From: Raspbian automatic forward porter Date: Fri, 1 Dec 2023 06:19:58 +0000 (+0000) Subject: Merge version 1.14.4-1+rvt+deb10u3 and 1.14.4-1+deb10u5 to produce 1.14.4-1+rvt+deb10u5 X-Git-Tag: archive/raspbian/1.14.4-1+rvt+deb10u5^0 X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=9b81bd6024057d23a4c9db8a3a12617cf6358437;p=gst-plugins-bad1.0.git Merge version 1.14.4-1+rvt+deb10u3 and 1.14.4-1+deb10u5 to produce 1.14.4-1+rvt+deb10u5 --- 9b81bd6024057d23a4c9db8a3a12617cf6358437 diff --cc debian/changelog index 4dd7da6,ce8e998..317d104 --- a/debian/changelog +++ b/debian/changelog @@@ -1,9 -1,23 +1,30 @@@ - gst-plugins-bad1.0 (1.14.4-1+rvt+deb10u3) buster-staging; urgency=medium ++gst-plugins-bad1.0 (1.14.4-1+rvt+deb10u5) buster-staging; urgency=medium + + [changes brought forward from 1.14.4-1+rvtdeb10u1 by Peter Michael Green at Tue, 19 Jan 2021 23:14:49 +0000] + * Bump version number due to previous binnmu. + - -- Raspbian forward porter Fri, 28 Jul 2023 09:25:01 +0000 ++ -- Raspbian forward porter Fri, 01 Dec 2023 06:19:58 +0000 ++ + gst-plugins-bad1.0 (1.14.4-1+deb10u5) buster-security; urgency=high + + * Non-maintainer upload by the LTS Team. + * CVE-2023-44446 + mxfdemux: Store GstMXFDemuxEssenceTrack in their own fixed allocation + + -- Thorsten Alteholz Sun, 26 Nov 2023 22:55:02 +0200 + + gst-plugins-bad1.0 (1.14.4-1+deb10u4) buster-security; urgency=high + + * Non-maintainer upload by the LTS Team. + * CVE-2023-40476 + h265parser: Fix possible overflow using max_sub_layers_minus1 + * CVE-2023-40475 + mxfdemux: Check number of channels for AES3 audio (CVE-2023-40475) + * CVE-2023-40474 + mxfdemux: Fix integer overflow causing out of bounds writes when handling + invalid uncompressed video + + -- Thorsten Alteholz Fri, 27 Oct 2023 22:55:02 +0200 gst-plugins-bad1.0 (1.14.4-1+deb10u3) buster-security; urgency=high