-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-6191-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 01, 2026 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : gst-plugins-ugly1.0 CVE ID : CVE-2026-2920 CVE-2026-2922 Multiple vulnerabilities were discovered in plugins for the GStreamer media framework and its codecs and demuxers, which may result in denial of service or potentially the execution of arbitrary code if a malformed media file is opened. For the oldstable distribution (bookworm), these problems have been fixed in version 1.22.0-2+deb12u2. For the stable distribution (trixie), these problems have been fixed in version 1.26.3-4+deb13u1. We recommend that you upgrade your gst-plugins-ugly1.0 packages. For the detailed security status of gst-plugins-ugly1.0 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/gst-plugins-ugly1.0 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: [email protected] -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmnNfiYACgkQEMKTtsN8 TjZolBAAuy4u38JP1xbOMJfT5DCCYzO2S9k7BHxYCk6HoQb63JkHN75mZ/KiwoE3 YeuzzS5m78/fkh//oDP3GlnPqab6d3m9fR+ZWEIuuGOyWQNdYi5Xgt/P5jHZ6cPO MdcGxBf0WlgAC04R4F7R9+NJhEZNX6+SPyhS8Lb6RYNc30UFLP3rFzirB5fMpkZX DPH2+YcY5fgdzfAckp3lC7x9nzH/aOPOCQHM0UbbTJJOBy7QL6GofWCQQ8xryN7+ C/ZMDoNYaanU8rYsJ1yPEJWai3gJoZfLzYY3fX7/UUyeGngXDKRlWWJQlwi44TyW o0FSqcI1qcLWI7jr/oFqdcd4FeFpwzK997+kkpeo/yMXjmJKM9M24uAzSAw3ot5e VJeJOYRKpZseU4TJGoO7lUoBWqbZQf8xdWXLbt62pa9JEK1L3KliMX+C6rCnGPiq 7B+YYFNc9J+vugeVEttNJFuuLNNabVsr5I/mHYXJjPbpEwd08lAnJEWK/wWBca+H X6J6K8+jsQUjvq/b0MTIi9tgLZS9sbigKq3ZbRkU76Iamfw167wn1rTxpf6xSUaJ zJKeKpuHUOpY/1vHKNLipL49ouH228ZH+BvwB2DmMc3+06DwkPPBp0NErGtilA+P 3SXCY3qCiRmNwp7KKdnE3zRDNNEUM/vOKdeYunwhMb7aqNKoTkE= =zWm6 -----END PGP SIGNATURE-----
