Alerts This Week
Warning Icon 1 537
Alerts This Week
Warning Icon 1 537

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -1 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoraupdate

Fedora 43 gstreamer1-plugin-libav Update Security Advisory 2026-e77ad9d792

1.26.11. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-e77ad9d792 2026-04-01 00:56:24.864678+00:00 -------------------------------------------------------------------------------- Name : gstreamer1-plugin-libav Product : Fedora 43 Version : 1.26.11 Release : 1.fc43 URL : https://gstreamer.freedesktop.org/ Summary : GStreamer FFmpeg/LibAV plugin Description : GStreamer is a streaming media framework, based on graphs of filters which operate on media data. Applications using this library can do anything from real-time sound processing to playing videos, and just about anything else media-related. Its plugin-based architecture means that new data types or processing capabilities can be added simply by installing new plugins. This package provides FFmpeg/LibAV GStreamer plugin. -------------------------------------------------------------------------------- Update Information: 1.26.11 -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 30 2026 Gwyn Ciesla - 1.26.11-1 - 1.26.11 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-e77ad9d792' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct:https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Critical update for gstreamer1-plugin-libav in Fedora 43 resolves media processing issues with potential security risks.. Fedora 43 Security Update, GStreamer Plugin Update, Media Processing Security. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Apr 01, 2026 Critical Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoraupdate

Fedora 45 gstreamer1-plugins-bad Upgrade 2027-8dfe12bc79

1.28.1. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-9cfb46ac78 2026-03-14 00:15:28.464474+00:00 -------------------------------------------------------------------------------- Name : gstreamer1-plugins-good Product : Fedora 44 Version : 1.28.1 Release : 1.fc44 URL : http://gstreamer.freedesktop.org/ Summary : GStreamer plugins with good code and licensing Description : GStreamer is a streaming media framework, based on graphs of filters which operate on media data. Applications using this library can do anything from real-time sound processing to playing videos, and just about anything else media-related. Its plugin-based architecture means that new data types or processing capabilities can be added simply by installing new plugins. GStreamer Good Plugins is a collection of well-supported plugins of good quality and under the LGPL license. -------------------------------------------------------------------------------- Update Information: 1.28.1 -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 26 2026 Gwyn Ciesla - 1.28.1-1 - 1.28.1 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-9cfb46ac78' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Fedora 44 provides a new update for gstreamer1-plugins-good with enhanced performance and streaming capabilities.. Fedora 44, gstreamer1-plugins-good, media processing, plugin architecture, update. . LinuxSecurity.com Team

Calendar 2 Mar 14, 2026 Fedora
Banner 2 1028x280 1708121730 1 1771599631
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoraupdate

Fedora 44 GStreamer 1.28.1 Update Advisory FEDORA-2026-9cfb46ac78

1.28.1. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-9cfb46ac78 2026-03-14 00:15:28.464474+00:00 -------------------------------------------------------------------------------- Name : gstreamer1 Product : Fedora 44 Version : 1.28.1 Release : 1.fc44 URL : http://gstreamer.freedesktop.org/ Summary : GStreamer streaming media framework runtime Description : GStreamer is a streaming media framework, based on graphs of filters which operate on media data. Applications using this library can do anything from real-time sound processing to playing videos, and just about anything else media-related. Its plugin-based architecture means that new data types or processing capabilities can be added simply by installing new plugins. -------------------------------------------------------------------------------- Update Information: 1.28.1 -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 26 2026 Gwyn Ciesla - 1.28.1-1 - 1.28.1 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-9cfb46ac78' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines:https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . GStreamer 1.28.1 update available for Fedora 44. Install via dnf with advisory FEDORA-2026-9cfb46ac78 for runtime enhancements.. Fedora gstreamer1 update media framework. . LinuxSecurity.com Team

Calendar 2 Mar 14, 2026 Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoraupdate

