[Git][security-tracker-team/security-tracker][master] Add references for ZDI-CAN-2144{3,4}/gst-plugins-ugly1.0

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f7824254 by Salvatore Bonaccorso at 2023-08-12T07:23:34+02:00
Add references for ZDI-CAN-2144{3,4}/gst-plugins-ugly1.0

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -125,10 +125,16 @@ CVE-2023-XXXX [ZDI-CAN-21444: Integer overflow leading to heap overwrite in Real
 	- gst-plugins-ugly1.0 <unfixed>
 	- gst-plugins-ugly0.10 <removed>
 	NOTE: https://gstreamer.freedesktop.org/security/sa-2023-0005.html
+	NOTE: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/2782
+	NOTE: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/67e38cf47b7683586c24de18d8253029042dc72f
+	NOTE: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/eb89e0a13eeb59fc5bab787ded50faf6a50087e3 (1.22.5)
 CVE-2023-XXXX [ZDI-CAN-21443: Integer overflow leading to heap overwrite in RealMedia file handling]
 	- gst-plugins-ugly1.0 <unfixed>
 	- gst-plugins-ugly0.10 <removed>
 	NOTE: https://gstreamer.freedesktop.org/security/sa-2023-0004.html
+	NOTE: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/2782
+	NOTE: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/b268b27cd8ff0dda1fda71890cd414f4cb2096db
+	NOTE: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/4266ba0fd2be7702044a5d90a8215abe41709874 (1.22.5)
 CVE-2023-40225 (HAProxy through 2.0.32, 2.1.x and 2.2.x through 2.2.30, 2.3.x and 2.4. ...)
 	- haproxy <unfixed>
 	NOTE: https://github.com/haproxy/haproxy/issues/2237



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f7824254451d4c46e813eddceb921b701e338529

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f7824254451d4c46e813eddceb921b701e338529
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230812/892104ab/attachment.htm>