-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4833-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff January 18, 2021 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : gst-plugins-bad1.0 CVE ID : not yet available Andrew Wesie discovered a buffer overflow in the H264 support of the GStreamer multimedia framework, which could potentially result in the execution of arbitrary code. For the stable distribution (buster), this problem has been fixed in version 1.14.4-1deb10u1. We recommend that you upgrade your gst-plugins-bad1.0 packages. For the detailed security status of gst-plugins-bad1.0 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/gst-plugins-bad1.0 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmAF/bIACgkQEMKTtsN8 TjYRIxAAjPc+5ali8IQCkInF4T921aReigzPkm1MVCiym8WrZCNjPAD/oZ1461V9 Q6LxYNcsZ6/aPzLTw8JE5qQmzTheu2FeDlyfHNsR/BnswGQqnB4VbR3lJ7+CstfP Bol+Xg6sEUIjlOWUOILohQO499o7P9o79xebX4gaAeVy87qsz5xzXPrkmn8uWUiy Ir2imdqfTBotYIapxSx+aA9xaatKsg1ShJMX8qA6Kudbs57o0uzDhdj9MRxRFHFg 0/Z8lJST95bCgaBDuwCXbbK+iTLwIhcJFDDss9yOF/L5Svj1NmzEnKltwiFjtaEk S7bXdjvyMW8GHtddzXIqHjLMuPOMWY/NSigh4CACXBbUuczo69DMHRbJT6ZAETRG ly2wNyvW0iLbCQ6De4eaklPR4K0Sfnckq5YuiIR5DvxWxwd9dwxopXDPk6oI1Lvj WlFKF0WGtMzhRqb0VVVEjNkDn2dHlGEjCKo1eQKTioeEtfe0BABGUVXciqKf18M3 mvUa+imwW90BzPAWVcQTZg9gCmjVBkZVbXvgQbz51YROKEvmpQMFZFz+UxmoZ7xN Ftg5wCwQff+hUFEd1dpTm95ZolWPAxIl2n4/2iSCADtfyKR487GrG93pFELl8x/z m1Jkmi9br+PGz5Th3na2I9buhO5agTjxYDlg+EC3XeqpmOARtcU= =iG5E -----END PGP SIGNATURE-----