Debian Bug report logs - #532352
gstreamer0.10-plugins-good: CVE-2009-1932 integer overflows

version graph

Package: gstreamer0.10-plugins-good; Maintainer for gstreamer0.10-plugins-good is Maintainers of GStreamer packages <>; Source for gstreamer0.10-plugins-good is src:gst-plugins-good0.10.

Reported by: "Michael S. Gilbert" <>

Date: Mon, 8 Jun 2009 18:54:02 UTC

Severity: serious

Tags: patch, security

Found in versions gst-plugins-good0.10/0.10.4-4, gst-plugins-good0.10/0.10.8-4.1~lenny1

Fixed in versions 0.10.15-2, gst-plugins-good0.10/0.10.8-4.1~lenny2

Done: Steffen Joeris <>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to, Maintainers of GStreamer packages <>:
Bug#532352; Package gstreamer0.10-plugins-good. (Mon, 08 Jun 2009 18:54:05 GMT) Full text and rfc822 format available.

Acknowledgement sent to "Michael S. Gilbert" <>:
New Bug report received and forwarded. Copy sent to Maintainers of GStreamer packages <>.

Your message had a Version: pseudo-header with an invalid package version:

0.10.8-4.1~lenny1 0.10.4-4

please either use found or fixed to the control server with a correct version, or reply to this report indicating the correct version so the maintainer (or someone else) can correct it for you.

(Mon, 08 Jun 2009 18:54:05 GMT) Full text and rfc822 format available.

Message #5 received at (full text, mbox):

From: "Michael S. Gilbert" <>
Subject: gstreamer0.10-plugins-good: CVE-2009-1932 integer overflows
Date: Mon, 8 Jun 2009 14:47:12 -0400
Package: gstreamer0.10-plugins-good
Version:  0.10.8-4.1~lenny1 0.10.4-4
Severity: serious
Tags: security patch

the following CVE (Common Vulnerabilities & Exposures) id was
published for gstreamer0.10-plugins-good.

| Multiple integer overflows in the (1) user_info_callback, (2)
| user_endrow_callback, and (3) gst_pngdec_task functions
| (ext/libpng/gstpngdec.c) in GStreamer Good Plug-ins (aka
| gst-plugins-good or gstreamer-plugins-good) 0.10.15 allow remote
| attackers to cause a denial of service and possibly execute arbitrary
| code via a crafted PNG file, which triggers a buffer overflow.

This bug has already been fixed in unstable(

If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.

For further information see:


Bug marked as found in version 0.10.8-4.1~lenny1. Request was from "Michael S. Gilbert" <> to (Mon, 08 Jun 2009 19:09:05 GMT) Full text and rfc822 format available.

Bug marked as found in version 0.10.4-4. Request was from "Michael S. Gilbert" <> to (Mon, 08 Jun 2009 19:09:06 GMT) Full text and rfc822 format available.

Bug Marked as fixed in versions 0.10.15-2. Request was from Sebastian Dröge <> to (Wed, 26 Aug 2009 15:48:19 GMT) Full text and rfc822 format available.

Reply sent to Steffen Joeris <>:
You have taken responsibility. (Sat, 19 Sep 2009 02:09:09 GMT) Full text and rfc822 format available.

Notification sent to "Michael S. Gilbert" <>:
Bug acknowledged by developer. (Sat, 19 Sep 2009 02:09:10 GMT) Full text and rfc822 format available.

Message #16 received at (full text, mbox):

From: Steffen Joeris <>
Subject: Bug#532352: fixed in gst-plugins-good0.10 0.10.8-4.1~lenny2
Date: Sat, 19 Sep 2009 01:56:45 +0000
Source: gst-plugins-good0.10
Source-Version: 0.10.8-4.1~lenny2

We believe that the bug you reported is fixed in the latest version of
gst-plugins-good0.10, which is due to be installed in the Debian FTP archive:

  to pool/main/g/gst-plugins-good0.10/gst-plugins-good0.10_0.10.8-4.1~lenny2.diff.gz
  to pool/main/g/gst-plugins-good0.10/gst-plugins-good0.10_0.10.8-4.1~lenny2.dsc
  to pool/main/g/gst-plugins-good0.10/gstreamer0.10-esd_0.10.8-4.1~lenny2_i386.deb
  to pool/main/g/gst-plugins-good0.10/gstreamer0.10-plugins-good-dbg_0.10.8-4.1~lenny2_i386.deb
  to pool/main/g/gst-plugins-good0.10/gstreamer0.10-plugins-good-doc_0.10.8-4.1~lenny2_all.deb
  to pool/main/g/gst-plugins-good0.10/gstreamer0.10-plugins-good_0.10.8-4.1~lenny2_i386.deb

A summary of the changes between this version and the previous one is

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
Steffen Joeris <> (supplier of updated gst-plugins-good0.10 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing

