[Git][security-tracker-team/security-tracker][master] gst-plugins-ugly1.0 DSA

Sat, 12 Aug 2023 12:01:11 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
bb297016 by Moritz Mühlenhoff at 2023-08-12T21:00:06+02:00
gst-plugins-ugly1.0 DSA

- - - - -


3 changed files:

- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -127,6 +127,8 @@ CVE-2023-27887 (Improper initialization in BIOS firmware 
for some Intel(R) NUCs
        NOT-FOR-US: Intel
 CVE-2023-XXXX [ZDI-CAN-21444: Integer overflow leading to heap overwrite in 
RealMedia file handling]
        - gst-plugins-ugly1.0 <unfixed> (bug #1043501)
+       [bookworm] - gst-plugins-ugly1.0 1.22.0-2+deb12u1
+       [bullseye] - gst-plugins-ugly1.0 1.18.4-2+deb11u1
        - gst-plugins-ugly0.10 <removed>
        NOTE: https://gstreamer.freedesktop.org/security/sa-2023-0005.html
        NOTE: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/2782
@@ -134,6 +136,8 @@ CVE-2023-XXXX [ZDI-CAN-21444: Integer overflow leading to 
heap overwrite in Real
        NOTE: 
https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/eb89e0a13eeb59fc5bab787ded50faf6a50087e3
 (1.22.5)
 CVE-2023-XXXX [ZDI-CAN-21443: Integer overflow leading to heap overwrite in 
RealMedia file handling]
        - gst-plugins-ugly1.0 <unfixed> (bug #1043501)
+       [bookworm] - gst-plugins-ugly1.0 1.22.0-2+deb12u1
+       [bullseye] - gst-plugins-ugly1.0 1.18.4-2+deb11u1
        - gst-plugins-ugly0.10 <removed>
        NOTE: https://gstreamer.freedesktop.org/security/sa-2023-0004.html
        NOTE: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/2782


=====================================
data/DSA/list
=====================================
@@ -1,3 +1,6 @@
+[12 Aug 2023] DSA-5476-1 gst-plugins-ugly1.0 - security update
+       [bullseye] - gst-plugins-ugly1.0 1.18.4-2+deb11u1
+       [bookworm] - gst-plugins-ugly1.0 1.22.0-2+deb12u1
 [11 Aug 2023] DSA-5475-1 linux - security update
        {CVE-2022-40982 CVE-2023-20569}
        [bullseye] - linux 5.10.179-5


=====================================
data/dsa-needed.txt
=====================================
@@ -19,8 +19,6 @@ cinder/oldstable
 frr (aron)
   maintainer proposed to update to 8.4.4 for bookworm, which might be a good 
idea
 --
-gst-plugins-ugly1.0 (jmm)
---
 librsvg
 --
 linux (carnil)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bb297016dc2d3eb8d2c9cb157966c56836297367

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bb297016dc2d3eb8d2c9cb157966c56836297367
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to