- What: Security update for gst-plugins-good1.0 in Debian
- Impact: Multiple vulnerabilities in GStreamer media framework
[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index] [SECURITY] [DSA 6318-1] gst-plugins-good1.0 security update To: debian-security-announce@lists.debian.org Subject: [SECURITY] [DSA 6318-1] gst-plugins-good1.0 security update From: Moritz Muehlenhoff <jmm@debian.org> Date: Mon, 1 Jun 2026 18:16:37 +0000 Message-id: <[🔎] ah3MhfBZWOaMuIAc@seger.debian.org> Reply-to: debian-security-announce-request@lists.debian.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-6318-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff June 01, 2026 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : gst-plugins-good1.0 CVE ID : CVE-2026-5056 CVE-2026-46469 CVE-2026-46470 Multiple multiple vulnerabilities were discovered in plugins for the GStreamer media framework and its codecs and demuxers, which may result in denial of service or potentially the execution of arbitrary code if a malformed media file is opened. For the stable distribution (trixie), these problems have been fixed in version 1.26.2-1+deb13u1. We recommend that you upgrade your gst-plugins-good1.0 packages. For the detailed security status of gst-plugins-good1.0 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/gst-plugins-good1.0 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmodzFEACgkQEMKTtsN8 TjYF4g//SRzdSoH5MWGCI+vrz3Q65NbGLv4xU8KE9Ph4pmEs7b/ER433N1uQWv5c 1VhA/M8P5vpaoB0VortYPS8dtWpQ0W8hb73X7LXLp4Fj8uwZnFiMx4jyrMcwPHxT Il6EgLEwDD8vxiQoVoggM9zOgBYqH6VS74p8Bax2PIPnt5SFb3MUyaotteipW6rQ eUV/X4Y8E3L2Mw58Dgzj6r607TALcMpLBo4CK11RH5+gnv8AuM06lNZPDKs9DrBE W01vtOM+hVEExiGTelC6uQUWPBls/Y41rFayYB9CzS1V79ZsIyoJYRTJxt0eOHLK UZ/B1CpSF1+zDcBAA5UkBQjPZERLOm1IrURoYlJhO56Y1+cHVZXudaPbBtKKsqGi z75uU/RybJ8c8C516umKW/xMqQgHmTzzxj7OZ5y26YINFVDUiahKhI7RqP97DPlz cFOU2Ot8kVgA6138rd7a9G2rombJbtBgo7odz36BLAdSHZ/o7Lz/I+QL+KN5DZLh eWfOVqjWXZiP9ns86KvDc44LEAiYq/mH8bICVLP+3T8YkD/xZt+YqblgYyE/ca3Z isb2qxMHTZX6Yq8BWzcu0ZmGwqfYrMqZTtNlUjVkNlJBqkGidlkkcGCDCJByLeMr tfcEXXEc5PgiAJoS76F5j3c/MzVW71e4M1DraPVseJp+NnNVQek= =rp1K -----END PGP SIGNATURE----- Reply to: debian-security-announce@lists.debian.org Moritz Muehlenhoff (on-list) Moritz Muehlenhoff (off-list) Prev by Date: [SECURITY] [DSA 6317-1] symfony security update Previous by thread: [SECURITY] [DSA 6317-1] symfony security update Index(es): Date Thread