Accepting request 1108451 from home:alarrosa:branches:multimedia:libs

The PGS parsing buffer overflow (CVE-2023-37329) doesn't belong to gstreamer-plugins-base as it affects only gstreamer-plugins-bad (see https://gstreamer.freedesktop.org/security/sa-2023-0003.html). It's already mentioned in the gstreamer-plugins-bad changelog. OBS-URL: https://build.opensuse.org/request/show/1108451 OBS-URL: https://build.opensuse.org/package/show/multimedia:libs/gstreamer-plugins-base?expand=0&rev=204
2023-09-03 12:58:18 +00:00 · 2023-09-03 12:58:18 +00:00 · fac3cca7b0
commit fac3cca7b0
parent 8fe720e6ba
1 changed files with 0 additions and 2 deletions
--- a/gstreamer-plugins-base.changes
+++ b/gstreamer-plugins-base.changes
@ -44,8 +44,6 @@ Mon Jun 26 14:18:54 UTC 2023 - Bjørn Lie <bjorn.lie@gmail.com>
  + video-blend: Fix linking error with C++.
  + Fixes FLAC file parsing integer overflow remote code execution
    vulnerability (bsc#1213128, CVE-2023-37327)
-  + Fixes PGS file parsing heap-based buffer overflow remote code
-    execution vulnerability (bsc#1213126, CVE-2023-37329)
 - Rebase reduce-required-meson.patch.

 -------------------------------------------------------------------