-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2009:086 http://www.mandriva.com/security/ _______________________________________________________________________ Package : gstreamer-plugins Date : April 3, 2009 Affected: Corporate 3.0 _______________________________________________________________________ Problem Description: An array indexing error in the GStreamer's QuickTime media file format decoding plug-in enables attackers to crash the application and potentially execute arbitrary code by using a crafted media file (CVE-2009-0398). This update provides fix for that security issue. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0398 _______________________________________________________________________ Updated Packages: Corporate 3.0: 7b4be0cc6785817d1ff5c59b60c5f331 corporate/3.0/i586/gstreamer-a52dec-0.6.4-4.2mdk.i586.rpm 294392663723cf50cb7e173cdd23e160 corporate/3.0/i586/gstreamer-aalib-0.6.4-4.2mdk.i586.rpm b8637d2173ca121a31b21197dcb2cf7a corporate/3.0/i586/gstreamer-arts-0.6.4-4.2mdk.i586.rpm 7a317d7723978794cdde25db3c1462fa corporate/3.0/i586/gstreamer-artsd-0.6.4-4.2mdk.i586.rpm 79b5a682bc1c98302c0dc68b4d464c27 corporate/3.0/i586/gstreamer-audio-effects-0.6.4-4.2mdk.i586.rpm 5a691b3c1dd5a9c0bef53e425ce4851b corporate/3.0/i586/gstreamer-audiofile-0.6.4-4.2mdk.i586.rpm 0feda5ed5b3c8047e93fdf5cd19c8ff5 corporate/3.0/i586/gstreamer-audio-formats-0.6.4-4.2mdk.i586.rpm b1e1f7bbab5f3ddde291518cc171de65 corporate/3.0/i586/gstreamer-avi-0.6.4-4.2mdk.i586.rpm 685c0e290bd25cfb1157a4000d052f5d corporate/3.0/i586/gstreamer-cdparanoia-0.6.4-4.2mdk.i586.rpm 9420a443aecf206dcdeea594e58e1277 corporate/3.0/i586/gstreamer-cdplayer-0.6.4-4.2mdk.i586.rpm 96a5fc6dec0977dc5b1011bd05c2f645 corporate/3.0/i586/gstreamer-colorspace-0.6.4-4.2mdk.i586.rpm caab9a6306d918c050e8de8d826fd209 corporate/3.0/i586/gstreamer-dv-0.6.4-4.2mdk.i586.rpm 73a9cab8ce50d8af5ca08e24350938ce corporate/3.0/i586/gstreamer-dxr3-0.6.4-4.2mdk.i586.rpm b99c0903fa4c408dc9bf14b215a9606f corporate/3.0/i586/gstreamer-esound-0.6.4-4.2mdk.i586.rpm 5da33082cf9027b2a0ec151fdf41be66 corporate/3.0/i586/gstreamer-festival-0.6.4-4.2mdk.i586.rpm 02c4cf9d7e166f7c4556abd7c72b42cb corporate/3.0/i586/gstreamer-ffmpeg-0.6.4-4.2mdk.i586.rpm c8219bc30ff8d16ad12116a22973e12b corporate/3.0/i586/gstreamer-flac-0.6.4-4.2mdk.i586.rpm af5af2862c4a9e16a53e2a8ca997c9ab corporate/3.0/i586/gstreamer-flx-0.6.4-4.2mdk.i586.rpm 6657d5e12e0c5e6d2840e1a02abd949b corporate/3.0/i586/gstreamer-GConf-0.6.4-4.2mdk.i586.rpm ce2eca34c4958b279f1d87e08d2dd76e corporate/3.0/i586/gstreamer-gnomevfs-0.6.4-4.2mdk.i586.rpm f12f5afb995ca42028716aab35c5962f corporate/3.0/i586/gstreamer-gsm-0.6.4-4.2mdk.i586.rpm 16397ee314a0c8d4434062b1c7a574ed corporate/3.0/i586/gstreamer-httpsrc-0.6.4-4.2mdk.i586.rpm