Source: gst-plugins-ugly1.0 Version: 1.22.4-1 Severity: grave Tags: security upstream X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org>
There are two gst-streamer-ugly1.0 reports from ZDI (not yet public) tracked as https://gstreamer.freedesktop.org/security/sa-2023-0004.html https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/4266ba0fd2be7702044a5d90a8215abe41709874 https://gstreamer.freedesktop.org/security/sa-2023-0005.html https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/eb89e0a13eeb59fc5bab787ded50faf6a50087e3 AFAICS, no CVEs are yet assigned? Regards, Salvatore