2eaa0f5d564a34ae120d8390 2009.0/SRPMS/gstreamer0.10-plugins-good-0.10.10-2.1mdv2009.0.src.rpm

Mandriva Linux 2009.0/X86_64:

618b0f23135de1db4cc3a55f6c32973c 2009.0/x86_64/gstreamer0.10-aalib-0.10.10-2.1mdv2009.0.x86_64.rpm

4fe0b93bb062c565b1bc1eb63d5d5642 2009.0/x86_64/gstreamer0.10-caca-0.10.10-2.1mdv2009.0.x86_64.rpm

3b2b4a8704411fad70e9156dbad3ed4a 2009.0/x86_64/gstreamer0.10-dv-0.10.10-2.1mdv2009.0.x86_64.rpm

860a46cac6e60a0d9a543c8e89f46584 2009.0/x86_64/gstreamer0.10-esound-0.10.10-2.1mdv2009.0.x86_64.rpm

52bd426b3821c4d844999f5e3bfa77d9 2009.0/x86_64/gstreamer0.10-flac-0.10.10-2.1mdv2009.0.x86_64.rpm

0f52a696ac6afdf0d8265872d1748a2a 2009.0/x86_64/gstreamer0.10-plugins-good-0.10.10-2.1mdv2009.0.x86_64.rpm

5fb651ebf99b93fb346f734e9ca5cbfe 2009.0/x86_64/gstreamer0.10-pulse-0.10.10-2.1mdv2009.0.x86_64.rpm

5f7e0823e61559dd0037a14328b13925 2009.0/x86_64/gstreamer0.10-raw1394-0.10.10-2.1mdv2009.0.x86_64.rpm

ee78e14a1831e667338b486de297b4b1 2009.0/x86_64/gstreamer0.10-soup-0.10.10-2.1mdv2009.0.x86_64.rpm

1678a544c7651cd119d2746e9c3949a1 2009.0/x86_64/gstreamer0.10-speex-0.10.10-2.1mdv2009.0.x86_64.rpm

31ec957603b4a0deb044ec2f7c427cb0 2009.0/x86_64/gstreamer0.10-wavpack-0.10.10-2.1mdv2009.0.x86_64.rpm

08723d4a2eaa0f5d564a34ae120d8390 2009.0/SRPMS/gstreamer0.10-plugins-good-0.10.10-2.1mdv2009.0.src.rpm

_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification

of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the

GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com

_______________________________________________________________________

Type Bits/KeyID Date User ID

pub 1024D/22458A98 2000-07-10 Mandriva Security Team

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFJkiTqmqjQ0CJFipgRAgeoAKC1/4cDJT4jWm2bK3kdszfNjmGpmQCePJB4

49QMXQEqfHKT5vJgPag1/5s=

=ITtm

-----END PGP SIGNATURE-----

------------=_1234326014-6173-392

Content-Type: text/plain; name="message-footer.txt"

Content-Disposition: inline; filename="message-footer.txt"

Content-Transfer-Encoding: 8bit

To unsubscribe, send a email to sympa ( -at -) mandrivalinux.org

with this subject : unsubscribe security-announce

_______________________________________________________

Want to buy your Pack or Services from Mandriva?

Go to http://www.mandrivastore.com

Join the Club : http://www.mandrivaclub.com

_______________________________________________________

------------=_1234326014-6173-392--

Share this post

Link to post

Please sign in to comment

You will be able to leave a comment after signing in

Sign In Now

Sign in to follow this

Followers 0

Go To Topic Listing Upcoming News

×

Existing user? Sign In

Browse
- Back
- Browse
- Forums
- Staff
- Online Users
- Leaderboard
Activity
- Back
- Activity
- All Activity
- Search
Leaderboard