USN-611-3: GStreamer Good Plugins vulnerability
Posted on: 05/09/2008 01:20 AM

A new GStreamer Good Plugins vulnerability update is available for Ubuntu Linux. Here the announcement:

Ubuntu Security Notice USN-611-3 May 08, 2008
gst-plugins-good0.10 vulnerability
CVE-2008-1686
==========================
==========================
=========

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 7.04
Ubuntu 7.10
Ubuntu 8.04 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
gstreamer0.10-plugins-good 0.10.3-0ubuntu4.1

Ubuntu 7.04:
gstreamer0.10-plugins-good 0.10.5-1ubuntu2.1

Ubuntu 7.10:
gstreamer0.10-plugins-good 0.10.6-0ubuntu4.1

Ubuntu 8.04 LTS:
gstreamer0.10-plugins-good 0.10.7-3ubuntu0.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

USN-611-1 fixed a vulnerability in Speex. This update provides the
corresponding update for GStreamer Good Plugins.

Original advisory details:

It was discovered that Speex did not properly validate its input when
processing Speex file headers. If a user or automated system were
tricked into opening a specially crafted Speex file, an attacker could
create a denial of service in applications linked against Speex or
possibly execute arbitrary code as the user invoking the program.


Updated packages for Ubuntu 6.06 LTS:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gst-=
plugins-good0.10_0.10.3-0ubuntu4.1.diff.gz
Size/MD5: 26587 c28ee0b276b139cd95e08219eae0dfdd
http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gst-=
plugins-good0.10_0.10.3-0ubuntu4.1.dsc
Size/MD5: 1463 45c1fd3b8ce3651c4abad741ef80f6c1
http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gst-=
plugins-good0.10_0.10.3.orig.tar.gz
Size/MD5: 1782808 bfac20228cf6e9317a371a5f36feb8ae

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gstr=
eamer0.10-plugins-good-doc_0.10.3-0ubuntu4.1_all.deb
Size/MD5: 75038 76c0d219af78c0581ddb03f6b6f16288

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gstr=
eamer0.10-esd_0.10.3-0ubuntu4.1_amd64.deb
Size/MD5: 32904 258a2047bf718e6e2c4a8ed9156c7352
http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gstr=
eamer0.10-plugins-good-dbg_0.10.3-0ubuntu4.1_amd64.deb
Size/MD5: 1670156 6a5b2fa48033860308edcb371f58f683
http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gstr=
eamer0.10-plugins-good_0.10.3-0ubuntu4.1_amd64.deb
Size/MD5: 643072 0eebc1c15a8bf2b568aa946d91b76481

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gstr=
eamer0.10-esd_0.10.3-0ubuntu4.1_i386.deb
Size/MD5: 32292 8196fe571b62164caf93daf94c5fd4f8
http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gstr=
eamer0.10-plugins-good-dbg_0.10.3-0ubuntu4.1_i386.deb
Size/MD5: 1523910 634e36dba05f1713cb2faaf393045af2
http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gstr=
eamer0.10-plugins-good_0.10.3-0ubuntu4.1_i386.deb
Size/MD5: 576984 bd0da0cc976240889a2f87f13cf92a62

powerpc architecture (Apple Macintosh G3/G4/G5):

http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gstr=
eamer0.10-esd_0.10.3-0ubuntu4.1_powerpc.deb
Size/MD5: 34552 8aae4fe1ead8f621db226cebf49e4356
http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gstr=
eamer0.10-plugins-good-dbg_0.10.3-0ubuntu4.1_powerpc.deb
Size/MD5: 1705072 7e123a29b809facd93b51cbecaff0343
http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gstr=
eamer0.10-plugins-good_0.10.3-0ubuntu4.1_powerpc.deb
Size/MD5: 699600 e99fbd684d1ae78030f328d32d20a8d8

sparc architecture (Sun SPARC/UltraSPARC):

http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gstr=
eamer0.10-esd_0.10.3-0ubuntu4.1_sparc.deb
Size/MD5: 32796 bff921c3ce7989d620a8459e45969421
http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gstr=
eamer0.10-plugins-good-dbg_0.10.3-0ubuntu4.1_sparc.deb
Size/MD5: 1546334 a66846506ae701840f9b300d76c83168
http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gstr=
eamer0.10-plugins-good_0.10.3-0ubuntu4.1_sparc.deb
Size/MD5: 618960 8a763568d01e8e8550142cc9f79d6938

