[Git][security-tracker-team/security-tracker][master] Add CVE-2023-44429 and CVE-2023-44446

Thu, 16 Nov 2023 05:41:28 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
84e142ce by Salvatore Bonaccorso at 2023-11-16T14:40:32+01:00
Add CVE-2023-44429 and CVE-2023-44446

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -8481,6 +8481,20 @@ CVE-2023-42114 [Exim NTLM Challenge Out-Of-Bounds Read 
Information Disclosure Vu
        NOTE: https://www.openwall.com/lists/oss-security/2023/09/29/5
        NOTE: https://www.openwall.com/lists/oss-security/2023/10/01/4
        NOTE: https://exim.org/static/doc/security/CVE-2023-zdi.txt
+CVE-2023-44446 [MXF demuxer use-after-free]
+       - gst-plugins-bad1.0 <unfixed>
+       - gst-plugins-bad0.10 <removed>
+       NOTE: https://gstreamer.freedesktop.org/security/sa-2023-0010.html
+       NOTE: 
https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/5635
+       NOTE: Fixed by: 
https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/274551d450e443a8c71baa95e3f8d5dad212737f
+       NOTE: Fixed by: 
https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/7dfaa57b6f9b55f17ffe824bd8988bb71ae11353
 (1.22.7)
+CVE-2023-44429 [AV1 codec parser buffer overflow]
+       - gst-plugins-bad1.0 <unfixed>
+       - gst-plugins-bad0.10 <removed>
+       NOTE: https://gstreamer.freedesktop.org/security/sa-2023-0009.html
+       NOTE: 
https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/5634
+       NOTE: Fixed by: 
https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/1db83d3f745332cbda6adf954b2c53a10caa205e
+       NOTE: Fixed by: 
https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/b76a801f57353b893c344025cac56413140fca6d
 (1.22.7)
 CVE-2023-40476 [Integer overflow in H.265 video parser leading to stack 
overwrite]
        {DSA-5533-1 DLA-3633-1}
        - gst-plugins-bad1.0 <unfixed> (bug #1053259)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/84e142cecbbcfb1eaec00720a0c53a9413288d87

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/84e142cecbbcfb1eaec00720a0c53a9413288d87
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to