Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-lts-changes@lists.debian.org> , <dispatch@tracker.debian.org>
Subject: Accepted gst-plugins-bad1.0 1.18.4-3+deb11u6 (source) into oldoldstable-security
Date: Mon, 13 Apr 2026 11:10:15 +0000
Signed by: Thorsten Alteholz <alteholz@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 12 Apr 2026 17:03:02 +0200
Source: gst-plugins-bad1.0
Architecture: source
Version: 1.18.4-3+deb11u6
Distribution: bullseye-security
Urgency: high
Maintainer: Maintainers of GStreamer packages <gst-plugins-bad1.0@packages.debian.org>
Changed-By: Thorsten Alteholz <debian@alteholz.de>
Changes:
 gst-plugins-bad1.0 (1.18.4-3+deb11u6) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the LTS Team.
   * CVE-2026-2923
     fix out-of-bounds write that allows arbitrary code execution
     by remote attackers
   * CVE-2026-3082
     fix heap-based buffer overflows that allows arbitrary code execution
     by remote attackers
Checksums-Sha1:
 6c0b32bc2f9183495a067cebf59402f601139df0 5795 gst-plugins-bad1.0_1.18.4-3+deb11u6.dsc
 1d7205aab58fed7ede5992f9f42f964842c0379c 5640292 gst-plugins-bad1.0_1.18.4.orig.tar.xz
 121d09b8787c49a84da1c35e064b41a0e4930e26 43200 gst-plugins-bad1.0_1.18.4-3+deb11u6.debian.tar.xz
 71d8dce4c465a6f903999bcd01882766980f9fbd 33995 gst-plugins-bad1.0_1.18.4-3+deb11u6_amd64.buildinfo
Checksums-Sha256:
 55d84214bf8f40aac9045d1a3f84c67d893c51c3c71ad2c124d96b84d562d4c1 5795 gst-plugins-bad1.0_1.18.4-3+deb11u6.dsc
 74e806bc5595b18c70e9ca93571e27e79dfb808e5d2e7967afa952b52e99c85f 5640292 gst-plugins-bad1.0_1.18.4.orig.tar.xz
 0769913f84801da8313675ac3faa435c3b08c3c298bb7e4adb5bfb96f0d0b5f1 43200 gst-plugins-bad1.0_1.18.4-3+deb11u6.debian.tar.xz
 13b3acbe0593d2125a0ec17b83f2c870d046892166088b8d291a47f2a88b289b 33995 gst-plugins-bad1.0_1.18.4-3+deb11u6_amd64.buildinfo
Files:
 eefd2481d68f1f0810c1803c2de8a9b6 5795 libs optional gst-plugins-bad1.0_1.18.4-3+deb11u6.dsc
 8a73b497613a9f778e880b8a9eb9c1a3 5640292 libs optional gst-plugins-bad1.0_1.18.4.orig.tar.xz
 bb27345c7db2ea5083a4aa5204bb9c43 43200 libs optional gst-plugins-bad1.0_1.18.4-3+deb11u6.debian.tar.xz
 4eab8779298827e5503b6bae74ea2d89 33995 libs optional gst-plugins-bad1.0_1.18.4-3+deb11u6_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKnBAEBCgCRFiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmncy8JfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcTHGRlYmlhbkBh
bHRlaG9sei5kZQAKCRCW/KwNOHtYR/kjD/wOWbc7o1JaHBlepvIDQnqSbTNXNbKJ
Vwcbg6GFSK6W/JDQ28f/tuFQGEemAjP7tiMKrb6MrIQ4El6MJxf+a8ioqm1b/WDn
LMGXHKtOkW2jgZWI6cakVgIb94Yry6YnRH6YSHcXqsA6zbL3FA/zWV2aVrPt5npK
8mqAPetJJ5c01c/kWqQ9ObdKzyhjN1CqK+0kmDbbyjMLFDM+CJ3NdgCjiWnMUUvF
YzY584948TArTDeywlFqZ0w6J4javH7u/DuS3S9Lj5XJykRNu+YRI1rQp8oQ6ar8
jJq4tY7LAGSk33O+gxFaMHgxkE2D0W7XFfmSKrJP5sYMatmEbhuLAP+1k1pTvxMA
/Mm36iOgdF2AqjYI2nNsAqy2tI3Omd2xPac/A4PDQUQ20zyKrBs9jIyYCSo8QC2e
mll5eWF8EmisU4SPEiz/xmIqIsRcCKog8sHVgeQBlG3ckf2A1rG2eagRDk0gQstQ
tYgpiDimeqJ1kC4dapuJiwLJAd/GfQ0gFv3uNwRM7vjB3riMkYpdtunBytsm69aW
3K8alXm1jjQvpIv2Z60Pc/SpMFocjSnz3AYdIrLfll1urqIX3XfM8Ed5HgYUePWD
R63rC8BPt7ehrbEh2mZFUSLoFufT+ZvBFEgHVGAdpHV2kPfYKObmonWrFPK1SlSj
0x82kFwdIZmgjQ==
=39BM
-----END PGP SIGNATURE-----

News for package gst-plugins-bad1.0