Fedora 41: mingw-gstreamer1-plugins-base Important Update 2025-dd97126e3a

Update to 1.26.3.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-dd97126e3a 2025-08-19 04:44:05.202924+00:00 -------------------------------------------------------------------------------- Name : mingw-gstreamer1-plugins-base Product : Fedora 41 Version : 1.26.3 Release : 1.fc41 URL : http://gstreamer.freedesktop.org/ Summary : Cross compiled GStreamer1 media framework base plug-ins Description : GStreamer is a streaming media framework, based on graphs of filters which operate on media data. Applications using this library can do anything from real-time sound processing to playing videos, and just about anything else media-related. Its plugin-based architecture means that new data types or processing capabilities can be added simply by installing new plug-ins. This package contains a set of well-maintained base plug-ins. -------------------------------------------------------------------------------- Update Information: Update to 1.26.3. -------------------------------------------------------------------------------- ChangeLog: * Sun Jun 29 2025 Sandro Mani - 1.26.3-1 - Update to 1.26.3 * Sat May 31 2025 Sandro Mani - 1.26.2-1 - Update to 1.26.2 * Sat Apr 26 2025 Sandro Mani - 1.26.1-1 - Update to 1.26.1 * Sun Mar 16 2025 Sandro Mani - 1.26.0-1 - Update to 1.26.0 * Fri Jan 17 2025 Fedora Release Engineering - 1.25.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild * Wed Jan 15 2025 Sandro Mani - 1.25.1-1 - Update to 1.25.1 * Sun Jan 12 2025 Sandro Mani - 1.24.11-1 - Update to 1.24.11 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2387232 - CVE-2025-47183 CVE-2025-47219 mingw-gstreamer1-plugins-good: various flaws [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2387232 [ 2 ] Bug #2387235 - CVE-2025-47806 CVE-2025-47807 CVE-2025-47808mingw-gstreamer1-plugins-base: various flaws [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2387235 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-dd97126e3a' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Essential patch for Fedora 41's mingw-gstreamer1-plugins-core addresses several vulnerabilities and improves overall safety.. Fedora Update mingw-gstreamer1-plugins-base 2025. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Aug 19, 2025 Important Fedora
Banner 2 1028x280 1708121730 1 1771599631
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorymoderatesecurity issue

openSUSE 2025:15177-1 moderate: ffmpeg-7-7.1.1-4.1 security advisory

An update that solves 5 vulnerabilities can now be installed.. # ffmpeg-7-7.1.1-4.1 on GA media Announcement ID: openSUSE-SU-2025:15177-1 Rating: moderate Cross-References: * CVE-2024-36615 * CVE-2024-36616 * CVE-2024-36617 * CVE-2024-36618 * CVE-2024-36619 CVSS scores: * CVE-2024-36615 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2024-36615 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-36616 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2024-36616 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-36617 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2024-36617 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-36618 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2024-36618 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-36619 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-36619 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N Affected Products: * openSUSE Tumbleweed An update that solves 5 vulnerabilities can now be installed. ## Description: These are all security issues fixed in the ffmpeg-7-7.1.1-4.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * ffmpeg-7 7.1.1-4.1 * ffmpeg-7-libavcodec-devel 7.1.1-4.1 * ffmpeg-7-libavdevice-devel 7.1.1-4.1 * ffmpeg-7-libavfilter-devel 7.1.1-4.1 * ffmpeg-7-libavformat-devel 7.1.1-4.1 * ffmpeg-7-libavutil-devel 7.1.1-4.1 * ffmpeg-7-libpostproc-devel 7.1.1-4.1 * ffmpeg-7-libswresample-devel 7.1.1-4.1 * ffmpeg-7-libswscale-devel 7.1.1-4.1 * libavcodec61 7.1.1-4.1 * libavcodec61-32bit 7.1.1-4.1 * libavdevice61 7.1.1-4.1 * libavdevice61-32bit 7.1.1-4.1 * libavfilter10 7.1.1-4.1 * libavfilter10-32bit 7.1.1-4.1 * libavformat61 7.1.1-4.1 *libavformat61-32bit 7.1.1-4.1 * libavutil59 7.1.1-4.1 * libavutil59-32bit 7.1.1-4.1 * libpostproc58 7.1.1-4.1 * libpostproc58-32bit 7.1.1-4.1 * libswresample5 7.1.1-4.1 * libswresample5-32bit 7.1.1-4.1 * libswscale8 7.1.1-4.1 * libswscale8-32bit 7.1.1-4.1 ## References: * https://www.suse.com/security/cve/CVE-2024-36615.html * https://www.suse.com/security/cve/CVE-2024-36616.html * https://www.suse.com/security/cve/CVE-2024-36617.html * https://www.suse.com/security/cve/CVE-2024-36618.html * https://www.suse.com/security/cve/CVE-2024-36619.html . The release of ffmpeg-7-7.1.1-4.1 on openSUSE resolves several security vulnerabilities, specifically five concerns, each classified with a moderate severity level.. openSUSE updates, openSUSE ffmpeg security, ffmpeg vulnerabilities. . LinuxSecurity.com Team

