- Detalji os-a: WN7
- Važnost: URG
- Operativni sustavi: L
- Kategorije: LUB
==========================================================================
Ubuntu Security Notice USN-3958-1
April 29, 2019
gst-plugins-base0.10, gst-plugins-base1.0 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 18.10
– Ubuntu 18.04 LTS
– Ubuntu 16.04 LTS
Summary:
GStreamer Base Plugins could be made to crash or run programs if it
received specially crafted network traffic.
Software Description:
– gst-plugins-base1.0: GStreamer plugins
– gst-plugins-base0.10: GStreamer plugins
Details:
It was discovered that GStreamer Base Plugins did not correctly handle
certain malformed RTSP streams. If a user were tricked into opening a
crafted RTSP stream with a GStreamer application, an attacker could cause a
denial of service via application crash, or possibly execute arbitrary
code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.10:
gstreamer1.0-plugins-base 1.14.4-1ubuntu1.1
Ubuntu 18.04 LTS:
gstreamer1.0-plugins-base 1.14.1-1ubuntu1~ubuntu18.04.2
Ubuntu 16.04 LTS:
gstreamer0.10-plugins-base 0.10.36-2ubuntu0.2
gstreamer1.0-plugins-base 1.8.3-1ubuntu0.3
In general, a standard system update will make all the necessary changes.
References:
https://usn.ubuntu.com/usn/usn-3958-1
CVE-2019-9928
Package Information:
https://launchpad.net/ubuntu/+source/gst-plugins-base1.0/1.14.4-1ubuntu1.1
https://launchpad.net/ubuntu/+source/gst-plugins-base1.0/1.14.1-1ubuntu1~ubuntu18.04.2
https://launchpad.net/ubuntu/+source/gst-plugins-base0.10/0.10.36-2ubuntu0.2
https://launchpad.net/ubuntu/+source/gst-plugins-base1.0/1.8.3-1ubuntu0.3
—–BEGIN PGP SIGNATURE—–
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAlzG/fAACgkQZWnYVadE
vpNBOxAAmENrQSKsLHW9zCut6V2EAVJZFMeH9i6/0pF5w400jgL9e2A2H4D9jycQ
zIg9j8Y6vUUmQ0CB8E6RZnsJVGZJgyyIJnrKc06tHe7zWKBxu5oHEOBf0vzCW+CL
r5zINr/qfqpZIKhRgunO/Cx3xSQkNapDikbXO36Gh5Dw4N3KwK1hOVI4PQghe3hO
mUELhWMVs/PjGos3lvF6+Flt1QHqdjMSBy3h4yhFutp7+WWEPNFXKuzTQQMmuOnz
wVOYuw6YW8DVyK5WirYyJ4INRR7lS32vYdttPG3npVMkOA7+HmjxMciD670U6gVJ
UMUDKkkgIZv/WVV2if97KwwM1NcPKnSnBg2NHqOamKRKEDaXeickKON+UjWXGTid
6YGH4MU0p8eLBfO9V92x91UsjDorNkDDRUjOTu+7ASC5QF89bBmOceGs2DQWHkiA
5sY7JhgBDtFF8UH3NU/HmANzp5arBlrn6/s19f+Gu5gIGxgOczMfiTGLBa7V9doM
5FXEZHL6Zkn2eC/qlXzOmuzoFCKgqLLHJm3UelYd24aBvyHfRL1tp0C5JY/r1vUU
cWBTkJyoe9rsSXQVAzbmKVuZGR3H1VAfWm60GzaUXmkLKvHEpMtF4a8DVMUhu3cS
RjTA4DzmSrW+u2IWc2poq+8xlgVSEJC2GVU5bRIL4UVoisxh0II=
=Nq71
—–END PGP SIGNATURE—–
—
| Autor | Toni Vugdelija |
| Cert id | NCERT-REF-2019-04-0001-ADV |
| Cve | CERT-CVE-DUMMY |
| ID izvornika | CERT-ORIGID-DUMMY |
| Proizvod | CERT-DUMMY-PRODUCT |
| Izvor | Adobe |
