Summary: | <dev-java/openjfx-11.0.11_p1: OOB read in bundled gstreamer | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | IN_PROGRESS --- | ||
Severity: | trivial | CC: | gyakovlev, java |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://openjdk.java.net/groups/vulnerability/advisories/2021-10-19 | ||
Whiteboard: | ~4 [cleanup] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 824306 |
Description
John Helmert III
2021-10-23 12:31:32 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e18fbd00f235dd87479fde7ea039a6b8339f8f6a commit e18fbd00f235dd87479fde7ea039a6b8339f8f6a Author: Georgy Yakovlev <gyakovlev@gentoo.org> AuthorDate: 2021-11-18 04:48:45 +0000 Commit: Georgy Yakovlev <gyakovlev@gentoo.org> CommitDate: 2021-11-18 04:48:45 +0000 dev-java/openjfx: add gstreamer CVE-2021-3522 fix Bug: https://bugs.gentoo.org/819633 Signed-off-by: Georgy Yakovlev <gyakovlev@gentoo.org> .../openjfx/files/11/gstreamer-CVE-2021-3522.patch | 31 ++++++++++++++++++++++ dev-java/openjfx/openjfx-11.0.11_p1.ebuild | 1 + 2 files changed, 32 insertions(+) yes, this file is bundled with openjfx I've added CVE patch in openjfx-11.0.11 will cleanup old versions sometime soon ~arch only so changing severity. Thanks! |