[Git][security-tracker-team/security-tracker][master] Reserve DLA-4071-1 for gst-plugins-good1.0

Thu Feb 27 21:53:01 GMT 2025


Bastien Roucariès pushed to branch master at Debian Security Tracker / security-tracker


Commits:
128191a1 by Bastien Roucariès at 2025-02-27T21:52:45+00:00
Reserve DLA-4071-1 for gst-plugins-good1.0

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -4892,7 +4892,7 @@ CVE-2025-23020 (An issue was discovered in Kwik before 0.10.1. A hash collision
 CVE-2025-21355 (Missing Authentication for Critical Function in Microsoft Bing allows  ...)
 	NOT-FOR-US: Microsoft
 CVE-2025-1492 (Bundle Protocol and CBOR dissector crashes in Wireshark 4.4.0 to 4.4.3 ...)
-	- wireshark 4.4.4-1  (unimportant)
+	- wireshark 4.4.4-1 (unimportant)
 	[bullseye] - wireshark <not-affected> (Vulnerable dissector not present)
 	NOTE: Crash in CLI tool, no security impact
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2025-01.html


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[27 Feb 2025] DLA-4071-1 gst-plugins-good1.0 - security update
+	{CVE-2024-47537 CVE-2024-47539 CVE-2024-47540 CVE-2024-47543 CVE-2024-47544 CVE-2024-47545 CVE-2024-47546 CVE-2024-47596 CVE-2024-47597 CVE-2024-47598 CVE-2024-47599 CVE-2024-47601 CVE-2024-47602 CVE-2024-47603 CVE-2024-47606 CVE-2024-47613 CVE-2024-47774 CVE-2024-47775 CVE-2024-47776 CVE-2024-47777 CVE-2024-47778 CVE-2024-47834}
+	[bullseye] - gst-plugins-good1.0 1.18.4-2+deb11u3
 [27 Feb 2025] DLA-4070-1 freerdp2 - security update
 	{CVE-2022-24882 CVE-2022-39320}
 	[bullseye] - freerdp2 2.3.0+dfsg1-2+deb11u3


=====================================
data/dla-needed.txt
=====================================
@@ -107,10 +107,6 @@ grub2
   NOTE: 20250105: high-profile package but not enough details yet. (apo)
   NOTE: 20250219: New batch of 21 CVEs, with fixes (Beuc/front-desk)
 --
-gst-plugins-good1.0 (rouca)
-  NOTE: 20241213: Added by Front-Desk (lamby)
-  NOTE: 20241213: See also gst-plugins-base1.0 (lamby)
---
 intel-microcode
   NOTE: 20250217: Added by Front-Desk (Beuc)
   NOTE: 20250217: Fixes are being tested in unstable,



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/128191a1f0953fc1b79291ab9c46954194f16ada

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/128191a1f0953fc1b79291ab9c46954194f16ada
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250227/657470ea/attachment-0001.htm>
