Overview

File _patchinfo of Package patchinfo.31937

<patchinfo incident="31937">
  <issue tracker="cve" id="2023-37329"/>
  <issue tracker="cve" id="2023-40475"/>
  <issue tracker="bnc" id="1215792">VUL-0: CVE-2023-40475: gstreamer-plugins-bad: GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability</issue>
  <issue tracker="bnc" id="1213126">VUL-0: CVE-2023-37329: gstreamer-plugins-bad: GStreamer PGS blu-ray subtitle decoder Heap-based Buffer Overflow Remote Code Execution Vulnerability</issue>
  <packager>qzhao</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for gstreamer-plugins-bad</summary>
  <description>This update for gstreamer-plugins-bad fixes the following issues:

- CVE-2023-44446: Fixed GStreamer MXF File Parsing Use-After-Free (bsc#1217213).
- CVE-2023-40475: Fixed GStreamer MXF File Parsing Integer Overflow (bsc#1215792).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places