[Git][security-tracker-team/security-tracker][master] Add temporary entry for new gst-plugins-bad1.0 issue

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5fe38e84 by Salvatore Bonaccorso at 2023-12-20T09:51:27+01:00
Add temporary entry for new gst-plugins-bad1.0 issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -14740,6 +14740,13 @@ CVE-2023-42114 [Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vu
 	NOTE: https://www.openwall.com/lists/oss-security/2023/09/29/5
 	NOTE: https://www.openwall.com/lists/oss-security/2023/10/01/4
 	NOTE: https://exim.org/static/doc/security/CVE-2023-zdi.txt
+CVE-2023-XXXX [AV1 codec parser buffer overflow]
+	- gst-plugins-bad1.0 1.22.8-1
+	- gst-plugins-bad0.10 <removed>
+	NOTE: https://gstreamer.freedesktop.org/security/sa-2023-0011.html
+	NOTE: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/5823
+	NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/890d59e97e291fe848147ebf4d5884bcec1101c9
+	NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/a46737a73155fe1c19fa5115df40da35426f9fb5 (1.22.8)
 CVE-2023-44446 [MXF demuxer use-after-free]
 	{DSA-5565-1 DLA-3673-1}
 	- gst-plugins-bad1.0 1.22.7-1 (bug #1056101)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5fe38e847336a8be4ec194201889820644b74bb5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5fe38e847336a8be4ec194201889820644b74bb5
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231220/bb841adb/attachment.htm>