Headline
Ubuntu Security Notice USN-6268-1
Ubuntu Security Notice 6268-1 - It was discovered that GStreamer Base Plugins incorrectly handled certain FLAC image tags. A remote attacker could use this issue to cause GStreamer Base Plugins to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that GStreamer Base Plugins incorrectly handled certain subtitles. A remote attacker could use this issue to cause GStreamer Base Plugins to crash, resulting in a denial of service, or possibly execute arbitrary code.
==========================================================================Ubuntu Security Notice USN-6268-1August 02, 2023gst-plugins-base1.0 vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 23.04- Ubuntu 22.04 LTS- Ubuntu 20.04 LTSSummary:GStreamer Base Plugins could be made to crash or run programs if it openeda specially crafted file.Software Description:- gst-plugins-base1.0: GStreamer pluginsDetails:It was discovered that GStreamer Base Plugins incorrectly handled certainFLAC image tags. A remote attacker could use this issue to cause GStreamerBase Plugins to crash, resulting in a denial of service, or possiblyexecute arbitrary code. (CVE-2023-37327)It was discovered that GStreamer Base Plugins incorrectly handled certainsubtitles. A remote attacker could use this issue to cause GStreamer BasePlugins to crash, resulting in a denial of service, or possibly executearbitrary code. (CVE-2023-37328)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 23.04: gstreamer1.0-plugins-base 1.22.1-1ubuntu1.1Ubuntu 22.04 LTS: gstreamer1.0-plugins-base 1.20.1-1ubuntu0.1Ubuntu 20.04 LTS: gstreamer1.0-plugins-base 1.16.3-0ubuntu1.2In general, a standard system update will make all the necessary changes.References: https://ubuntu.com/security/notices/USN-6268-1 CVE-2023-37327, CVE-2023-37328Package Information: https://launchpad.net/ubuntu/+source/gst-plugins-base1.0/1.22.1-1ubuntu1.1 https://launchpad.net/ubuntu/+source/gst-plugins-base1.0/1.20.1-1ubuntu0.1 https://launchpad.net/ubuntu/+source/gst-plugins-base1.0/1.16.3-0ubuntu1.2
Related news
Ubuntu Security Notice 6269-1 - It was discovered that GStreamer Good Plugins incorrectly handled certain FLAC image tags. A remote attacker could use this issue to cause GStreamer Good Plugins to crash, resulting in a denial of service, or possibly execute arbitrary code.