Gentoo Archives: gentoo-announce

From: Robert Buchholz <rbu@g.o>
To: gentoo-announce@l.g.o
Cc: bugtraq@×××××××××××××.com, full-disclosure@××××××××××××××.uk, security-alerts@×××××××××××××.com
Subject: [gentoo-announce] [ GLSA 200907-11 ] GStreamer plug-ins: User-assisted execution of arbitrary code
Date: Sun, 12 Jul 2009 18:42:21
Message-Id: 200907121943.56471.rbu@gentoo.org
1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2 Gentoo Linux Security Advisory GLSA 200907-11
3 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
4 http://security.gentoo.org/
5 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
6
7 Severity: Normal
8 Title: GStreamer plug-ins: User-assisted execution of arbitrary
9 code
10 Date: July 12, 2009
11 Bugs: #256096, #261594, #272972
12 ID: 200907-11
13
14 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
15
16 Synopsis
17 ========
18
19 Multiple vulnerabilities in multiple GStreamer plug-ins might allow for
20 the execution of arbitrary code.
21
22 Background
23 ==========
24
25 The GStreamer plug-ins provide decoders to the GStreamer open source
26 media framework.
27
28 Affected packages
29 =================
30
31 -------------------------------------------------------------------
32 Package / Vulnerable / Unaffected
33 -------------------------------------------------------------------
34 1 media-libs/gst-plugins-good < 0.10.14 >= 0.10.14
35 2 media-libs/gst-plugins-base < 0.10.22 >= 0.10.22
36 3 media-plugins/gst-plugins-libpng < 0.10.14-r1 >= 0.10.14-r1
37 -------------------------------------------------------------------
38 3 affected packages on all of their supported architectures.
39 -------------------------------------------------------------------
40
41 Description
42 ===========
43
44 Multiple vulnerabilities have been reported in several GStreamer
45 plug-ins:
46
47 * Tobias Klein reported two heap-based buffer overflows and an array
48 index error in the qtdemux_parse_samples() function in
49 gst-plugins-good when processing a QuickTime media .mov file
50 (CVE-2009-0386, CVE-2009-0387, CVE-2009-0397).
51
52 * Thomas Hoger of the Red Hat Security Response Team reported an
53 integer overflow that can lead to a heap-based buffer overflow in the
54 gst_vorbis_tag_add_coverart() function in gst-plugins-base when
55 processing COVERART tags (CVE-2009-0586).
56
57 * Tielei Wang of ICST-ERCIS, Peking University reported multiple
58 integer overflows leading to buffer overflows in gst-plugins-libpng
59 when processing a PNG file (CVE-2009-1932).
60
61 Impact
62 ======
63
64 A remote attacker could entice a user or automated system using a
65 GStreamer plug-in to process a specially crafted file, resulting in the
66 execution of arbitrary code or a Denial of Service.
67
68 Workaround
69 ==========
70
71 There is no known workaround at this time.
72
73 Resolution
74 ==========
75
76 All gst-plugins-good users should upgrade to the latest version:
77
78 # emerge --sync
79 # emerge --ask --oneshot -v ">=media-libs/gst-plugins-good-0.10.14"
80
81 All gst-plugins-base users should upgrade to the latest version:
82
83 # emerge --sync
84 # emerge --ask --oneshot -v ">=media-libs/gst-plugins-base-0.10.22"
85
86 All gst-plugins-libpng users should upgrade to the latest version:
87
88 # emerge --sync
89 # emerge -a -1 -v ">=media-plugins/gst-plugins-libpng-0.10.14-r1"
90
91 References
92 ==========
93
94 [ 1 ] CVE-2009-0386
95 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0386
96 [ 2 ] CVE-2009-0387
97 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0387
98 [ 3 ] CVE-2009-0397
99 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0397
100 [ 4 ] CVE-2009-0586
101 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0586
102 [ 5 ] CVE-2009-1932
103 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1932
104
105 Availability
106 ============
107
108 This GLSA and any updates to it are available for viewing at
109 the Gentoo Security Website:
110
111 http://security.gentoo.org/glsa/glsa-200907-11.xml
112
113 Concerns?
114 =========
115
116 Security is a primary focus of Gentoo Linux and ensuring the
117 confidentiality and security of our users machines is of utmost
118 importance to us. Any security concerns should be addressed to
119 security@g.o or alternatively, you may file a bug at
120 http://bugs.gentoo.org.
121
122 License
123 =======
124
125 Copyright 2009 Gentoo Foundation, Inc; referenced text
126 belongs to its owner(s).
127
128 The contents of this document are licensed under the
129 Creative Commons - Attribution / Share Alike license.
130
131 http://creativecommons.org/licenses/by-sa/2.5

Attachments

File name MIME type
signature.asc application/pgp-signature