Updated packages for Ubuntu 7.04:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gst-=
plugins-good0.10_0.10.5-1ubuntu2.1.diff.gz
Size/MD5: 21340 f01a982544378a6c557c047bb77ab244
http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gst-=
plugins-good0.10_0.10.5-1ubuntu2.1.dsc
Size/MD5: 1633 fe155ca188fa0b07447acd299cfd5ac3
http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gst-=
plugins-good0.10_0.10.5.orig.tar.gz
Size/MD5: 2070821 c28c334037d73dd79efd7550fe3e6001

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gstr=
eamer0.10-plugins-good-doc_0.10.5-1ubuntu2.1_all.deb
Size/MD5: 95388 93f35bb9206ff4ea33950f221d08e0e0

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gstr=
eamer0.10-esd_0.10.5-1ubuntu2.1_amd64.deb
Size/MD5: 38132 9c03502fddae3db99c0d782a51ea9bcf
http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gstr=
eamer0.10-plugins-good-dbg_0.10.5-1ubuntu2.1_amd64.deb
Size/MD5: 1937856 82eecb005419b8eefae5d7daeaca83e9
http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gstr=
eamer0.10-plugins-good_0.10.5-1ubuntu2.1_amd64.deb
Size/MD5: 725752 4ef7781a8cce07669fed638678e5edf2

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gstr=
eamer0.10-esd_0.10.5-1ubuntu2.1_i386.deb
Size/MD5: 37906 b323df18724846d81da4f55afc65a4d2
http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gstr=
eamer0.10-plugins-good-dbg_0.10.5-1ubuntu2.1_i386.deb
Size/MD5: 1837014 df4818adf02517cd50f483a0c8ac63f1
http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gstr=
eamer0.10-plugins-good_0.10.5-1ubuntu2.1_i386.deb
Size/MD5: 676274 21e5abb6fa53b82ce49533ef41fd8b8c

powerpc architecture (Apple Macintosh G3/G4/G5):

http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gstr=
eamer0.10-esd_0.10.5-1ubuntu2.1_powerpc.deb
Size/MD5: 38886 3198a0d9789c6a2b31741477423a64c6
http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gstr=
eamer0.10-plugins-good-dbg_0.10.5-1ubuntu2.1_powerpc.deb
Size/MD5: 1955710 4dbf717c9342620e141caf375115c6d9
http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gstr=
eamer0.10-plugins-good_0.10.5-1ubuntu2.1_powerpc.deb
Size/MD5: 767834 b693df406bc38f521ef824829b117457

sparc architecture (Sun SPARC/UltraSPARC):

http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gstr=
eamer0.10-esd_0.10.5-1ubuntu2.1_sparc.deb
Size/MD5: 38102 296bccc5ee42f283fef5d8e69a56b7c3
http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gstr=
eamer0.10-plugins-good-dbg_0.10.5-1ubuntu2.1_sparc.deb
Size/MD5: 1822102 c2b7fa56757d93940ce519338f5a9528
http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gstr=
eamer0.10-plugins-good_0.10.5-1ubuntu2.1_sparc.deb
Size/MD5: 702034 26f832b931d99c939692da1d6c815832

Updated packages for Ubuntu 7.10:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gst-=
plugins-good0.10_0.10.6-0ubuntu4.1.diff.gz
Size/MD5: 66980 83755cd8268384715d4e79c0dadad0c3
http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gst-=
plugins-good0.10_0.10.6-0ubuntu4.1.dsc
Size/MD5: 1735 0aec0c6b155f8abe72e53661aa085918
http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gst-=
plugins-good0.10_0.10.6.orig.tar.gz
Size/MD5: 2414361 8cae6351d3b5739104fbc9822eedff79

