[Git][security-tracker-team/security-tracker][master] Update information for CVE-2024-4453

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu May 23 22:19:40 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f7d9585a by Salvatore Bonaccorso at 2024-05-23T23:18:52+02:00
Update information for CVE-2024-4453

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -253,10 +253,12 @@ CVE-2024-4563 (The Progress MOVEit Automation configuration export function prio
 CVE-2024-4454 (WithSecure Elements Endpoint Protection Link Following Local Privilege ...)
 	NOT-FOR-US: WithSecure Elements Endpoint Protection
 CVE-2024-4453 (GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution ...)
-	- gst-plugins-base1.0 <unfixed>
+	- gst-plugins-base1.0 1.24.3-1
 	- gst-plugins-base0.10 <removed>
 	NOTE: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3483
-	NOTE: Fixed by: https://gitlab.freedesktop.org/tpm/gstreamer/-/commit/e68eccff103ab0e91e6d77a892f57131b33902f5
+	NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/e68eccff103ab0e91e6d77a892f57131b33902f5
+	NOTE: Backport: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/6768
+	NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/e33578a3c2b85a68962003bd053abda9409e73a2 (1.24.3)
 CVE-2024-4362 (The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to St ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-4267 (A remote code execution (RCE) vulnerability exists in the parisneo/lol ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f7d9585a4f396b6e19be0064cfccd8d212403672

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f7d9585a4f396b6e19be0064cfccd8d212403672
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240523/54a774bb/attachment.htm>

More information about the debian-security-tracker-commits mailing list