Home / mailings [SECURITY] [DSA 5832-1] gstreamer1.0 security update
Posted on 16 December 2024
Debian Security Advisory- -------------------------------------------------------------------------
Debian Security Advisory DSA-5832-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
December 16, 2024 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : gstreamer1.0
CVE ID : CVE-2024-47606
Antonio Morales reported an integer overflow vulnerability in the memory
allocator in the Core GStreamer libraries, which may result in denial of
service or potentially the execution of arbitrary code if a malformed
media file is processed.
For the stable distribution (bookworm), this problem has been fixed in
version 1.22.0-2+deb12u1.
We recommend that you upgrade your gstreamer1.0 packages.
For the detailed security status of gstreamer1.0 please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/gstreamer1.0
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
