[SECURITY] [DSA 6318-1] gst-plugins-good1.0 security update

To: debian-security-announce@lists.debian.org
Subject: [SECURITY] [DSA 6318-1] gst-plugins-good1.0 security update
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Mon, 1 Jun 2026 18:16:37 +0000
Message-id: <[🔎] ah3MhfBZWOaMuIAc@seger.debian.org>
Reply-to: debian-security-announce-request@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-6318-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
June 01, 2026                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : gst-plugins-good1.0
CVE ID         : CVE-2026-5056 CVE-2026-46469 CVE-2026-46470

Multiple multiple vulnerabilities were discovered in plugins for
the GStreamer media framework and its codecs and demuxers, which
may result in denial of service or potentially the execution of
arbitrary code if a malformed media file is opened.

For the stable distribution (trixie), these problems have been fixed in
version 1.26.2-1+deb13u1.

We recommend that you upgrade your gst-plugins-good1.0 packages.

For the detailed security status of gst-plugins-good1.0 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/gst-plugins-good1.0

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmodzFEACgkQEMKTtsN8
TjYF4g//SRzdSoH5MWGCI+vrz3Q65NbGLv4xU8KE9Ph4pmEs7b/ER433N1uQWv5c
1VhA/M8P5vpaoB0VortYPS8dtWpQ0W8hb73X7LXLp4Fj8uwZnFiMx4jyrMcwPHxT
Il6EgLEwDD8vxiQoVoggM9zOgBYqH6VS74p8Bax2PIPnt5SFb3MUyaotteipW6rQ
eUV/X4Y8E3L2Mw58Dgzj6r607TALcMpLBo4CK11RH5+gnv8AuM06lNZPDKs9DrBE
W01vtOM+hVEExiGTelC6uQUWPBls/Y41rFayYB9CzS1V79ZsIyoJYRTJxt0eOHLK
UZ/B1CpSF1+zDcBAA5UkBQjPZERLOm1IrURoYlJhO56Y1+cHVZXudaPbBtKKsqGi
z75uU/RybJ8c8C516umKW/xMqQgHmTzzxj7OZ5y26YINFVDUiahKhI7RqP97DPlz
cFOU2Ot8kVgA6138rd7a9G2rombJbtBgo7odz36BLAdSHZ/o7Lz/I+QL+KN5DZLh
eWfOVqjWXZiP9ns86KvDc44LEAiYq/mH8bICVLP+3T8YkD/xZt+YqblgYyE/ca3Z
isb2qxMHTZX6Yq8BWzcu0ZmGwqfYrMqZTtNlUjVkNlJBqkGidlkkcGCDCJByLeMr
tfcEXXEc5PgiAJoS76F5j3c/MzVW71e4M1DraPVseJp+NnNVQek=
=rp1K
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DSA 6317-1] symfony security update
Next by Date: [SECURITY] [DSA 6319-1] yelp security update
Previous by thread: [SECURITY] [DSA 6317-1] symfony security update
Next by thread: [SECURITY] [DSA 6319-1] yelp security update
Index(es):
- Date
- Thread