[Git][security-tracker-team/security-tracker][master] Add temporary entry for gst-plugins-base1.0 issue

Fri Apr 23 08:01:04 BST 2021


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1f9f6da8 by Salvatore Bonaccorso at 2021-04-23T09:00:36+02:00
Add temporary entry for gst-plugins-base1.0 issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1943,6 +1943,11 @@ CVE-2017-20004 (In the standard library in Rust before 1.19.0, there is a synchr
 	NOTE: https://github.com/rust-lang/rust/pull/41624
 CVE-2015-20002
 	RESERVED
+CVE-2021-XXXX [invalid reads during ID3v2 tag parsing]
+	- gst-plugins-base1.0 1.18.4-2
+	NOTE: https://gitlab.freedesktop.org/gstreamer/gst-plugins-base/-/issues/876
+	NOTE: https://gitlab.freedesktop.org/gstreamer/gst-plugins-base/-/commit/f4a1428a6997658625d529b9db60fde812fbf1ee (master)
+	NOTE: https://gitlab.freedesktop.org/gstreamer/gst-plugins-base/-/commit/8a88e5c1db05ebadfd4569955f6f47c23cdca3c4 (1.18.4)
 CVE-2021-XXXX [Catch overflows in AVC/HEVC NAL unit length calculations]
 	- gst-plugins-bad1.0 1.18.4-2
 	NOTE: https://gitlab.freedesktop.org/gstreamer/gst-plugins-bad/-/merge_requests/2103



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1f9f6da8d73b546292bf0bb33cae04c49b78b1b8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1f9f6da8d73b546292bf0bb33cae04c49b78b1b8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210423/c5a455ba/attachment.htm>
