DSA-1839-1

Name	DSA-1839-1
Source	Debian
Description	gst-plugins-good0.10 - arbitrary code execution
References	CVE-2009-1932
Debian/oldstable	package gst-plugins-good0.10 is fixed in oldstable-security.
Debian/stable	not vulnerable
Debian/testing	not known to be vulnerable
Debian/unstable	not known to be vulnerable.

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
gst-plugins-good0.10 (PTS)	etch	0.10.4-4	vulnerable
	etch (security)	0.10.4-4+etch1	fixed
	lenny, lenny (security)	0.10.8-4.1~lenny2	fixed

The next table lists affected binary packages.

Binary Package	Release	Version	Status	Architecures
gstreamer0.10-esd, gstreamer0.10-plugins-good, gstreamer0.10-plugins-good-dbg	etch	0.10.4-4	vulnerable	alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390, sparc
	etch (security)	0.10.4-4+etch1	fixed	alpha, amd64, arm, i386, ia64, mips, mipsel, powerpc, sparc
	lenny, lenny (security)	0.10.8-4.1~lenny2	fixed	alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390, sparc
gstreamer0.10-plugins-good-doc	etch	0.10.4-4	vulnerable	all
	etch (security)	0.10.4-4+etch1	fixed	all
	lenny, lenny (security)	0.10.8-4.1~lenny2	fixed	all

The information above is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
gst-plugins-good0.10	source	etch	0.10.4-4+etch1	unknown
gst-plugins-good0.10	source	lenny	0.10.8-4.1~lenny2	unknown

Home - Testing Security Team - Debian Security - Imprint