[Git][security-tracker-team/security-tracker][master] Reserve DLA-2643-1 for gst-plugins-ugly1.0
Emilio Pozuelo Monfort
pochu at debian.org
Tue Apr 27 11:15:35 BST 2021
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ffb5ea9e by Emilio Pozuelo Monfort at 2021-04-27T12:15:07+02:00
Reserve DLA-2643-1 for gst-plugins-ugly1.0
- - - - -
3 changed files:
- data/CVE/list
- data/DLA/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -2522,6 +2522,7 @@ CVE-2015-20002
CVE-2021-XXXX [out of bounds reads in ASF demuxer]
- gst-plugins-ugly1.0 1.18.4-2
[buster] - gst-plugins-ugly1.0 1.14.4-1+deb10u1
+ [stretch] - gst-plugins-ugly1.0 1.10.4-1+deb9u1
NOTE: https://gitlab.freedesktop.org/gstreamer/gst-plugins-ugly/-/issues/37
NOTE: https://gitlab.freedesktop.org/gstreamer/gst-plugins-ugly/-/commit/3aba7d1e625554b2407bc77b3d09b4928b937d5f (master)
NOTE: https://gitlab.freedesktop.org/gstreamer/gst-plugins-ugly/-/commit/9726aaf78e6643a5955864f444852423de58de29 (1.18.4)
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,5 @@
+[27 Apr 2021] DLA-2643-1 gst-plugins-ugly1.0 - security update
+ [stretch] - gst-plugins-ugly1.0 1.10.4-1+deb9u1
[27 Apr 2021] DLA-2642-1 gst-plugins-bad1.0 - security update
[stretch] - gst-plugins-bad1.0 1.10.4-1+deb9u2
[27 Apr 2021] DLA-2641-1 gst-plugins-base1.0 - security update
=====================================
data/dla-needed.txt
=====================================
@@ -70,8 +70,6 @@ gsoap (Abhijith PA)
--
gst-libav1.0 (Emilio)
--
-gst-plugins-ugly1.0 (Emilio)
---
imagemagick (Anton Gladky)
NOTE: 20210415: Tracker records as vulnerable to CVE-2021-20312, but parts of
NOTE: 20210415: patch already partly covered; needs investigation. (lamby)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ffb5ea9eedffff4073e1c262f764fc5cf56e2c92
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ffb5ea9eedffff4073e1c262f764fc5cf56e2c92
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210427/9e942ea1/attachment.htm>
More information about the debian-security-tracker-commits
mailing list