[Git][security-tracker-team/security-tracker][master] Add CVE-2024-44331/gst-rtsp-server1.0

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ce7ae7a5 by Salvatore Bonaccorso at 2024-10-24T22:42:01+02:00
Add CVE-2024-44331/gst-rtsp-server1.0

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -433,7 +433,10 @@ CVE-2024-45526 (An issue was discovered in OPC Foundation OPCFoundation/UA-.NETS
 CVE-2024-44812 (SQL Injection vulnerability in Online Complaint Site v.1.0 allows a re ...)
 	NOT-FOR-US: Online Complaint Site
 CVE-2024-44331 (Incorrect Access Control in GStreamer RTSP server 1.25.0 in gst-rtsp-s ...)
-	TODO: check
+	- gst-rtsp-server1.0 <unfixed>
+	NOTE: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3731
+	NOTE: Introduced by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/16bc937ed95c85c9d02a314a3b065eebc575a97c ( gst-rtsp-server-1.18.0)
+	NOTE: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/7731
 CVE-2024-43924 (Missing Authorization vulnerability in dFactory Responsive Lightbox al ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-43812 (Kieback & Peter's DDC4000 serieshas an insufficiently protected creden ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ce7ae7a59c9a172a668d0455985b999816458268

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ce7ae7a59c9a172a668d0455985b999816458268
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241024/4a95bfb1/attachment.htm>