File _patchinfo of Package patchinfo.18453

<patchinfo incident="18453">
  <issue tracker="cve" id="2023-50186"/>
  <issue tracker="cve" id="2023-40475"/>
  <issue tracker="cve" id="2023-44446"/>
  <issue tracker="cve" id="2023-44429"/>
  <issue tracker="bnc" id="1217211">VUL-0: CVE-2023-44429: gstreamer-plugins-bad: GStreamer AV1 Codec Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability</issue>
  <issue tracker="bnc" id="1217213">VUL-0: CVE-2023-44446: gstreamer-plugins-bad: GStreamer MXF File Parsing Use-After-Free Remote Code Execution Vulnerability</issue>
  <issue tracker="bnc" id="1215792">VUL-0: CVE-2023-40475: gstreamer-plugins-bad: GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability</issue>
  <issue tracker="bnc" id="1218534">VUL-0: gstreamer-plugins-bad: Heap-based buffer overflow in the AV1 codec parser (ZDI-CAN-22300)</issue>
  <issue tracker="bnc" id="1223263">VUL-0: CVE-2023-50186: gstreamer-plugins-bad: buffer overflow vulnerability</issue>
  <packager>qzhao</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for gstreamer-plugins-bad</summary>
  <description>This update for gstreamer-plugins-bad fixes the following issues:

Adding references for already fixed vulnerability:

- CVE-2023-50186: Fixed heap-based buffer overflow in the AV1 codec parser (ZDI-CAN-22300, bsc#1218534, bsc#1223263)
- CVE-2023-40475: Fixed GStreamer MXF File Parsing Integer Overflow (bsc#1215792).
- CVE-2023-44446: Fixed GStreamer MXF File Parsing Use-After-Free (bsc#1217213).
- CVE-2023-44429: Fixed GStreamer AV1 Codec Parsing Heap-based Buffer Overflow (bsc#1217211).
</description>
</patchinfo>