Calendar 2 May 31, 2025 OpenSUSE
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedoraupdate information

Fedora 33: FEDORA-2020-68ef4b6bc5 Moderate: Seamonkey AV1 Codec Fix

Additional fixes for AV1 codec and svg icon. ---- Update to 2.53.5 AV1 media codec now supported. Some fixes and improvements.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-68ef4b6bc5 2020-11-17 01:35:09.829554 --------------------------------------------------------------------------------Name : seamonkey Product : Fedora 33 Version : 2.53.5 Release : 2.fc33 URL : https://www.seamonkey-project.org/ Summary : Web browser, e-mail, news, IRC client, HTML editor Description : SeaMonkey is an all-in-one Internet application suite (previously made popular by Netscape and Mozilla). It includes an Internet browser, advanced e-mail, newsgroup and feed client, a calendar, IRC client, HTML editor and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite. --------------------------------------------------------------------------------Update Information: Additional fixes for AV1 codec and svg icon. ---- Update to 2.53.5 AV1 media codec now supported. Some fixes and improvements. --------------------------------------------------------------------------------ChangeLog: * Sun Nov 15 2020 Dmitry Butskoy 2.53.5-2 - fix for av1 (mozbz#1490877) - fix main svg icon * Thu Nov 12 2020 Dmitry Butskoy 2.53.5-1 - update to 2.53.5 - add patch to build with system libaom and libdav1d - add official logo icon in svg format --------------------------------------------------------------------------------References: [ 1 ] Bug #1868764 - SeaMonkey Web Browser icon on LXQt Quick Launch bar is smaller than the rest of the icons https://bugzilla.redhat.com/show_bug.cgi?id=1868764 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-68ef4b6bc5' at the command line. For more information,refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Ubuntu Package Alert for Firefox highlights enhancements in VP9 decoding and icon design updates as of December 2021.. seamonkey update, AV1 codec, Fedora security advisory, multimedia application, svg icon fix. . LinuxSecurity.com Team

Calendar 2 Nov 16, 2020 Fedora
Banner 2 1028x280 1708121730 1 1771599631
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedoraruntime

Fedora 27: 2017-cbb8db2be6 Security Update for libXfont2 Runtime Library

libXfont 2.0.2. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2017-cbb8db2be6 2017-11-11 01:32:26.746812 --------------------------------------------------------------------------------Name : libXfont2 Product : Fedora 27 Version : 2.0.2 Release : 1.fc27 URL : https://www.x.org/wiki/ Summary : X.Org X11 libXfont2 runtime library Description : X.Org X11 libXfont2 runtime library --------------------------------------------------------------------------------Update Information: libXfont 2.0.2 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade libXfont2' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. . The update for libXfont2 in Fedora 27 addresses issues related to runtime libraries and enhances overall system reliability. To achieve the best performance, make sure to utilize dnf.. Fedora Security Update, libXfont2 Fix, X.Org Runtime Library. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Nov 11, 2017 Critical Fedora
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryRed Hatbuffer overflow

