==========================================================Ubuntu Security Notice USN-735-1             March 16, 2009
gst-plugins-base0.10 vulnerability
CVE-2009-0586
==========================================================
A security issue affects the following Ubuntu releases:

Ubuntu 8.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 8.10:
  gstreamer0.10-plugins-base      0.10.21-3ubuntu0.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

It was discovered that the Base64 decoding functions in GStreamer Base
Plugins did not properly handle large images in Vorbis file tags. If a user
were tricked into opening a specially crafted Vorbis file, an attacker
could possibly execute arbitrary code with user privileges.


Updated packages for Ubuntu 8.10:

  Source archives:

          Size/MD5:    32114 087761c1ddba86cacb5d3d13890e39c4
          Size/MD5:     2446 776e939b1f7f685f31bfb213ab498f50
          Size/MD5:  2845594 69caf16640ebf2477a9197f62a5d6ee2

  Architecture independent packages:

          Size/MD5:   354980 9f5ca61fa4e5875203752f666c1a9827

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:    39630 8de3196ec056dcdc304872a5b6d7a89d
          Size/MD5:    17504 320de292fea8251b2508a2101fe102ff
          Size/MD5:    45050 a9b8dc4cc2f7e6d96e195f05913c40c5
          Size/MD5:  2116530 fc2d7445d6f477ffcf82df58c1e13c49
          Size/MD5:   574980 0561f45b70f0602a27bdca91ee9c9737
          Size/MD5:    75554 b2018f9fb343d0e7c3a63825cfdc218b
          Size/MD5:   296128 abb2d077b1ce2791accefd67f4379f52
          Size/MD5:    57920 29e9dd111a8611f66ed8d0c4dbbdd451

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:    35866 98179f92f2c8e9a189e030d5ebae0c2d
          Size/MD5:    15956 d58d756ffd81a82417ffe8ff1a99360d
          Size/MD5:    45084 729ece20541d14597c65bacb4992a8af
          Size/MD5:  2012246 ff9d76f152ddaf49077c064fa3a5cf96
          Size/MD5:   545282 5306637b57c284b7b100b5e376433313
          Size/MD5:    69244 5b3f1c7b3d22d5c228d9b515462d8fa0
          Size/MD5:   275338 da20ab3e25212ec17dee4a0f7a56298a
          Size/MD5:    58476 009ba58fc2cba5aa68778c2bdf30fec0

  lpia architecture (Low Power Intel Architecture):

          Size/MD5:    36370 b9d55f4942addff7a22aa7cc9ad9f5fa
          Size/MD5:    15970 5e4c4bd01da1f5d549b42cceb7c504dd
          Size/MD5:    45046 31f74e0feedf06865a15beace52aea87
          Size/MD5:  2050002 4dd4f9600ac6f4b56a1a50e685e11d6d
          Size/MD5:   544594 a60cdc88e5042f36e8f06b9a36b63d60
          Size/MD5:    68992 997db137876106dae7d1cea34e6cd57a
          Size/MD5:   271472 0cca60030f41472a54160131ee0e71e2
          Size/MD5:    57908 971d4cd4a75f4d9f8146839d33d62597

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:    39192 1cebf894b76f7c3f37146c0a89db04e0
          Size/MD5:    17736 cd7c22d8bdae65437d7cab295883d3ce
          Size/MD5:    45046 ff9df1bc6dadfe233d556662baf308c1
          Size/MD5:  2141690 20bd1d66bd6cd4c3882c96df44706e03
          Size/MD5:   619900 ac50db0473223cee0fdb75fb2cff68f4
          Size/MD5:    74564 9cad9303ed1f992e419caf79ae9b83bb
          Size/MD5:   307694 b438c6a7d6eeda92689e69a061b19ec4
          Size/MD5:    57922 6946d3b3c1ecbe2fa40f65d46b8c2384

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:    36182 0986c414db36aff71c2c608041473086
          Size/MD5:    16170 0b297a7d77455479587e1ac852e7510d
          Size/MD5:    45050 8d1a9a7f2b6d40bb3f4f5b0a6c466681
          Size/MD5:  1940702 96c0b54bb0a3f4f36db68753aad6b468
          Size/MD5:   554774 94e88aa061a26a67d4fb2ccc447904f5
          Size/MD5:    69512 99a67191cd9488ff4bd7b84420ffa414
          Size/MD5:   289030 b1302ea1e9660c9301a0baea78bbc371
          Size/MD5:    57934 4d709ac874b48de220ae56c9f0dd4bd4