[Git][security-tracker-team/security-tracker][master] 3 commits: CVE-2017-5846 will be fixed

Sat May 30 16:52:41 BST 2020


Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8bf1214a by Thorsten Alteholz at 2020-05-30T17:51:36+02:00
CVE-2017-5846 will be fixed

- - - - -
3c06803a by Thorsten Alteholz at 2020-05-30T17:52:01+02:00
CVE-2017-5847 will be fixed

- - - - -
4c532f7f by Thorsten Alteholz at 2020-05-30T17:52:30+02:00
Reserve DLA-2226-1 for gst-plugins-ugly0.10

- - - - -


2 changed files:

- data/CVE/list
- data/DLA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -181445,7 +181445,6 @@ CVE-2017-5847 (The gst_asf_demux_process_ext_content_desc function in gst/asfdem
 	{DSA-3821-1 DLA-829-1}
 	- gst-plugins-ugly1.0 1.10.4-1 (low)
 	- gst-plugins-ugly0.10 <unfixed> (low)
-	[jessie] - gst-plugins-ugly0.10 <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777955
 	NOTE: https://github.com/GStreamer/gst-plugins-ugly/commit/d21017b52a585f145e8d62781bcc1c5fefc7ee37
@@ -181453,7 +181452,6 @@ CVE-2017-5846 (The gst_asf_demux_process_ext_stream_props function in gst/asfdem
 	{DSA-3821-1 DLA-829-1}
 	- gst-plugins-ugly1.0 1.10.3-1 (low)
 	- gst-plugins-ugly0.10 <unfixed> (low)
-	[jessie] - gst-plugins-ugly0.10 <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777937
 CVE-2017-5845 (The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in gst- ...)


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[30 May 2020] DLA-2226-1 gst-plugins-ugly0.10 - security update
+	{CVE-2017-5846 CVE-2017-5847}
+	[jessie] - gst-plugins-ugly0.10 0.10.19-2.1+deb8u1
 [30 May 2020] DLA-2225-1 gst-plugins-good0.10 - security update
 	{CVE-2016-10198 CVE-2017-5840}
 	[jessie] - gst-plugins-good0.10 0.10.31-3+nmu4+deb8u3



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/21bef3b37048c283046b4864db8378acd421c1c2...4c532f7fc4ac949107c69049c2a27d39f9b3e5c2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/21bef3b37048c283046b4864db8378acd421c1c2...4c532f7fc4ac949107c69049c2a27d39f9b3e5c2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200530/2f4ebeb8/attachment.html>
