[Git][security-tracker-team/security-tracker][master] Add CVE-2024-0444/gst-plugins-bad1.0
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Jan 27 06:36:57 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e54d5324 by Salvatore Bonaccorso at 2024-01-27T07:36:22+01:00
Add CVE-2024-0444/gst-plugins-bad1.0
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,9 @@
+CVE-2024-0444 [GStreamer-SA-2024-0001: AV1 codec parser potential buffer overflow during tile list parsing]
+ - gst-plugins-bad1.0 1.22.9-1
+ - gst-plugins-bad0.10 <removed>
+ NOTE: https://gstreamer.freedesktop.org/security/sa-2024-0001.html
+ NOTE: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/5970
+ NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/394d5066f8a7b728df02fe9084e955b2f7d7f6fe (1.22.9)
CVE-2023-46045 [buffer overflow via a crafted config6a file]
- graphviz 2.42.2-8
NOTE: https://gitlab.com/graphviz/graphviz/-/issues/2441
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e54d53242078394a6624a14ca74b5dae32b08b1b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e54d53242078394a6624a14ca74b5dae32b08b1b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240127/e810a252/attachment.htm>
More information about the debian-security-tracker-commits
mailing list