gst-plugins-ugly1.0_1.4.4-2+deb8u1_amd64.changes ACCEPTED into proposed-updates->stable-new
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Mon Mar 27 21:24:44 UTC 2017
Mapping stable-security to proposed-updates.
Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 25 Mar 2017 19:43:38 +0200
Source: gst-plugins-ugly1.0
Binary: gstreamer1.0-plugins-ugly-doc gstreamer1.0-plugins-ugly gstreamer1.0-plugins-ugly-dbg
Architecture: source all amd64
Version: 1.4.4-2+deb8u1
Distribution: jessie-security
Urgency: medium
Maintainer: Maintainers of GStreamer packages <pkg-gstreamer-maintainers at lists.alioth.debian.org>
Changed-By: Sebastian Dröge <slomo at debian.org>
Description:
gstreamer1.0-plugins-ugly - GStreamer plugins from the "ugly" set
gstreamer1.0-plugins-ugly-dbg - GStreamer plugins from the "ugly" set (debug symbols)
gstreamer1.0-plugins-ugly-doc - GStreamer documentation for plugins from the "ugly" set
Changes:
gst-plugins-ugly1.0 (1.4.4-2+deb8u1) jessie-security; urgency=medium
.
* debian/patches/0001-asfdemux-Check-that-we-have-enough-data-available-be.patch:
+ The gst_asf_demux_process_ext_content_desc function in
gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer allows remote
attackers to cause a denial of service (out-of-bounds heap read) via
vectors involving extended content descriptors.
https://bugzilla.gnome.org/show_bug.cgi?id=777955
.
Fixes CVE-2017-5847
.
* debian/patches/0002-asfdemux-Reset-number-of-languages-to-0-when-freeing.patch:
+ The gst_asf_demux_process_ext_stream_props function in
gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer before 1.10.3
allows remote attackers to cause a denial of service (invalid memory read
and crash) via vectors related to the number of languages in a video file.
https://bugzilla.gnome.org/show_bug.cgi?id=777937
.
Fixes CVE-2017-5846
Checksums-Sha1:
ff946060e71e4ce3b4a672c2f71a85e9b855a089 3178 gst-plugins-ugly1.0_1.4.4-2+deb8u1.dsc
2695dcfb89c42a40fb2a90130804c954e4178127 25784 gst-plugins-ugly1.0_1.4.4-2+deb8u1.debian.tar.xz
cd8b20ed4495564214c57b2c04befd4db2ca48ad 846420 gst-plugins-ugly1.0_1.4.4.orig.tar.xz
2be79b93f17e23a6230e26346415082464c99380 191104 gstreamer1.0-plugins-ugly-doc_1.4.4-2+deb8u1_all.deb
78697f03533b28b81c721a9552c70b705df775ad 372296 gstreamer1.0-plugins-ugly_1.4.4-2+deb8u1_amd64.deb
9ee7f3e7fb86e9487915b30910791baf355ae918 715448 gstreamer1.0-plugins-ugly-dbg_1.4.4-2+deb8u1_amd64.deb
Checksums-Sha256:
cdc2991d33c7918d4f15bb25fa5e3fbf4cebd72c337ac358854f57507f55abc4 3178 gst-plugins-ugly1.0_1.4.4-2+deb8u1.dsc
da0a255f17e3310d4ec368f70b18cf054faa85902524212a8183bd884ce2ba1c 25784 gst-plugins-ugly1.0_1.4.4-2+deb8u1.debian.tar.xz
afe2300130aaba910b8d5fab8d1fdf8b001ff4893ec1ac57b5d8766836cd81e9 846420 gst-plugins-ugly1.0_1.4.4.orig.tar.xz
a50e085c9997de1e0114a8c1101ccff54bad31c7e2d73760452ef7397fe154f6 191104 gstreamer1.0-plugins-ugly-doc_1.4.4-2+deb8u1_all.deb
77fbff86312dcfa3b87ed5e064ff405cbf32dc60068d34f97c71807c59ec4f74 372296 gstreamer1.0-plugins-ugly_1.4.4-2+deb8u1_amd64.deb
c8357f5d42441a1793a1b3763c6be767936e1157599908ec200d390f092ebdf7 715448 gstreamer1.0-plugins-ugly-dbg_1.4.4-2+deb8u1_amd64.deb
Files:
b26cca32bff6d3d7233d3b0311d81366 3178 libs optional gst-plugins-ugly1.0_1.4.4-2+deb8u1.dsc
09292d59b000edc34e8c421137ea3f1e 25784 libs optional gst-plugins-ugly1.0_1.4.4-2+deb8u1.debian.tar.xz
abd832c5cab1a37fb1d9d15fb08e6e59 846420 libs optional gst-plugins-ugly1.0_1.4.4.orig.tar.xz
ce1c54c7a95dd1ad55919c5a14e57d0e 191104 doc optional gstreamer1.0-plugins-ugly-doc_1.4.4-2+deb8u1_all.deb
ac3bb0d3c389433f77d4bf9f18338fbc 372296 libs optional gstreamer1.0-plugins-ugly_1.4.4-2+deb8u1_amd64.deb
e289ee81a6430755d91466d83236433d 715448 debug extra gstreamer1.0-plugins-ugly-dbg_1.4.4-2+deb8u1_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQKmBAEBCgCQFiEEf0vHzDygb5cza7/rBmjMFIbC17UFAljW6JpfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDdG
NEJDN0NDM0NBMDZGOTczMzZCQkZFQjA2NjhDQzE0ODZDMkQ3QjUSHHNsb21vQGNv
YXhpb24ubmV0AAoJEAZozBSGwte1ITQQAKA2JkDHK+O1hQagxeLAXQRRwNfKuFza
LOVTGZUTKCyMi+giNaFLi/PrrPm5WUO2uoSTtpeMcCCNlM3AaJ+nrimfzOws6KP/
cG8QTkC1cow3Ki6YXOQlzAmK5hcwWjA38AcMnLN0vzTxuvCMl8Oi+A4xQDfUPi8k
OkUn2zDDVax7H5Seq97ufZFRJdT6AvxgxQl/3x+a+1QskSoaCzLXqPIGx7u74sP8
UTLLAX0OHbvVny3sLX2z5i4VNash6NcoNK4riysxZYzZ90CA2GDckx6LPddSRw3n
oiYhSmGE4fPLiLDyYlP6EtO+oItg+cP1zFqdBWY31M1K7pMelIKXUQvUG3LJfUYg
TVRd8gyYG2R815CzHTCR9NYe97hNyFAw0TyI3bLw0MwGd3Qeyw2B6CWNgwnlcLRY
pm7lp8H4ktd9Q4GN4jCyaduJBXPR1bVKya0vewjcCQRgO70MMW/hrHvV/Aytim0R
CnOdFrycET6xEfU3ZBRzdfobDkodJfIgaxUgtAgyFcpCBMN3pUW7aqcs2W9m4pmc
odeDLovOejhlHdt0sN4IuaDQbkKlc2KCOw6YFqVGG2I83QQWCTgL6YDuRCnGhPPW
rGCRRoDfGmx2IdDaOgF9Wrvr6DlBeWYrq//8onL6F9p74AQx6FzObHBUBI71lrsc
2bumDUHsY8Ur
=GmYu
-----END PGP SIGNATURE-----
Thank you for your contribution to Debian.
More information about the pkg-gstreamer-maintainers
mailing list