Red Hat 5: RHSA-2009:0271-01 Important: GStreamer Buffer Overflow

Updated gstreamer-plugins-good packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Important: gstreamer-plugins-good security update Advisory ID: RHSA-2009:0271-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2009:0271.html Issue date: 2009-02-06 CVE Names: CVE-2009-0386 CVE-2009-0387 CVE-2009-0397 ==================================================================== 1. Summary: Updated gstreamer-plugins-good packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Description: GStreamer is a streaming media framework, based on graphs of filters which operate on media data. GStreamer Good Plug-ins is a collection of well-supported, GStreamer plug-ins of good quality released under the LGPL license. Multiple heap buffer overflows and an array indexing error were found in the GStreamer's QuickTime media file format decoding plugin. An attacker could create a carefully-crafted QuickTime media .mov file that would cause an application using GStreamer to crash or, potentially, execute arbitrary code if played by a victim. (CVE-2009-0386, CVE-2009-0387, CVE-2009-0397) All users of gstreamer-plugins-good are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the update, all applicationsusing GStreamer (such as totem or rhythmbox) must be restarted for the changes to take effect. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at 5. Bugs fixed (http://bugzilla.redhat.com/): 481267 - CVE-2009-0397 gstreamer-plugins, gstreamer-plugins-good: heap-based buffer overflow while parsing malformed QuickTime media files via crafted Time-to-sample (stss) atom data 483736 - CVE-2009-0386 gstreamer-plugins-good: heap-based buffer overflow while parsing malformed QuickTime media files via crafted Composition Time To Sample (aka ctts) atom data 483737 - CVE-2009-0387 gstreamer-plugins-good: Array index error while parsing malformed QuickTime media files via crafted Sync Sample (aka stss) atom data 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: i386: gstreamer-plugins-good-0.10.9-1.el5_3.1.i386.rpm gstreamer-plugins-good-debuginfo-0.10.9-1.el5_3.1.i386.rpm x86_64: gstreamer-plugins-good-0.10.9-1.el5_3.1.x86_64.rpm gstreamer-plugins-good-debuginfo-0.10.9-1.el5_3.1.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: i386: gstreamer-plugins-good-debuginfo-0.10.9-1.el5_3.1.i386.rpm gstreamer-plugins-good-devel-0.10.9-1.el5_3.1.i386.rpm x86_64: gstreamer-plugins-good-debuginfo-0.10.9-1.el5_3.1.i386.rpm gstreamer-plugins-good-debuginfo-0.10.9-1.el5_3.1.x86_64.rpm gstreamer-plugins-good-devel-0.10.9-1.el5_3.1.i386.rpm gstreamer-plugins-good-devel-0.10.9-1.el5_3.1.x86_64.rpm Red Hat Enterprise Linux (v. 5server): Source: i386: gstreamer-plugins-good-0.10.9-1.el5_3.1.i386.rpm gstreamer-plugins-good-debuginfo-0.10.9-1.el5_3.1.i386.rpm gstreamer-plugins-good-devel-0.10.9-1.el5_3.1.i386.rpm ia64: gstreamer-plugins-good-0.10.9-1.el5_3.1.ia64.rpm gstreamer-plugins-good-debuginfo-0.10.9-1.el5_3.1.ia64.rpm gstreamer-plugins-good-devel-0.10.9-1.el5_3.1.ia64.rpm ppc: gstreamer-plugins-good-0.10.9-1.el5_3.1.ppc.rpm gstreamer-plugins-good-0.10.9-1.el5_3.1.ppc64.rpm gstreamer-plugins-good-debuginfo-0.10.9-1.el5_3.1.ppc.rpm gstreamer-plugins-good-debuginfo-0.10.9-1.el5_3.1.ppc64.rpm gstreamer-plugins-good-devel-0.10.9-1.el5_3.1.ppc.rpm gstreamer-plugins-good-devel-0.10.9-1.el5_3.1.ppc64.rpm s390x: gstreamer-plugins-good-0.10.9-1.el5_3.1.s390x.rpm gstreamer-plugins-good-debuginfo-0.10.9-1.el5_3.1.s390.rpm gstreamer-plugins-good-debuginfo-0.10.9-1.el5_3.1.s390x.rpm gstreamer-plugins-good-devel-0.10.9-1.el5_3.1.s390.rpm gstreamer-plugins-good-devel-0.10.9-1.el5_3.1.s390x.rpm x86_64: gstreamer-plugins-good-0.10.9-1.el5_3.1.x86_64.rpm gstreamer-plugins-good-debuginfo-0.10.9-1.el5_3.1.i386.rpm gstreamer-plugins-good-debuginfo-0.10.9-1.el5_3.1.x86_64.rpm gstreamer-plugins-good-devel-0.10.9-1.el5_3.1.i386.rpm gstreamer-plugins-good-devel-0.10.9-1.el5_3.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://www.cve.org/CVERecord?id=CVE-2009-0386 https://www.cve.org/CVERecord?id=CVE-2009-0387 https://www.cve.org/CVERecord?id=CVE-2009-0397 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2009 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFJjDUHXlSAg2UNWIIRAm/pAKCF35iRiroZG2zGKasYOFtp6K/egQCeL016 vLOI6DihaIUbobzQmYfyEFw=/a5n -----END PGP SIGNATURE----- -- Enterprise-watch-listmailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Significant gstreamer plugin overhaul for CentOS addresses multiple critical security vulnerabilities and improves multimedia processing capabilities.. gstreamer update, Red Hat security, buffer overflow fix, media plugin security. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Feb 06, 2009 Important Red Hat
Banner 2 1028x280 1708121730 1 1771599631
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here