[Git][security-tracker-team/security-tracker][master] 3 commits: CVE-2017-5846 will be fixed

Sat, 30 May 2020 08:53:04 -0700 


Thorsten Alteholz pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
8bf1214a by Thorsten Alteholz at 2020-05-30T17:51:36+02:00
CVE-2017-5846 will be fixed

- - - - -
3c06803a by Thorsten Alteholz at 2020-05-30T17:52:01+02:00
CVE-2017-5847 will be fixed

- - - - -
4c532f7f by Thorsten Alteholz at 2020-05-30T17:52:30+02:00
Reserve DLA-2226-1 for gst-plugins-ugly0.10

- - - - -


2 changed files:

- data/CVE/list
- data/DLA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -181445,7 +181445,6 @@ CVE-2017-5847 (The 
gst_asf_demux_process_ext_content_desc function in gst/asfdem
        {DSA-3821-1 DLA-829-1}
        - gst-plugins-ugly1.0 1.10.4-1 (low)
        - gst-plugins-ugly0.10 <unfixed> (low)
-       [jessie] - gst-plugins-ugly0.10 <no-dsa> (Minor issue)
        NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
        NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777955
        NOTE: 
https://github.com/GStreamer/gst-plugins-ugly/commit/d21017b52a585f145e8d62781bcc1c5fefc7ee37
@@ -181453,7 +181452,6 @@ CVE-2017-5846 (The 
gst_asf_demux_process_ext_stream_props function in gst/asfdem
        {DSA-3821-1 DLA-829-1}
        - gst-plugins-ugly1.0 1.10.3-1 (low)
        - gst-plugins-ugly0.10 <unfixed> (low)
-       [jessie] - gst-plugins-ugly0.10 <no-dsa> (Minor issue)
        NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/7
        NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777937
 CVE-2017-5845 (The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c 
in gst- ...)


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[30 May 2020] DLA-2226-1 gst-plugins-ugly0.10 - security update
+       {CVE-2017-5846 CVE-2017-5847}
+       [jessie] - gst-plugins-ugly0.10 0.10.19-2.1+deb8u1
 [30 May 2020] DLA-2225-1 gst-plugins-good0.10 - security update
        {CVE-2016-10198 CVE-2017-5840}
        [jessie] - gst-plugins-good0.10 0.10.31-3+nmu4+deb8u3



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/21bef3b37048c283046b4864db8378acd421c1c2...4c532f7fc4ac949107c69049c2a27d39f9b3e5c2

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/21bef3b37048c283046b4864db8378acd421c1c2...4c532f7fc4ac949107c69049c2a27d39f9b3e5c2
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to