LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: July 18th, 2014
Linux Advisory Watch: July 13th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Mandriva: [ MDVSA-2009:085 ] gstreamer0.10-plugins-base Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Mandrake Integer overflows in gstreamer0.10-plugins-base Base64 encoding and decoding functions (related with glib2.0 issue CVE-2008-4316) may lead attackers to cause denial of service. Altough vector attacks are not known yet (CVE-2009-0586). This update provide the fix for that security issue.
 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2009:085
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : gstreamer0.10-plugins-base
 Date    : April 2, 2009
 Affected: 2008.0, 2008.1, 2009.0
 _______________________________________________________________________

 Problem Description:

 Integer overflows in gstreamer0.10-plugins-base Base64 encoding and
 decoding functions (related with glib2.0 issue CVE-2008-4316) may
 lead attackers to cause denial of service. Altough vector attacks
 are not known yet (CVE-2009-0586).
 
 This update provide the fix for that security issue.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0586
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2008.0:
 12542730be9e404ff1fd8516c2343d8c  2008.0/i586/gstreamer0.10-cdparanoia-0.10.14-1.1mdv2008.0.i586.rpm
 855f4fcf92e4163ac423873b4f98bc5b  2008.0/i586/gstreamer0.10-gnomevfs-0.10.14-1.1mdv2008.0.i586.rpm
 7dc212c5023989f8f841b477413c0da6  2008.0/i586/gstreamer0.10-libvisual-0.10.14-1.1mdv2008.0.i586.rpm
 18ce72c0b1a15e530abb599b7b619436  2008.0/i586/gstreamer0.10-plugins-base-0.10.14-1.1mdv2008.0.i586.rpm
 2adfc350673e8640a6e0c89891b43e3e  2008.0/i586/libgstreamer-plugins-base0.10-0.10.14-1.1mdv2008.0.i586.rpm
 0932dd52403330834a9c9903eb7eb070  2008.0/i586/libgstreamer-plugins-base0.10-devel-0.10.14-1.1mdv2008.0.i586.rpm 
 a3c1ae2f5d0996398c62d4c00eb7bdf4  2008.0/SRPMS/gstreamer0.10-plugins-base-0.10.14-1.1mdv2008.0.src.rpm

 Mandriva Linux 2008.0/X86_64:
 8a1096f42d6b55e38ae6476d6ec9d868  2008.0/x86_64/gstreamer0.10-cdparanoia-0.10.14-1.1mdv2008.0.x86_64.rpm
 90264a683847f0632268c789cae6be57  2008.0/x86_64/gstreamer0.10-gnomevfs-0.10.14-1.1mdv2008.0.x86_64.rpm
 6a8459a089bd2ffa02fe60520dafa810  2008.0/x86_64/gstreamer0.10-libvisual-0.10.14-1.1mdv2008.0.x86_64.rpm
 dbe6030637bfdf415148c6aeb259aa0b  2008.0/x86_64/gstreamer0.10-plugins-base-0.10.14-1.1mdv2008.0.x86_64.rpm
 022aff0560797a7d3b40e87d78fd7017  2008.0/x86_64/lib64gstreamer-plugins-base0.10-0.10.14-1.1mdv2008.0.x86_64.rpm
 22e18afda7ee42298f7cfdb5bda48f30  2008.0/x86_64/lib64gstreamer-plugins-base0.10-devel-0.10.14-1.1mdv2008.0.x86_64.rpm 
 a3c1ae2f5d0996398c62d4c00eb7bdf4  2008.0/SRPMS/gstreamer0.10-plugins-base-0.10.14-1.1mdv2008.0.src.rpm

 Mandriva Linux 2008.1:
 a61869a3e48117e309f44731b4a7edba  2008.1/i586/gstreamer0.10-cdparanoia-0.10.17-3.1mdv2008.1.i586.rpm
 995c27a7892850ff988af6c20f4e98b7  2008.1/i586/gstreamer0.10-gnomevfs-0.10.17-3.1mdv2008.1.i586.rpm
 a7b77a7757686f79288ca00ba21cee65  2008.1/i586/gstreamer0.10-libvisual-0.10.17-3.1mdv2008.1.i586.rpm
 26e49d6f77c6d343f12afc7af34aec46  2008.1/i586/gstreamer0.10-plugins-base-0.10.17-3.1mdv2008.1.i586.rpm
 147bed861fb0e7212279b50d8f0db2f2  2008.1/i586/libgstreamer-plugins-base0.10-0.10.17-3.1mdv2008.1.i586.rpm
 7dd60454ee39dc3dbeaa0a421662ad49  2008.1/i586/libgstreamer-plugins-base0.10-devel-0.10.17-3.1mdv2008.1.i586.rpm 
 d954ddbfc4793e83f7c386c0ee6d4620  2008.1/SRPMS/gstreamer0.10-plugins-base-0.10.17-3.1mdv2008.1.src.rpm

