|
|
Log in / Subscribe / Register

Ubuntu alert USN-8285-1 (gst-plugins-good1.0)



From:
              noreply+usn-bot@canonical.com


To:
              ubuntu-security-announce@lists.ubuntu.com


Subject:
              [USN-8285-1] GStreamer Good Plugins vulnerability


Date:
              Wed, 20 May 2026 13:48:25 +0000


Message-ID:
              <E1wPhHd-0006uE-30@lists.ubuntu.com>


==========================================================================
Ubuntu Security Notice USN-8285-1
May 20, 2026

gst-plugins-good1.0 vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 25.10

Summary:

GStreamer Good Plugins could be made to crash or run programs if it opened
a specially crafted file.

Software Description:
- gst-plugins-good1.0: GStreamer plugins

Details:

It was discovered that GStreamer Good Plugins incorrectly handled certain
MOV/MP4 media files. A remote attacker could use this issue to cause
GStreamer Good Plugins to crash, resulting in a denial of service, or
possibly execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.10
  gstreamer1.0-plugins-good       1.26.5-1ubuntu2.2
  libgstreamer-plugins-good1.0-0  1.26.5-1ubuntu2.2

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-8285-1
  CVE-2026-5056

Package Information:
  https://launchpad.net/ubuntu/+source/gst-plugins-good1.0/...




Attachment: signature.asc (type=application/pgp-signature)

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEE+8neBLO2Hp/ppPlOcpJm3tlzhgEFAmoNuvAACgkQcpJm3tlz
hgGcXg//UHPMKaH8JyohCmYJap40uUbOEZK30Y/AoWih1vJ+ebeE0SAKvdid6mWW
LowJDYggMkKkxZSHtvUyepr+Ik7vfqYpu0zVwzSCYg6fngdGmCHwiHGIu4xZKB1I
lboz9MOhSdG+gcWoxDn5i+a/WR0F7y7o02qTMEb9lexndZ9l3wrdPv2Xh0m3ZjAf
a+Q3EEAYnXBXjWCiDzUDhDbp5uFZbiX4y8dTbaoPFjEVONBo8pKlOEic8kHqSnmH
ZW/34IWadX2bT2JFJmmi1Uvhoan9qZMHQyotIBYgPDfRjRVDfWNcJEzC7Gq3/otZ
8Pw79dGILfAlMkAIiL2ZVZ/43tpVHLqWraya/MLUkiu9igY7cQ/1xna0UD8Q6wLB
bgNqdDGWSL0VSAbnO8lQwv+1QpvP/36EvfychH0pxgzDzw0ZjG02u3ggIB6e0J0r
q/dCNAZVunfmAFSsGS/SCWZCZK9FbcU6yjej37Zt6Lhdo4MTuJmUH3TkDSpyvOgn
VpNxRbK+mBRv2k09nVtRW2QbZYQyav0Q/cxGlzqbjG/u3pa/kc1HeN/TxTSQ0ja6
ASPhxr0bnxV/pShjdkeGAXg9yLTm+/3+QC9oHZQh9lCT6CUKnFewui/wByZ28YED
Ulp1Gdw5GqUtVtIeI8aihFSkJ8NWDmXZ1fkauAN4EbHkSH/y+wc=
=zPHN
-----END PGP SIGNATURE-----
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds