diff options
| author | V3n3RiX <venerix@koprulu.sector> | 2024-06-29 08:00:25 +0100 |
|---|---|---|
| committer | V3n3RiX <venerix@koprulu.sector> | 2024-06-29 08:00:25 +0100 |
| commit | d855918b46ba8714cf1320fe63b55fd0ed1748a6 (patch) | |
| tree | 4d7d0e86122a07796a660310d507f93e1b7747b9 /metadata/glsa | |
| parent | b8325835c82367d22428eb41afa0f2d375338d3c (diff) | |
gentoo auto-resync : 29:06:2024 - 08:00:25
Diffstat (limited to 'metadata/glsa')
| -rw-r--r-- | metadata/glsa/Manifest | 30 | ||||
| -rw-r--r-- | metadata/glsa/Manifest.files.gz | bin | 575523 -> 575680 bytes | |||
| -rw-r--r-- | metadata/glsa/glsa-202406-06.xml | 56 | ||||
| -rw-r--r-- | metadata/glsa/timestamp.chk | 2 | ||||
| -rw-r--r-- | metadata/glsa/timestamp.commit | 2 |
5 files changed, 73 insertions, 17 deletions
diff --git a/metadata/glsa/Manifest b/metadata/glsa/Manifest index f39ea799f213..1b63eca394cd 100644 --- a/metadata/glsa/Manifest +++ b/metadata/glsa/Manifest @@ -1,23 +1,23 @@ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 -MANIFEST Manifest.files.gz 575523 BLAKE2B de41364df787e2652a1f6dda37e1513a8953f61c0ade9d1ba90db51415db460a2dd55ec567c2c851c28aaf7ffaa4763a80e748ea9a9d8f30ff1696ea4f17f233 SHA512 717db93df5303c6328fa1610a5166072155b52c981dab3121e3399b951cd8877d22fba9534692b8b7da38c227d9e195296abdf7536518c7808a22fe65a776a5f -TIMESTAMP 2024-06-28T06:10:16Z +MANIFEST Manifest.files.gz 575680 BLAKE2B e298c9a9a84a54a79e115d8488299b411495166d729c52a15036c4d873fab5f7ff50b1913419b3a3f9da287e91238b1272e70eb59bc0f7502e2e2f8141558114 SHA512 1b590d6c6f851084c3e6daa0d86a946e6afa83cf5b4a906c8286a9ac71deeda7bcc2fa3bfbe31c4ac8a9b29cd544bee831b9d3460c3c90f683adc66c57cfb636 +TIMESTAMP 2024-06-29T06:10:43Z -----BEGIN PGP SIGNATURE----- -iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmZ+U8hfFIAAAAAALgAo +iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmZ/pWNfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY -klAFlRAAo9H1e2svjvOXcvxXtZeLgHWGsCv2eVmdor0e6eLDmaeUR1xlx0Wj95ui -KOH98MpfzC7SxX4u887G/BSAaniiGRe9d1dk55Aws8JxrOGNuCssMN6mUq+LN7CC -Kwlqlf5bMfjIa9Yc9m6rzR8E7sFRw6f5cwntJ8+6nXV2llAC6J735igykceAiPf0 -x0mpuk+rIYB5wCOxmr3AyskT0PYk6aU2ST8XOR6KxYZEr6kfVdBjPx0dPz43MW4x -gxwGtMD7UEVindzg3THrBARZmw5MrUy9QzwS+dZSe/fLUm4rDa5D01T+Pc+VCO8I -zSkCyVKih8Z5ivx3crrzIBQ/Ad2A042gt2JdhvmctMx1q4TX4ay06KaKEypTs3UD -DsIArf6YRhwbx8GoW7RghEpZg6WDxCRQQa9AkxxxwRzUpDPjyiB4g89kSEP12Rpf -fwX//mONuc25J3DxBbo9Nja85wNPycn9Wffk2K5UfwzstkpghDYRdUDO1FMJ/3IF -vgv//axQzDcFgo2WsvFJkeeuCnuVPNXbxr19QB060o6vBB1qXiv7DdolralnW23u -5n5g/tbv1HxqhIHEz214wR8/EFOXpVArrXFk/kVbUtzjSGgODxGcXDzsw4DVzTqF -XcKYFgz1UN+G4pBp41eFfR17F46GZyFJG/8VUM1DOPq58h/nEkM= -=ycUZ +klC/fBAAsheJpfdLhul5TicdeyvKl6dWf6W8BPigcdQlsVs77w+/9XlWC38OBthJ +03xcP5bZtJTPH5isrr9lEnwuf79P0+OXGC2bs1iUIhoY5bw+3wEVCMtWyIz0IxIZ +fIXF9kwMoWrj3epMsri7D/UDDPAmEKvrQhfdIii4k5gVGkWOpI/H1dC33IHSs6Ss +qa4Vn0nfYkQ7O0s1EP/wV0WNtZigp8KLn+aQc9EOx6fGXWPGxCvxy7WusylRu/dY +Ae6vDL0kAHUYMrqaiNJJzGv7N9T9VnhStLlECq9gCPvD6DGwrOPN9Mk19TRs6IyG +/BGNw5ZKyJbzHRJxdK66JLuBsqkJaiNSQpyLh4pim0dAsOxaJb8DrMa3XUhcC+Wk +1ELMFDM7VPg/8IskvGfWS/BDzzFKdaYgc8Dg0EGT9YMb+rsSfup9Evjf0FeHbzNr +eaKZ0VFkkvPUwhxqrfsefS7CTQPpZid/n3CUpFaDGLU7QbzY4BFyqjfKfAClOXxK +eo0eiN7bfXv2M4IBCfHGzn6SHFxKHg3TWonImvm4gSlAY7UCMbQq5ri3uwdoD8+j +R+ccTmm7WQb3erW5W35QOJg1T7vFjBgwFTDHR2ZHWJQe6X9YBkG8ppfEhN2Tsasf +QNSE3OhcwoSFPTPekZGDHMzP6P3xYg6XcwKUPPdMzOq0eXzfv+c= +=vdQF -----END PGP SIGNATURE----- diff --git a/metadata/glsa/Manifest.files.gz b/metadata/glsa/Manifest.files.gz Binary files differindex df7e9aa6f896..db0f25f7469b 100644 --- a/metadata/glsa/Manifest.files.gz +++ b/metadata/glsa/Manifest.files.gz diff --git a/metadata/glsa/glsa-202406-06.xml b/metadata/glsa/glsa-202406-06.xml new file mode 100644 index 000000000000..19d35ef345b0 --- /dev/null +++ b/metadata/glsa/glsa-202406-06.xml @@ -0,0 +1,56 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> +<glsa id="202406-06"> + <title>GStreamer, GStreamer Plugins: Multiple Vulnerabilities</title> + <synopsis>Multiple vulnerabilities have been discovered in GStreamer and GStreamer Plugins, the worst of which could lead to code execution.</synopsis> + <product type="ebuild">gst-plugins-bad,gstreamer</product> + <announced>2024-06-28</announced> + <revised count="1">2024-06-28</revised> + <bug>917791</bug> + <bug>918095</bug> + <access>local and remote</access> + <affected> + <package name="media-libs/gst-plugins-bad" auto="yes" arch="*"> + <unaffected range="ge">1.22.11-r1</unaffected> + <vulnerable range="lt">1.22.11-r1</vulnerable> + </package> + <package name="media-libs/gstreamer" auto="yes" arch="*"> + <unaffected range="ge">1.22.11</unaffected> + <vulnerable range="lt">1.22.11</vulnerable> + </package> + </affected> + <background> + <p>GStreamer is an open source multimedia framework.</p> + </background> + <description> + <p>Multiple vulnerabilities have been discovered in GStreamer, GStreamer Plugins. Please review the CVE identifiers referenced below for details.</p> + </description> + <impact type="high"> + <p>Please review the referenced CVE identifiers for details.</p> + </impact> + <workaround> + <p>There is no known workaround at this time.</p> + </workaround> + <resolution> + <p>All GStreamer, GStreamer Plugins users should upgrade to the latest versions:</p> + + <code> + # emerge --sync + # emerge --ask --oneshot --verbose ">=media-libs/gstreamer-1.22.11" ">=media-libs/gst-plugins-bad-1.22.11-r1" + </code> + </resolution> + <references> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-40474">CVE-2023-40474</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-40475">CVE-2023-40475</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-40476">CVE-2023-40476</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-44429">CVE-2023-44429</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-44446">CVE-2023-44446</uri> + <uri>ZDI-CAN-21660</uri> + <uri>ZDI-CAN-21661</uri> + <uri>ZDI-CAN-21768</uri> + <uri>ZDI-CAN-22226</uri> + <uri>ZDI-CAN-22299</uri> + </references> + <metadata tag="requester" timestamp="2024-06-28T04:43:02.949485Z">graaff</metadata> + <metadata tag="submitter" timestamp="2024-06-28T04:43:02.952359Z">graaff</metadata> +</glsa>
\ No newline at end of file diff --git a/metadata/glsa/timestamp.chk b/metadata/glsa/timestamp.chk index 7f53d99b9c1e..ccccf6c602db 100644 --- a/metadata/glsa/timestamp.chk +++ b/metadata/glsa/timestamp.chk @@ -1 +1 @@ -Fri, 28 Jun 2024 06:10:13 +0000 +Sat, 29 Jun 2024 06:10:40 +0000 diff --git a/metadata/glsa/timestamp.commit b/metadata/glsa/timestamp.commit index 63866c4fbb8e..4f52ebb21485 100644 --- a/metadata/glsa/timestamp.commit +++ b/metadata/glsa/timestamp.commit @@ -1 +1 @@ -70a36362e8053f3760826b4ccce860e94299c700 1719044953 2024-06-22T08:29:13Z +0715db682a941540ce2f4ccb909d8f446c05e0ce 1719639983 2024-06-29T05:46:23Z |