[Git][security-tracker-team/security-tracker][master] more gst commit references

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Mar 31 06:40:52 BST 2026 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a7b21b7c by Moritz Muehlenhoff at 2026-03-31T07:24:55+02:00
more gst commit references

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -10675,18 +10675,21 @@ CVE-2026-3084 (GStreamer H.266 Codec Parser Integer Underflow Remote Code Execut
 	NOTE: https://gstreamer.freedesktop.org/security/sa-2026-0011.html
 	NOTE: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/10887
 	NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/81d8a555c06e8be51da6c6344eb52f91bf2b15f6 (main)
+	NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/30fd03d95459af230c5bd5c76c31a82255db4135 (1.28.1)
 CVE-2026-3081 (GStreamer H.266 Codec Parser Stack-based Buffer Overflow Remote Code E ...)
 	- gst-plugins-bad1.0 1.28.1-1 (bug #1130059)
 	[bookworm] - gst-plugins-bad1.0 <not-affected> (Vulnerable code not present)
 	[bullseye] - gst-plugins-bad1.0 <not-affected> (Vulnerable code not present)
 	NOTE: https://gstreamer.freedesktop.org/security/sa-2026-0010.html
 	NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/3a4a2c220de5714ecb18822f3a3f395f04d84886 (main)
+	NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/c35d1df1c6514db8249dfbf22b952d2691fe347a (1.28.1)
 CVE-2026-3086 (GStreamer H.266 Codec Parser Out-Of-Bounds Write Remote Code Execution ...)
 	- gst-plugins-bad1.0 1.28.1-1 (bug #1130059)
 	[bookworm] - gst-plugins-bad1.0 <not-affected> (Vulnerable code not present)
 	[bullseye] - gst-plugins-bad1.0 <not-affected> (Vulnerable code not present)
 	NOTE: https://gstreamer.freedesktop.org/security/sa-2026-0009.html
 	NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/aa1f5a80085ef65154a982dd3b23181100265c7e (main)
+	NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/a2edc745bfea8835186a264c5e666be93f65a38e (1.28.1)
 CVE-2026-3083 (GStreamer rtpqdm2depay Out-Of-Bounds Write Remote Code Execution Vulne ...)
 	- gst-plugins-good1.0 1.28.1-1
 	[trixie] - gst-plugins-good1.0 <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a7b21b7c2c5739e27f22e4ea347b2e9f9c0e1c1f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a7b21b7c2c5739e27f22e4ea347b2e9f9c0e1c1f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260331/360e8581/attachment.htm>

More information about the debian-security-tracker-commits mailing list