MGASA-2022-0322 - Updated gstreamer1.0-plugins-good packages fix security vulnerability Publication date: 10 Sep 2022 URL: https://advisories.mageia.org/MGASA-2022-0322.html Type: security Affected Mageia releases: 8 CVE: CVE-2022-1920, CVE-2022-1921, CVE-2022-1922, CVE-2022-1923, CVE-2022-1924, CVE-2022-1925, CVE-2022-2122 It was discovered that GStreamer Good Plugins incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. (CVE-2022-1920, CVE-2022-1921) It was discovered that GStreamer Good Plugins incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-1922, CVE-2022-1923, CVE-2022-1924, CVE-2022-1925, CVE-2022-2122) References: - https://bugs.mageia.org/show_bug.cgi?id=30728 - https://ubuntu.com/security/notices/USN-5555-1 - https://gstreamer.freedesktop.org/security/sa-2022-0001.html - https://gstreamer.freedesktop.org/security/sa-2022-0002.html - https://gstreamer.freedesktop.org/security/sa-2022-0003.html - https://gstreamer.freedesktop.org/security/sa-2022-0004.html - https://www.debian.org/security/2022/dsa-5204 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1920 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1921 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1922 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1923 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1924 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1925 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2122 SRPMS: - 8/core/gstreamer1.0-plugins-good-1.18.5-1.1.mga8