Hash: SHA1

Format: 1.8
Date: Tue, 14 Jul 2009 04:50:47 +0000
Source: gst-plugins-good0.10
Binary: gstreamer0.10-plugins-good-doc gstreamer0.10-esd gstreamer0.10-plugins-good gstreamer0.10-plugins-good-dbg
Architecture: source all i386
Version: 0.10.8-4.1~lenny2
Distribution: stable-security
Urgency: high
Maintainer: Maintainers of GStreamer packages <>
Changed-By: Steffen Joeris <>
 gstreamer0.10-esd - GStreamer plugin for ESD
 gstreamer0.10-plugins-good - GStreamer plugins from the "good" set
 gstreamer0.10-plugins-good-dbg - GStreamer plugins from the "good" set
 gstreamer0.10-plugins-good-doc - GStreamer documentation for plugins from the "good" set
Closes: 531631 532352
 gst-plugins-good0.10 (0.10.8-4.1~lenny2) stable-security; urgency=high
   * Non-maintainer upload by the security team
   * Fix multiple integer overflows in ext/libpng/gstpngdec.c
     (Closes: #531631, #532352)
     Fixes: CVE-2009-1932
 c7e930d649e49a5f6d7b43479539ddc3913d227f 2568 gst-plugins-good0.10_0.10.8-4.1~lenny2.dsc
 f02f405312f24f1d2716099c60a5e40e61ef87a6 2923109 gst-plugins-good0.10_0.10.8.orig.tar.gz
 c7e143ea01ac12c88e67b93bf65a3397ea8deb73 30321 gst-plugins-good0.10_0.10.8-4.1~lenny2.diff.gz
 d56c365d6b0dc13d58d09ab9b82f650607582a67 172232 gstreamer0.10-plugins-good-doc_0.10.8-4.1~lenny2_all.deb
 731730d252bd84cead13e8ed40aa00d3196b9bfb 46554 gstreamer0.10-esd_0.10.8-4.1~lenny2_i386.deb
 eedc3eee22cf919add3e1cd3ffefc4b4651a3d52 960766 gstreamer0.10-plugins-good_0.10.8-4.1~lenny2_i386.deb
 94a362450d69e55e2f490aaeb8002b7d65bf5501 2503536 gstreamer0.10-plugins-good-dbg_0.10.8-4.1~lenny2_i386.deb
 7269a01e98d02eaaf84c37ff0995d633ec256a090ee24e2cbc3a8e2d9d45f8a3 2568 gst-plugins-good0.10_0.10.8-4.1~lenny2.dsc
 dc619bf4748526298627a2cb3a7f4aa66f4e4315174b2f4104c8516c88d6e531 2923109 gst-plugins-good0.10_0.10.8.orig.tar.gz
 c835afe38828a55298ab97b937742c06745603b6bdaa409df3005a070cef2a24 30321 gst-plugins-good0.10_0.10.8-4.1~lenny2.diff.gz
 293af52403db80d7ec1f984f997bf209692a3c1dceaf6dd9eaa0b63fa78e7685 172232 gstreamer0.10-plugins-good-doc_0.10.8-4.1~lenny2_all.deb
 9352da138d3b2fccbade41ba3478bdcb3cc73240c7c9e912b57f540cb75bdfd3 46554 gstreamer0.10-esd_0.10.8-4.1~lenny2_i386.deb
 9e65944667987a4b82829c0820605a943f005e6da0b5b44199c8ff3e21f1675c 960766 gstreamer0.10-plugins-good_0.10.8-4.1~lenny2_i386.deb
 e5408a7ead485a42bd8b75b83e589b11bfc6d67d0d7a678e6b099dccfb171193 2503536 gstreamer0.10-plugins-good-dbg_0.10.8-4.1~lenny2_i386.deb
 bb8e690805dfc8d9eb8595cf9f8738cb 2568 libs optional gst-plugins-good0.10_0.10.8-4.1~lenny2.dsc
 467295921ca225aaa05afe9381f4b424 2923109 libs optional gst-plugins-good0.10_0.10.8.orig.tar.gz
 2f1494f7a2f648f84dd853f95fbc036b 30321 libs optional gst-plugins-good0.10_0.10.8-4.1~lenny2.diff.gz
 cc5f1d3077e8ab179a99e7b00952e4e3 172232 doc optional gstreamer0.10-plugins-good-doc_0.10.8-4.1~lenny2_all.deb
 6ded8d4176f2d53019907d70813c4b3a 46554 libs optional gstreamer0.10-esd_0.10.8-4.1~lenny2_i386.deb
 6d091000a4edb70d2c979cfd56529357 960766 libs optional gstreamer0.10-plugins-good_0.10.8-4.1~lenny2_i386.deb
 7a8c1fad3d157cb33e5119afd6a052cc 2503536 libdevel extra gstreamer0.10-plugins-good-dbg_0.10.8-4.1~lenny2_i386.deb

Version: GnuPG v1.4.9 (GNU/Linux)


Bug archived. Request was from Debbugs Internal Request <> to (Sun, 31 Jan 2010 07:36:34 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.

Debian bug tracking system administrator <>. Last modified: Sun Apr 20 03:26:15 2014; Machine Name:

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.