See https://github.blog/2023-10-09-coordinated-disclosure-1-click-rce-on-gnome-cve-2023-43641/.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=bc96ef44f74ca888b006e06cc4b0aad99ac6530d commit bc96ef44f74ca888b006e06cc4b0aad99ac6530d Author: Mart Raudsepp <leio@gentoo.org> AuthorDate: 2023-10-09 19:59:34 +0000 Commit: Mart Raudsepp <leio@gentoo.org> CommitDate: 2023-10-09 19:59:34 +0000 media-libs/libcue: fix CVE-2023-43641 Bug: https://bugs.gentoo.org/915500 Signed-off-by: Mart Raudsepp <leio@gentoo.org> media-libs/libcue/files/CVE-2023-43641.patch | 15 +++++++++++++++ media-libs/libcue/libcue-2.2.1-r1.ebuild | 24 ++++++++++++++++++++++++ 2 files changed, 39 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=a3669b4bdf46773bb95ad9e15fad8bda3525a467 commit a3669b4bdf46773bb95ad9e15fad8bda3525a467 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2023-10-10 06:13:46 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-10-10 06:14:08 +0000 [ GLSA 202310-10 ] libcue: Arbitrary Code Execution Bug: https://bugs.gentoo.org/915500 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Sam James <sam@gentoo.org> glsa-202310-10.xml | 44 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6065e11cdb9f0ac4b32187f2b0c4b91f33b762a9 commit 6065e11cdb9f0ac4b32187f2b0c4b91f33b762a9 Author: Mart Raudsepp <leio@gentoo.org> AuthorDate: 2023-10-10 21:39:14 +0000 Commit: Mart Raudsepp <leio@gentoo.org> CommitDate: 2023-10-10 21:39:35 +0000 media-libs/libcue: drop 2.2.1 Bug: https://bugs.gentoo.org/915500 Signed-off-by: Mart Raudsepp <leio@gentoo.org> media-libs/libcue/libcue-2.2.1.ebuild | 20 -------------------- 1 file changed, 20 deletions(-)