f31ba254382b0dad9f3ded0afa7600d4 corporate/3.0/i586/gstreamer-jack-0.6.4-4.2mdk.i586.rpm 350bdddc34f43c88ad5b7a0fb1e9ccc1 corporate/3.0/i586/gstreamer-jpeg-0.6.4-4.2mdk.i586.rpm c2ec5cb20a944b4d6ac03b221ac28051 corporate/3.0/i586/gstreamer-jpegmmx-0.6.4-4.2mdk.i586.rpm 2f30f3425d341f47c1d74abadc528bd1 corporate/3.0/i586/gstreamer-ladspa-0.6.4-4.2mdk.i586.rpm 33eda1029d1e97a8571516f452297685 corporate/3.0/i586/gstreamer-libdvdnav-0.6.4-4.2mdk.i586.rpm 2868b45a7465dcc74b94eb0a1a675af6 corporate/3.0/i586/gstreamer-libdvdread-0.6.4-4.2mdk.i586.rpm 82bcd0f1319d76b091a974fa3708bd91 corporate/3.0/i586/gstreamer-libpng-0.6.4-4.2mdk.i586.rpm 512a59310e2e294e98af6d18f21fabdd corporate/3.0/i586/gstreamer-mad-0.6.4-4.2mdk.i586.rpm b9d56e3b7ed8842df47def11848e722a corporate/3.0/i586/gstreamer-mikmod-0.6.4-4.2mdk.i586.rpm 2a2700c8eae36344e0e7185171af5265 corporate/3.0/i586/gstreamer-mpeg-0.6.4-4.2mdk.i586.rpm 7855681c3a429dbf792243fef2ff3e11 corporate/3.0/i586/gstreamer-oss-0.6.4-4.2mdk.i586.rpm ac2fb1432a4a04d6a7e0ee35f22baf74 corporate/3.0/i586/gstreamer-plugins-0.6.4-4.2mdk.i586.rpm 908f505adf4665e42f01513f94c7aa6e corporate/3.0/i586/gstreamer-plugins-devel-0.6.4-4.2mdk.i586.rpm 79cb79bd6b47b9f000b9d74b31fc7f7b corporate/3.0/i586/gstreamer-qcam-0.6.4-4.2mdk.i586.rpm bf74ca06ea867fa48daa58dba9c6cd22 corporate/3.0/i586/gstreamer-quicktime-0.6.4-4.2mdk.i586.rpm bf03b8ccf9abc84467908960b2e255d5 corporate/3.0/i586/gstreamer-raw1394-0.6.4-4.2mdk.i586.rpm 1b69687109f36445e8da9b3f6f650a73 corporate/3.0/i586/gstreamer-SDL-0.6.4-4.2mdk.i586.rpm 4e4fcf4562d5cf13da8ccfc437fbe054 corporate/3.0/i586/gstreamer-sid-0.6.4-4.2mdk.i586.rpm c6b611202a8bcfcab35e7aa858b187e6 corporate/3.0/i586/gstreamer-snapshot-0.6.4-4.2mdk.i586.rpm 43938dd98357131c74dfcea9f7e68271 corporate/3.0/i586/gstreamer-swfdec-0.6.4-4.2mdk.i586.rpm e564e68c934e6b4ade28dd66ec34b27d corporate/3.0/i586/gstreamer-udp-0.6.4-4.2mdk.i586.rpm 121e44e193ecb7ab42117c5400a76e6a corporate/3.0/i586/gstreamer-v4l-0.6.4-4.2mdk.i586.rpm 2501bf4f1df721ffbcd923f0e1f28e69 corporate/3.0/i586/gstreamer-vcd-0.6.4-4.2mdk.i586.rpm b431cb4835b61b1e78098a5b0489eec2 corporate/3.0/i586/gstreamer-video-effects-0.6.4-4.2mdk.i586.rpm 196a9ba5b5c8d6a824f0b620c3b7fd8f corporate/3.0/i586/gstreamer-videosink-0.6.4-4.2mdk.i586.rpm 7eea07fbffcd2e7fd673116be541bb1d corporate/3.0/i586/gstreamer-videotest-0.6.4-4.2mdk.i586.rpm d0271086e326cdfb878fd63cb5e990b7 corporate/3.0/i586/gstreamer-visualisation-0.6.4-4.2mdk.i586.rpm dc79b9b2facfdf6c37df56c54b407b21 corporate/3.0/i586/gstreamer-vorbis-0.6.4-4.2mdk.i586.rpm 6961d0e5b7243a8b57d510bb7153eaa2 corporate/3.0/i586/gstreamer-xvideosink-0.6.4-4.2mdk.i586.rpm 3f736b943345e07084657520c34220e5 corporate/3.0/i586/gstreamer-yuv4mjpeg-0.6.4-4.2mdk.i586.rpm 6d3228f0186eaccbc871d358c483890f