gst-plugins-bad0.10 - multiple vulnerabilities

Several vulnerabilities have been found in gst-plugins-bad0.10, a
collection of various GStreamer plugins. The Common Vulnerabilities and
Exposures project identifies the following problems:

• CVE-2009-0386
  Tobias Klein discovered a buffer overflow in the quicktime stream
  demuxer (qtdemux), which could potentially lead to the execution of
  arbitrary code via crafted .mov files.
• CVE-2009-0387
  Tobias Klein discovered an array index error in the quicktime stream
  demuxer (qtdemux), which could potentially lead to the execution of
  arbitrary code via crafted .mov files.
• CVE-2009-0397
  Tobias Klein discovered a buffer overflow in the quicktime stream
  demuxer (qtdemux) similar to the issue reported in CVE-2009-0386, which
  could also lead to the execution of arbitrary code via crafted .mov
  files.

For the oldstable distribution (etch), these problems have been fixed in
version 0.10.3-3.1+etch1.

For the stable distribution (lenny), these problems have been fixed in
version 0.10.8-4.1~lenny1 of gst-plugins-good0.10, since the affected
plugin has been moved there. The fix was already included in the lenny
release.

For the unstable distribution (sid) and the testing distribution
(squeeze), these problems have been fixed in version 0.10.8-4.1 of
gst-plugins-good0.10.