=========================================================== 
Ubuntu Security Notice USN-611-3               May 08, 2008
gst-plugins-good0.10 vulnerability
CVE-2008-1686
==========================================================
A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 7.04
Ubuntu 7.10
Ubuntu 8.04 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
  gstreamer0.10-plugins-good      0.10.3-0ubuntu4.1

Ubuntu 7.04:
  gstreamer0.10-plugins-good      0.10.5-1ubuntu2.1

Ubuntu 7.10:
  gstreamer0.10-plugins-good      0.10.6-0ubuntu4.1

Ubuntu 8.04 LTS:
  gstreamer0.10-plugins-good      0.10.7-3ubuntu0.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

USN-611-1 fixed a vulnerability in Speex. This update provides the
corresponding update for GStreamer Good Plugins.

Original advisory details:

 It was discovered that Speex did not properly validate its input when
 processing Speex file headers. If a user or automated system were
 tricked into opening a specially crafted Speex file, an attacker could
 create a denial of service in applications linked against Speex or
 possibly execute arbitrary code as the user invoking the program.


Updated packages for Ubuntu 6.06 LTS:

  Source archives:

          Size/MD5:    26587 c28ee0b276b139cd95e08219eae0dfdd
          Size/MD5:     1463 45c1fd3b8ce3651c4abad741ef80f6c1
          Size/MD5:  1782808 bfac20228cf6e9317a371a5f36feb8ae

  Architecture independent packages:

          Size/MD5:    75038 76c0d219af78c0581ddb03f6b6f16288

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:    32904 258a2047bf718e6e2c4a8ed9156c7352
          Size/MD5:  1670156 6a5b2fa48033860308edcb371f58f683
          Size/MD5:   643072 0eebc1c15a8bf2b568aa946d91b76481

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:    32292 8196fe571b62164caf93daf94c5fd4f8
          Size/MD5:  1523910 634e36dba05f1713cb2faaf393045af2
          Size/MD5:   576984 bd0da0cc976240889a2f87f13cf92a62

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:    34552 8aae4fe1ead8f621db226cebf49e4356
          Size/MD5:  1705072 7e123a29b809facd93b51cbecaff0343
          Size/MD5:   699600 e99fbd684d1ae78030f328d32d20a8d8

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:    32796 bff921c3ce7989d620a8459e45969421
          Size/MD5:  1546334 a66846506ae701840f9b300d76c83168
          Size/MD5:   618960 8a763568d01e8e8550142cc9f79d6938

Updated packages for Ubuntu 7.04:

  Source archives:

          Size/MD5:    21340 f01a982544378a6c557c047bb77ab244
          Size/MD5:     1633 fe155ca188fa0b07447acd299cfd5ac3
          Size/MD5:  2070821 c28c334037d73dd79efd7550fe3e6001

  Architecture independent packages:

          Size/MD5:    95388 93f35bb9206ff4ea33950f221d08e0e0

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:    38132 9c03502fddae3db99c0d782a51ea9bcf
          Size/MD5:  1937856 82eecb005419b8eefae5d7daeaca83e9
          Size/MD5:   725752 4ef7781a8cce07669fed638678e5edf2

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:    37906 b323df18724846d81da4f55afc65a4d2
          Size/MD5:  1837014 df4818adf02517cd50f483a0c8ac63f1
          Size/MD5:   676274 21e5abb6fa53b82ce49533ef41fd8b8c

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:    38886 3198a0d9789c6a2b31741477423a64c6
          Size/MD5:  1955710 4dbf717c9342620e141caf375115c6d9
          Size/MD5:   767834 b693df406bc38f521ef824829b117457

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:    38102 296bccc5ee42f283fef5d8e69a56b7c3
          Size/MD5:  1822102 c2b7fa56757d93940ce519338f5a9528
          Size/MD5:   702034 26f832b931d99c939692da1d6c815832

Updated packages for Ubuntu 7.10:

  Source archives:

