Bug#514177: gstreamer0.10-plugins-good: Several security issues: CVE-2009-0386 CVE-2009-0387 CVE-2009-0397 CVE-2009-0398
Steffen Joeris
steffen.joeris at skolelinux.de
Wed Feb 4 22:43:47 UTC 2009
Package: gstreamer0.10-plugins-good
Version: 0.10.8-4.1
Severity: grave
Tags: security
Justification: user security hole
Hi,
the following CVE (Common Vulnerabilities & Exposures) ids were
published for gst-plugins-good0.10.
CVE-2009-0386[0]:
| Heap-based buffer overflow in the qtdemux_parse_samples function in
| gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka
| gst-plugins-good) 0.10.9 through 0.10.11 might allow remote attackers
| to execute arbitrary code via crafted Composition Time To Sample
| (ctts) atom data in a malformed QuickTime media .mov file.
CVE-2009-0387[1]:
| Array index error in the qtdemux_parse_samples function in
| gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka
| gst-plugins-good) 0.10.9 through 0.10.11 allows remote attackers to
| cause a denial of service (application crash) and possibly execute
| arbitrary code via crafted Sync Sample (aka stss) atom data in a
| malformed QuickTime media .mov file, related to "mark keyframes."
CVE-2009-0397[2]:
| Heap-based buffer overflow in the qtdemux_parse_samples function in
| gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka
| gst-plugins-good) 0.10.9 through 0.10.11, and GStreamer Plug-ins (aka
| gstreamer-plugins) 0.8.5, might allow remote attackers to execute
| arbitrary code via crafted Time-to-sample (aka stts) atom data in a
| malformed QuickTime media .mov file.
CVE-2009-0398[3]:
| Array index error in the gst_qtp_trak_handler function in
| gst/qtdemux/qtdemux.c in GStreamer Plug-ins (aka gstreamer-plugins)
| 0.6.0 allows remote attackers to have an unknown impact via a crafted
| QuickTime media file.
There is also a redhat bugreport[4] and a mail[5] on the public security
list with more information. The upstream patch[6] seems to fix all, but
CVE-2009-0398 according to upstream.
These issues should be fixed for lenny. It would also be good, if you as
the maintainer could prepare an update for etch and contact the security
team, if you have something ready.
If you fix the vulnerabilities please also make sure to include the
CVE ids in your changelog entry.
Thanks in advance for your work.
Cheers
Steffen
For further information see:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0386
http://security-tracker.debian.net/tracker/CVE-2009-0386
[1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0387
http://security-tracker.debian.net/tracker/CVE-2009-0387
[2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0397
http://security-tracker.debian.net/tracker/CVE-2009-0397
[3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0398
http://security-tracker.debian.net/tracker/CVE-2009-0398
[4] https://bugzilla.redhat.com/show_bug.cgi?id=481267
[5] http://www.openwall.com/lists/oss-security/2009/01/29/3
[6] http://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=bdc20b9baf13564d9a061343416395f8f9a92b53
More information about the Pkg-gstreamer-maintainers
mailing list