corporate/3.0/i586/libgstgconf0.6-0.6.4-4.2mdk.i586.rpm 0b848c79c49c2b82f1290ed4176646b3 corporate/3.0/i586/libgstplay0.6-0.6.4-4.2mdk.i586.rpm e9f225788d97dd5611a8da50bbb4bb97 corporate/3.0/SRPMS/gstreamer-plugins-0.6.4-4.2mdk.src.rpm Corporate 3.0/X86_64: cf86397083aaf82d03ed5f8a7fdc3b3b corporate/3.0/x86_64/gstreamer-a52dec-0.6.4-4.2mdk.x86_64.rpm 7a28854021710df2d2dfb0218ba0bacf corporate/3.0/x86_64/gstreamer-aalib-0.6.4-4.2mdk.x86_64.rpm 82876ee7754810bbd0117acabe2ef313 corporate/3.0/x86_64/gstreamer-arts-0.6.4-4.2mdk.x86_64.rpm 555a9f2d41de248d3143e1f80adbb3b3 corporate/3.0/x86_64/gstreamer-artsd-0.6.4-4.2mdk.x86_64.rpm 4dd6712ebafb1e814b8fd1bfbe4b41fd corporate/3.0/x86_64/gstreamer-audio-effects-0.6.4-4.2mdk.x86_64.rpm eed567dc6abaa126effeaae9e18240d2 corporate/3.0/x86_64/gstreamer-audiofile-0.6.4-4.2mdk.x86_64.rpm 7ed153b13ab098203a29b8039a03cfcd corporate/3.0/x86_64/gstreamer-audio-formats-0.6.4-4.2mdk.x86_64.rpm f93b229de3917dc251ee564dc2a1f9e4 corporate/3.0/x86_64/gstreamer-avi-0.6.4-4.2mdk.x86_64.rpm 84fba1c782746bb4a0ee12cf8c2712d8 corporate/3.0/x86_64/gstreamer-cdparanoia-0.6.4-4.2mdk.x86_64.rpm cf7c22223cbbba95c171a65b8ce2925b corporate/3.0/x86_64/gstreamer-cdplayer-0.6.4-4.2mdk.x86_64.rpm 88bbbc7aa4089641840dcfeef1cb8e57 corporate/3.0/x86_64/gstreamer-colorspace-0.6.4-4.2mdk.x86_64.rpm a56b349287d7d410d66a18936e3bf9ad corporate/3.0/x86_64/gstreamer-dv-0.6.4-4.2mdk.x86_64.rpm fe0550b32b491e2be2125ce41f11be6e corporate/3.0/x86_64/gstreamer-dxr3-0.6.4-4.2mdk.x86_64.rpm 83bfe86ef019591b729b3444523c3267 corporate/3.0/x86_64/gstreamer-esound-0.6.4-4.2mdk.x86_64.rpm 4bc6e155877dbafe3d78fc73267a5696 corporate/3.0/x86_64/gstreamer-festival-0.6.4-4.2mdk.x86_64.rpm d11c1c22889f3c5693b807a1bb5c96fe corporate/3.0/x86_64/gstreamer-ffmpeg-0.6.4-4.2mdk.x86_64.rpm 32101145b9ddef7f6e6f6f1d6dca9b94 corporate/3.0/x86_64/gstreamer-flac-0.6.4-4.2mdk.x86_64.rpm 72f152dbb40dd6db6ec2625675eb774e corporate/3.0/x86_64/gstreamer-flx-0.6.4-4.2mdk.x86_64.rpm 2c1612695306cf513e9f16589a0e32b4 corporate/3.0/x86_64/gstreamer-GConf-0.6.4-4.2mdk.x86_64.rpm 2c37cc3a2b9ba274d94747a385c07ad2 corporate/3.0/x86_64/gstreamer-gnomevfs-0.6.4-4.2mdk.x86_64.rpm d32263e0380c40c7d6587df1a2307d97 corporate/3.0/x86_64/gstreamer-gsm-0.6.4-4.2mdk.x86_64.rpm 6324107ebc113ca6dbff39802e70c64c corporate/3.0/x86_64/gstreamer-httpsrc-0.6.4-4.2mdk.x86_64.rpm d740bf51291dfeb3c30af5dfcfa01173 corporate/3.0/x86_64/gstreamer-jack-0.6.4-4.2mdk.x86_64.rpm 444d2b92e050c15e58d4a1608cacc73c corporate/3.0/x86_64/gstreamer-jpeg-0.6.4-4.2mdk.x86_64.rpm 6e05620b20f9bf9e3150c970f3a6a006 corporate/3.0/x86_64/gstreamer-jpegmmx-0.6.4-4.2mdk.x86_64.rpm e9feedd03c8eab60ed6b0a959605d5f4 corporate/3.0/x86_64/gstreamer-ladspa-0.6.4-4.2mdk.x86_64.rpm ba96e950032872891f687ce1ff2788a4 corporate/3.0/x86_64/gstreamer-libdvdnav-0.6.4-4.2mdk.x86_64.rpm 8d3d77bad5dc74fe83f0f54cfc33308c corporate/3.0/x86_64/gstreamer-libdvdread-0.6.4-4.2mdk.x86_64.rpm 7eea3c7aca8845d97fe01cd3863ae9de corporate/3.0/x86_64/gstreamer-libpng-0.6.4-4.2mdk.x86_64.rpm 8001f0e188454f3379ef824ae2708084 corporate/3.0/x86_64/gstreamer-mad-0.6.4-4.2mdk.x86_64.rpm 101f2acb1ab238f3a6f05baa25730296 corporate/3.0/x86_64/gstreamer-mikmod-0.6.4-4.2mdk.x86_64.rpm faea588daf3b4383be7d26105902a440 corporate/3.0/x86_64/gstreamer-mpeg-0.6.4-4.2mdk.x86_64.rpm 6bd4e4b95af116b7e72ef9d17b1d0b47 corporate/3.0/x86_64/gstreamer-oss-0.6.4-4.2mdk.x86_64.rpm d02bb7eace03146f48aeb2cbc83e4eb5 corporate/3.0/x86_64/gstreamer-plugins-0.6.4-4.2mdk.x86_64.rpm 63d0c5454ddf2e45f9d0f0b1966511c6 corporate/3.0/x86_64/gstreamer-plugins-devel-0.6.4-4.2mdk.x86_64.rpm 5320b13d4b23430655169941b4e23ef6 corporate/3.0/x86_64/gstreamer-quicktime-0.6.4-4.2mdk.x86_64.rpm 871d19fc5c7597118120dcf5613cb4de corporate/3.0/x86_64/gstreamer-raw1394-0.6.4-4.2mdk.x86_64.rpm 0e1bf5001b9f7ae203ff19efc6405152 corporate/3.0/x86_64/gstreamer-SDL-0.6.4-4.2mdk.x86_64.rpm 6e8d6b67f93fa256c368b21ecd1f62d6 corporate/3.0/x86_64/gstreamer-sid-0.6.4-4.2mdk.x86_64.rpm 0007c08b1dc6711dc9178232fbf6a263 corporate/3.0/x86_64/gstreamer-snapshot-0.6.4-4.2mdk.x86_64.rpm af9c4e657e288e57180c854369299fe6 corporate/3.0/x86_64/gstreamer-swfdec-0.6.4-4.2mdk.x86_64.rpm c7edfc5a251d986ea72462b2427bef12 corporate/3.0/x86_64/gstreamer-udp-0.6.4-4.2mdk.x86_64.rpm f1d9e602a3f9b4eeedc6f4dbff27f8e6 corporate/3.0/x86_64/gstreamer-v4l-0.6.4-4.2mdk.x86_64.rpm 2b84d6e223ca03a1a64642de2cd188a9 corporate/3.0/x86_64/gstreamer-vcd-0.6.4-4.2mdk.x86_64.rpm 7b654979b403c4af4b8ed5cafc40195c corporate/3.0/x86_64/gstreamer-video-effects-0.6.4-4.2mdk.x86_64.rpm 8a9307f3e0a40d2c7d3806ac67594439 corporate/3.0/x86_64/gstreamer-videosink-0.6.4-4.2mdk.x86_64.rpm 21b7563718bba6fa8511c6facbc49777 corporate/3.0/x86_64/gstreamer-videotest-0.6.4-4.2mdk.x86_64.rpm de1b19bdf5307d242e37ddbd387d34ed corporate/3.0/x86_64/gstreamer-visualisation-0.6.4-4.2mdk.x86_64.rpm 2182ea1ada21c49b2396a6987d4e9b01 corporate/3.0/x86_64/gstreamer-vorbis-0.6.4-4.2mdk.x86_64.rpm cb0fea26b7692ce584058495e7e40c1c corporate/3.0/x86_64/gstreamer-xvideosink-0.6.4-4.2mdk.x86_64.rpm 49118bcb6696d6e49cece68d7a068ae1 corporate/3.0/x86_64/gstreamer-yuv4mjpeg-0.6.4-4.2mdk.x86_64.rpm 08035d8aead9e7da152d423b8bf81dd9 corporate/3.0/x86_64/lib64gstgconf0.6-0.6.4-4.2mdk.x86_64.rpm 187035879a19f3fd8a6d4033c4073248 corporate/3.0/x86_64/lib64gstplay0.6-0.6.4-4.2mdk.x86_64.rpm e9f225788d97dd5611a8da50bbb4bb97 corporate/3.0/SRPMS/gstreamer-plugins-0.6.4-4.2mdk.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFJ1n7gmqjQ0CJFipgRAvVOAJ9/yjCiSfBPsC+PBzKPpLtKzxwpcACeJ7vM QY3Z+/aokwfp0piCYdzSZ90= =dTAp -----END PGP SIGNATURE-----