diff options
| author | Jason E. Hale <jhale@FreeBSD.org> | 2026-01-04 07:27:57 +0000 |
|---|---|---|
| committer | Jason E. Hale <jhale@FreeBSD.org> | 2026-01-04 07:27:57 +0000 |
| commit | f118bbed28a8ed89378db863370a75a4efdf6753 (patch) | |
| tree | 236fd2fb097ec25c3a3b9f0b1493bef8cc21e50f | |
| parent | 64597899da4da313a7c899c38c25e42c1e407f17 (diff) | |
security/vuxml: Add gstreamer1-plugins-bad < 1.26.10
Update for 2026.
| -rw-r--r-- | security/vuxml/files/tidy.xsl | 1 | ||||
| -rw-r--r-- | security/vuxml/vuln.xml | 4 | ||||
| -rw-r--r-- | security/vuxml/vuln/2026.xml | 27 |
3 files changed, 31 insertions, 1 deletions
diff --git a/security/vuxml/files/tidy.xsl b/security/vuxml/files/tidy.xsl index c890e51e0d72..6f746cb5fec0 100644 --- a/security/vuxml/files/tidy.xsl +++ b/security/vuxml/files/tidy.xsl @@ -48,6 +48,7 @@ result in more namespace declarations than we wish. <!ENTITY vuln-2023 SYSTEM "vuln/2023.xml"> <!ENTITY vuln-2024 SYSTEM "vuln/2024.xml"> <!ENTITY vuln-2025 SYSTEM "vuln/2025.xml"> +<!ENTITY vuln-2026 SYSTEM "vuln/2026.xml"> ]> ]]></xsl:text> <xsl:apply-templates /> diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index f5af9b864a2a..898ca45c2d68 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -23,9 +23,10 @@ <!ENTITY vuln-2023 SYSTEM "vuln/2023.xml"> <!ENTITY vuln-2024 SYSTEM "vuln/2024.xml"> <!ENTITY vuln-2025 SYSTEM "vuln/2025.xml"> +<!ENTITY vuln-2026 SYSTEM "vuln/2026.xml"> ]> <!-- -Copyright 2003-2025 Jacques Vidrine and contributors +Copyright 2003-2026 Jacques Vidrine and contributors Redistribution and use in source (VuXML) and 'compiled' forms (SGML, HTML, PDF, PostScript, RTF and so forth) with or without modification, @@ -81,6 +82,7 @@ Notes: * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> +&vuln-2026; &vuln-2025; &vuln-2024; &vuln-2023; diff --git a/security/vuxml/vuln/2026.xml b/security/vuxml/vuln/2026.xml new file mode 100644 index 000000000000..1934457383fa --- /dev/null +++ b/security/vuxml/vuln/2026.xml @@ -0,0 +1,27 @@ + <vuln vid="500cc49c-e93b-11f0-b8d8-4ccc6adda413"> + <topic>gstreamer1-plugins-bad -- Out-of-bounds reads in MIDI parser</topic> + <affects> +<package> +<name>gstreamer1-plugins-bad</name> +<range><lt>1.26.10</lt></range> +</package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>The GStreamer Security Center reports:</p> + <blockquote cite="https://gstreamer.freedesktop.org/security/sa-2025-0009.html"> + <p>Multiple out-of-bounds reads in the MIDI parser that can cause + crashes for certain input files.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-67326</cvename> + <cvename>CVE-2025-67327</cvename> + <url>https://gstreamer.freedesktop.org/security/sa-2025-0009.html</url> + </references> + <dates> + <discovery>2025-12-27</discovery> + <entry>2026-01-04</entry> + </dates> + </vuln> |