          Size/MD5:    66980 83755cd8268384715d4e79c0dadad0c3
          Size/MD5:     1735 0aec0c6b155f8abe72e53661aa085918
          Size/MD5:  2414361 8cae6351d3b5739104fbc9822eedff79

  Architecture independent packages:

          Size/MD5:   108484 c32d287c32fe20320d72e85baad6cda7

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:    41398 fbcd8aad68b3f09ad059d826dda71bf3
          Size/MD5:  2275126 7db2247b64e5450eb6d621bb1e032441
          Size/MD5:   887380 7218d3007ee4276c5ca1d6188d76587f

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:    41032 02fc3bb4a14c8e65ac352ca8603188e7
          Size/MD5:  2191236 5e63077c66c8c31e870a937fb4328e76
          Size/MD5:   831112 0edc092d8ade9d24f13a6f8a047c98ce

  lpia architecture (Low Power Intel Architecture):

          Size/MD5:    40858 e91f1b91cc525dcabe042ff44f630688
          Size/MD5:  2280944 cf5e2e599f6ccfc620102e13944fddb9
          Size/MD5:   814556 f09b29051e35370dd6d4bb700e571250

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:    42100 618d4e53fed3b843887f32193118b294
          Size/MD5:  2316016 1e34b945d00bc9071dbafceb4452e6e9
          Size/MD5:   940724 b3696538b218ab60d1a3c22fa54b3543

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:    41290 9e057a7a98aab9756649a40cf26038c5
          Size/MD5:  2158886 7f9ca30293540d08026cfd66ed1cc8a5
          Size/MD5:   869388 85474c31b8d1f128f5077210023ec22b

Updated packages for Ubuntu 8.04 LTS:

  Source archives:

          Size/MD5:    26063 f789d0115e0cc19453e3d096cb383c52
          Size/MD5:     2069 4862dac7936f34756a2edab1cfe00e53
          Size/MD5:  2679804 2832ded1d6be0356d77689b6ca1b5f83

  Architecture independent packages:

          Size/MD5:   149968 c265e6c51796688a384c8f1ef881f93d

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:    44998 93620f1b2476459723abdcb840615d6a
          Size/MD5:  2409630 cfd69cd30e697fdb8fbfeb5285f23989
          Size/MD5:   932962 18d7dadedb46d3364e7cb362c2485017

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:    44684 9889cb9ea0330e0c6d2afbf37814881b
          Size/MD5:  2314338 8a73f849bf62c6619d37816918a7865c
          Size/MD5:   873074 846a215cad96a4a9c50b3a28f4451572

  lpia architecture (Low Power Intel Architecture):

          Size/MD5:    44500 84aa4a81f6266bd0eaaaca92231898ec
          Size/MD5:  2344148 9c316ad9c0b5eb43387e121e3bd89fdf
          Size/MD5:   859876 d4986caefbd02b780e5eb31ae1f9dc22

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:    45640 8de3e87763017b90424f0bf348c7b623
          Size/MD5:  2441410 f25046e5fe500ed03cfaa3cd683b2760
          Size/MD5:   991944 65b7cc2d20583221910e2cd4bdfab873

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:    44714 5ab724f2993b9aee9e40145bb710cfe5
          Size/MD5:  2280982 9bda887a2ac622b11a5a5bdb39a3f31d
          Size/MD5:   904902 1d227c55e7cff2ffb678c65c1e9a09c0



--uMPAU7A2Er6+wvsD
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFII3hnW0JvuRdL8BoRAgP5AJ0YZgEa8Gwb7ZyNKL3ZZCx361V4MACgilsn
RCAoj+SSlPl8v3048PpZc70=/eso
-----END PGP SIGNATURE-------uMPAU7A2Er6+wvsD--
--==============73492965279107438=Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

--ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

--==============73492965279107438==--

Ubuntu: GStreamer Good Plugins vulnerability

May 8, 2008
It was discovered that Speex did not properly validate its input when processing Speex file headers

Summary

Update Instructions

References

Severity
Ubuntu Security Notice USN-611-3 May 08, 2008

Package Information

Related News

24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved