-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-6167-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 17, 2026 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : gst-plugins-base1.0 CVE ID : CVE-2026-2921 An integer overflow was discovered in the RIFF parser of the GStreamer media framework, which may result in denial of service or potentially the execution of arbitrary code if a malformed media file is opened. For the oldstable distribution (bookworm), this problem has been fixed in version 1.22.0-3+deb12u6. For the stable distribution (trixie), this problem has been fixed in version 1.26.2-1+deb13u1. We recommend that you upgrade your gst-plugins-base1.0 packages. For the detailed security status of gst-plugins-base1.0 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/gst-plugins-base1.0 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: [email protected] -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmm5s9YACgkQEMKTtsN8 Tjb27g//fFsoYbeFsQHjsnNNEZFFg37Z2l/YkZnhge9VRLjnkbMafIAaO02bCPnn uLu4+CXUDoGSNF91qaww4i0G6CKYio7lqtjOe678AM9s+u/G2LOvOJaROPvmsXmc YGjK+p/itiaYTGRwqAKocMOjWvlFsw5c742A3Hj8ZCtbJ8tFFocFe0s+r6shBs9S Z6FcAKS9qzakV5ZOHqQ7i7MjjzBp3NHYZi+wUndJ3aMIW0RxJnIWtgjNayGxH18d gL7Gat258OVUOM/vBZ8N02bUWzPJeS3Adxi3iLNiCkaGzhvfppdu1DbWURF0vwIm XRSh50cNrJ+zySp2Ouqmqxv8PHBXeeGok85iZQs/7wWSacv7HhyeblHESJDb3veR yNewGGA2qpDoXEmtPaIg4j1DyBjMgyaVzgACN60T6zpCx1q0+Ziylx0GX/AEKfsY OLnzzSQh6BUXLwx7SXVc0Qr9auu6R7PVfWxHaIzQ3ZL9TuQKssDGArLzUcp1ncZl xD9Oo73uddyvwryWoFn+/gGI6K647SEAN1zX1QYlyTs9g0jejYaZf78jR7CsegEr h0IQde0jJ7sFnzNfSDRl1v8Xh20vz8Hfl6ydNIoZdHlrsOnOj0G535WFLG/UyfwU d3mg58uRBM5gxnwmoX6jAy9maQFvNt36hMHlIuudIINfUIv+kss= =QzHl -----END PGP SIGNATURE-----