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gstr=
eamer0.10-plugins-good-doc_0.10.6-0ubuntu4.1_all.deb
Size/MD5: 108484 c32d287c32fe20320d72e85baad6cda7

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gstr=
eamer0.10-esd_0.10.6-0ubuntu4.1_amd64.deb
Size/MD5: 41398 fbcd8aad68b3f09ad059d826dda71bf3
http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gstr=
eamer0.10-plugins-good-dbg_0.10.6-0ubuntu4.1_amd64.deb
Size/MD5: 2275126 7db2247b64e5450eb6d621bb1e032441
http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gstr=
eamer0.10-plugins-good_0.10.6-0ubuntu4.1_amd64.deb
Size/MD5: 887380 7218d3007ee4276c5ca1d6188d76587f

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gstr=
eamer0.10-esd_0.10.6-0ubuntu4.1_i386.deb
Size/MD5: 41032 02fc3bb4a14c8e65ac352ca8603188e7
http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gstr=
eamer0.10-plugins-good-dbg_0.10.6-0ubuntu4.1_i386.deb
Size/MD5: 2191236 5e63077c66c8c31e870a937fb4328e76
http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gstr=
eamer0.10-plugins-good_0.10.6-0ubuntu4.1_i386.deb
Size/MD5: 831112 0edc092d8ade9d24f13a6f8a047c98ce

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/g/gst-plugins-good0.10/gstreamer0.10-=
esd_0.10.6-0ubuntu4.1_lpia.deb
Size/MD5: 40858 e91f1b91cc525dcabe042ff44f630688
http://ports.ubuntu.com/pool/main/g/gst-plugins-good0.10/gstreamer0.10-=
plugins-good-dbg_0.10.6-0ubuntu4.1_lpia.deb
Size/MD5: 2280944 cf5e2e599f6ccfc620102e13944fddb9
http://ports.ubuntu.com/pool/main/g/gst-plugins-good0.10/gstreamer0.10-=
plugins-good_0.10.6-0ubuntu4.1_lpia.deb
Size/MD5: 814556 f09b29051e35370dd6d4bb700e571250

powerpc architecture (Apple Macintosh G3/G4/G5):

http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gstr=
eamer0.10-esd_0.10.6-0ubuntu4.1_powerpc.deb
Size/MD5: 42100 618d4e53fed3b843887f32193118b294
http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gstr=
eamer0.10-plugins-good-dbg_0.10.6-0ubuntu4.1_powerpc.deb
Size/MD5: 2316016 1e34b945d00bc9071dbafceb4452e6e9
http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gstr=
eamer0.10-plugins-good_0.10.6-0ubuntu4.1_powerpc.deb
Size/MD5: 940724 b3696538b218ab60d1a3c22fa54b3543

sparc architecture (Sun SPARC/UltraSPARC):

http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gstr=
eamer0.10-esd_0.10.6-0ubuntu4.1_sparc.deb
Size/MD5: 41290 9e057a7a98aab9756649a40cf26038c5
http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gstr=
eamer0.10-plugins-good-dbg_0.10.6-0ubuntu4.1_sparc.deb
Size/MD5: 2158886 7f9ca30293540d08026cfd66ed1cc8a5
http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gstr=
eamer0.10-plugins-good_0.10.6-0ubuntu4.1_sparc.deb
Size/MD5: 869388 85474c31b8d1f128f5077210023ec22b

Updated packages for Ubuntu 8.04 LTS:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gst-=
plugins-good0.10_0.10.7-3ubuntu0.1.diff.gz
Size/MD5: 26063 f789d0115e0cc19453e3d096cb383c52
http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gst-=
plugins-good0.10_0.10.7-3ubuntu0.1.dsc
Size/MD5: 2069 4862dac7936f34756a2edab1cfe00e53
http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gst-=
plugins-good0.10_0.10.7.orig.tar.gz
Size/MD5: 2679804 2832ded1d6be0356d77689b6ca1b5f83

