-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 07 Oct 2023 22:34:42 +0200 Source: gst-plugins-bad1.0 Architecture: source Version: 1.18.4-3+deb11u2 Distribution: bullseye-security Urgency: high Maintainer: Maintainers of GStreamer packages <gst-plugins-bad1.0@packages.debian.org> Changed-By: Salvatore Bonaccorso <carnil@debian.org> Closes: 1053259 1053260 1053261 Changes: gst-plugins-bad1.0 (1.18.4-3+deb11u2) bullseye-security; urgency=high . * Non-maintainer upload by the Security Team. * h265parser: Fix possible overflow using max_sub_layers_minus1 (CVE-2023-40476) (Closes: #1053259) * mxfdemux: Fix integer overflow causing out of bounds writes when handling invalid uncompressed video (CVE-2023-40474) (Closes: #1053261) * mxfdemux: Check number of channels for AES3 audio (CVE-2023-40475) (Closes: #1053260) Checksums-Sha1: ba222f3955d789ab90302f79b07071afc27244a5 5791 gst-plugins-bad1.0_1.18.4-3+deb11u2.dsc d198adcd5d89897c9efd0fcb7b7712c08cf7883e 34924 gst-plugins-bad1.0_1.18.4-3+deb11u2.debian.tar.xz 3447a7c1f53e69cdf777f1de8d6042e4619f1e13 7448 gst-plugins-bad1.0_1.18.4-3+deb11u2_source.buildinfo Checksums-Sha256: 66a554a03b50a21b1c2c3eecd1e67ab39131ac13715e16f2bd5d9238034f4f66 5791 gst-plugins-bad1.0_1.18.4-3+deb11u2.dsc fb19fbb975abcc555b6c06e8b750aa5f14429269287297c434f8c5722f713689 34924 gst-plugins-bad1.0_1.18.4-3+deb11u2.debian.tar.xz bde1518cbad61b963a21cdd4b2000a6247381712d087170f011825710df309ae 7448 gst-plugins-bad1.0_1.18.4-3+deb11u2_source.buildinfo Files: 6d1213ca745a1d17941fe420157b5887 5791 libs optional gst-plugins-bad1.0_1.18.4-3+deb11u2.dsc 5cbb227a790c7c5d4219553dae36cf36 34924 libs optional gst-plugins-bad1.0_1.18.4-3+deb11u2.debian.tar.xz 9ed18b26ce6eb5fb6730b4bf68bb2c65 7448 libs optional gst-plugins-bad1.0_1.18.4-3+deb11u2_source.buildinfo -----BEGIN PGP SIGNATURE----- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmUhxtNfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89E5RIP/jeEKsIhBkIhCIUmCF51mQ8qUZJV1bBm XOomI8MlxNqtZGpUo29G3xZdx5b5muEKG5aPsgQUwJqb+TPN+gKUsBkWFMD5oQq2 1nVB/YlBqGGNsi0LvjYaJFnucHC4/rRtOlXR5Fsm3kFTEkFoC/dwQzOCrGIHjqg5 oh+B+aDX9joI4kRiJbz/lULiCDJSKeCpVRTkFU55S4Y4hgd4rLq3y7gX3q/JWZYY sxTDIR7Up3QSRllIglcZHs2xJ9gWzLeiVZwG4pj4j3cxYAhFhSp8y1m6RViYYB1Y Us+YTMnKcoYpvsJLLcTKiC765RD/HQwBIrTUfnoTxKul8siZedPDkUkw0dKakZg9 z55k/ue8K56nifLDXjWF67U6MxS2hgGYUPZZmxeVP11cL/aar5wrB/MOLCUeAcKD xrse7JHID7a5uBoXY1OutmFztsdXHfH2ABc586LII6gGboec9mvYA7sD1EBToPNI icTf8qCthCKDCbgjZrTFizmtCVOw4INCk5u90ag4o1Fn3c2RF2P95JksksR+BlMo jcREsEywspYFYYfmcjYCxzNPZ6xrknv+LjrJJxxhKsZGbRIwemt5Ykj5Fmzo/giq Bii8RlaiAHW/f8240yaLf6lNe+lrW0aF5WNGdbqk2r6E4m3Qxot2VWBH7WuSjwvE psEFImEDtAl+ =aD3M -----END PGP SIGNATURE-----
