[Git][security-tracker-team/security-tracker][master] Reserve DLA-2642-1 for gst-plugins-bad1.0
Emilio Pozuelo Monfort
pochu at debian.org
Tue Apr 27 11:14:02 BST 2021
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1d3fd7a6 by Emilio Pozuelo Monfort at 2021-04-27T12:13:02+02:00
Reserve DLA-2642-1 for gst-plugins-bad1.0
- - - - -
3 changed files:
- data/CVE/list
- data/DLA/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -2535,6 +2535,7 @@ CVE-2021-XXXX [invalid reads during ID3v2 tag parsing]
CVE-2021-XXXX [Catch overflows in AVC/HEVC NAL unit length calculations]
- gst-plugins-bad1.0 1.18.4-2
[buster] - gst-plugins-bad1.0 1.14.4-1+deb10u2
+ [stretch] - gst-plugins-bad1.0 1.10.4-1+deb9u2
NOTE: https://gitlab.freedesktop.org/gstreamer/gst-plugins-bad/-/merge_requests/2103
NOTE: https://gitlab.freedesktop.org/gstreamer/gst-plugins-bad/-/commit/0cfbf7ad91c7f121192c8ce135769f8eb276c41d (1.18-branch)
CVE-2021-XXXX [stack corruption when handling files with more than 64 audio channels]
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,5 @@
+[27 Apr 2021] DLA-2642-1 gst-plugins-bad1.0 - security update
+ [stretch] - gst-plugins-bad1.0 1.10.4-1+deb9u2
[27 Apr 2021] DLA-2641-1 gst-plugins-base1.0 - security update
[stretch] - gst-plugins-base1.0 1.10.4-1+deb9u2
[26 Apr 2021] DLA-2640-1 gst-plugins-good1.0 - security update
=====================================
data/dla-needed.txt
=====================================
@@ -70,8 +70,6 @@ gsoap (Abhijith PA)
--
gst-libav1.0 (Emilio)
--
-gst-plugins-bad1.0 (Emilio)
---
gst-plugins-ugly1.0 (Emilio)
--
imagemagick (Anton Gladky)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1d3fd7a65de20a35a772449a724538d89ecc2781
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1d3fd7a65de20a35a772449a724538d89ecc2781
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210427/574d3b91/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list