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gstr=
eamer0.10-plugins-good-doc_0.10.7-3ubuntu0.1_all.deb
Size/MD5: 149968 c265e6c51796688a384c8f1ef881f93d

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gstr=
eamer0.10-esd_0.10.7-3ubuntu0.1_amd64.deb
Size/MD5: 44998 93620f1b2476459723abdcb840615d6a
http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gstr=
eamer0.10-plugins-good-dbg_0.10.7-3ubuntu0.1_amd64.deb
Size/MD5: 2409630 cfd69cd30e697fdb8fbfeb5285f23989
http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gstr=
eamer0.10-plugins-good_0.10.7-3ubuntu0.1_amd64.deb
Size/MD5: 932962 18d7dadedb46d3364e7cb362c2485017

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gstr=
eamer0.10-esd_0.10.7-3ubuntu0.1_i386.deb
Size/MD5: 44684 9889cb9ea0330e0c6d2afbf37814881b
http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gstr=
eamer0.10-plugins-good-dbg_0.10.7-3ubuntu0.1_i386.deb
Size/MD5: 2314338 8a73f849bf62c6619d37816918a7865c
http://security.ubuntu.com/ubuntu/pool/main/g/gst-plugins-good0.10/gstr=
eamer0.10-plugins-good_0.10.7-3ubuntu0.1_i386.deb
Size/MD5: 873074 846a215cad96a4a9c50b3a28f4451572

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/g/gst-plugins-good0.10/gstreamer0.10-=
esd_0.10.7-3ubuntu0.1_lpia.deb
Size/MD5: 44500 84aa4a81f6266bd0eaaaca92231898ec
http://ports.ubuntu.com/pool/main/g/gst-plugins-good0.10/gstreamer0.10-=
plugins-good-dbg_0.10.7-3ubuntu0.1_lpia.deb
Size/MD5: 2344148 9c316ad9c0b5eb43387e121e3bd89fdf
http://ports.ubuntu.com/pool/main/g/gst-plugins-good0.10/gstreamer0.10-=
plugins-good_0.10.7-3ubuntu0.1_lpia.deb
Size/MD5: 859876 d4986caefbd02b780e5eb31ae1f9dc22

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/g/gst-plugins-good0.10/gstreamer0.10-=
esd_0.10.7-3ubuntu0.1_powerpc.deb
Size/MD5: 45640 8de3e87763017b90424f0bf348c7b623
http://ports.ubuntu.com/pool/main/g/gst-plugins-good0.10/gstreamer0.10-=
plugins-good-dbg_0.10.7-3ubuntu0.1_powerpc.deb
Size/MD5: 2441410 f25046e5fe500ed03cfaa3cd683b2760
http://ports.ubuntu.com/pool/main/g/gst-plugins-good0.10/gstreamer0.10-=
plugins-good_0.10.7-3ubuntu0.1_powerpc.deb
Size/MD5: 991944 65b7cc2d20583221910e2cd4bdfab873

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/g/gst-plugins-good0.10/gstreamer0.10-=
esd_0.10.7-3ubuntu0.1_sparc.deb
Size/MD5: 44714 5ab724f2993b9aee9e40145bb710cfe5
http://ports.ubuntu.com/pool/main/g/gst-plugins-good0.10/gstreamer0.10-=
plugins-good-dbg_0.10.7-3ubuntu0.1_sparc.deb
Size/MD5: 2280982 9bda887a2ac622b11a5a5bdb39a3f31d
http://ports.ubuntu.com/pool/main/g/gst-plugins-good0.10/gstreamer0.10-=
plugins-good_0.10.7-3ubuntu0.1_sparc.deb
Size/MD5: 904902 1d227c55e7cff2ffb678c65c1e9a09c0



--uMPAU7A2Er6+wvsD
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFII3hnW0JvuRdL8BoRAgP5AJ0YZgEa8Gwb7ZyNKL3ZZCx361V4MACgilsn
RCAoj+SSlPl8v3048PpZc70=
=/eso
-----END PGP SIGNATURE-----



Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/usn_611_3_gstreamer_good_plugins_vulnerability.html)