 Mandriva Linux 2008.1/X86_64:
 ff499a231f5e78954326be2c70c74f60  2008.1/x86_64/gstreamer0.10-cdparanoia-0.10.17-3.1mdv2008.1.x86_64.rpm
 a524756d6de5201dd8b7a19ee0c7221d  2008.1/x86_64/gstreamer0.10-gnomevfs-0.10.17-3.1mdv2008.1.x86_64.rpm
 6f5784baec383db8f02ec541f9ad5db5  2008.1/x86_64/gstreamer0.10-libvisual-0.10.17-3.1mdv2008.1.x86_64.rpm
 cf7666cd24c1699bc7a985b62dedc5d2  2008.1/x86_64/gstreamer0.10-plugins-base-0.10.17-3.1mdv2008.1.x86_64.rpm
 9dd3f20e2dc096e88d2eadfcf95a04a6  2008.1/x86_64/lib64gstreamer-plugins-base0.10-0.10.17-3.1mdv2008.1.x86_64.rpm
 a32032a8785d41024021d614c24df63a  2008.1/x86_64/lib64gstreamer-plugins-base0.10-devel-0.10.17-3.1mdv2008.1.x86_64.rpm 
 d954ddbfc4793e83f7c386c0ee6d4620  2008.1/SRPMS/gstreamer0.10-plugins-base-0.10.17-3.1mdv2008.1.src.rpm

 Mandriva Linux 2009.0:
 34740bb76dc96e2a2afc5c023dc1e221  2009.0/i586/gstreamer0.10-cdparanoia-0.10.20-2.1mdv2009.0.i586.rpm
 293e13fd77c5d376230249076fd3a96f  2009.0/i586/gstreamer0.10-gnomevfs-0.10.20-2.1mdv2009.0.i586.rpm
 9da8b262c2e0ebb99d82db6dfb95385a  2009.0/i586/gstreamer0.10-libvisual-0.10.20-2.1mdv2009.0.i586.rpm
 acbd01a290b7884d8b873cea4261f395  2009.0/i586/gstreamer0.10-plugins-base-0.10.20-2.1mdv2009.0.i586.rpm
 2359d66d1130e01bf890eb0a6fdaabd7  2009.0/i586/libgstreamer-plugins-base0.10-0.10.20-2.1mdv2009.0.i586.rpm
 23bf4f1729461a1898e4b33fa5b4d6e2  2009.0/i586/libgstreamer-plugins-base0.10-devel-0.10.20-2.1mdv2009.0.i586.rpm 
 081eb3567cccd3fdbd6d489afed7b2a7  2009.0/SRPMS/gstreamer0.10-plugins-base-0.10.20-2.1mdv2009.0.src.rpm

 Mandriva Linux 2009.0/X86_64:
 2d8aefdcdd6b16568b1aee1229d3e22a  2009.0/x86_64/gstreamer0.10-cdparanoia-0.10.20-2.1mdv2009.0.x86_64.rpm
 4cc0caf240dade948edca80b16adf49f  2009.0/x86_64/gstreamer0.10-gnomevfs-0.10.20-2.1mdv2009.0.x86_64.rpm
 eeada47fb1bf597306e3c953db0c7e1f  2009.0/x86_64/gstreamer0.10-libvisual-0.10.20-2.1mdv2009.0.x86_64.rpm
 4e8be34d3738eda98153944b4f37c281  2009.0/x86_64/gstreamer0.10-plugins-base-0.10.20-2.1mdv2009.0.x86_64.rpm
 18b2ee793b291ce098c0d47b83bbd834  2009.0/x86_64/lib64gstreamer-plugins-base0.10-0.10.20-2.1mdv2009.0.x86_64.rpm
 d801c5f4b3bfe9f6f0fbea6ecadf42ab  2009.0/x86_64/lib64gstreamer-plugins-base0.10-devel-0.10.20-2.1mdv2009.0.x86_64.rpm 
 081eb3567cccd3fdbd6d489afed7b2a7  2009.0/SRPMS/gstreamer0.10-plugins-base-0.10.20-2.1mdv2009.0.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
How Hackers Hid a Money-Mining Botnet in Amazonís Cloud
Homeland Security gets into software security
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.