diff options
author | GLSAMaker <glsamaker@gentoo.org> | 2023-11-25 09:36:29 +0000 |
---|---|---|
committer | Hans de Graaff <graaff@gentoo.org> | 2023-11-25 10:36:55 +0100 |
commit | 335f69a9cbc971132afe551e722b25032997f1b5 (patch) | |
tree | 7771118d1fca7c3ff7e0642f6cc55c3917f96a25 /glsa-202311-10.xml | |
parent | [ GLSA 202311-09 ] Go: Multiple Vulnerabilities (diff) | |
download | glsa-335f69a9cbc971132afe551e722b25032997f1b5.tar.gz glsa-335f69a9cbc971132afe551e722b25032997f1b5.tar.bz2 glsa-335f69a9cbc971132afe551e722b25032997f1b5.zip |
[ GLSA 202311-10 ] RenderDoc: Multiple Vulnerabilities
Bug: https://bugs.gentoo.org/908031
Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
Signed-off-by: Hans de Graaff <graaff@gentoo.org>
Diffstat (limited to 'glsa-202311-10.xml')
-rw-r--r-- | glsa-202311-10.xml | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/glsa-202311-10.xml b/glsa-202311-10.xml new file mode 100644 index 00000000..dd4ac274 --- /dev/null +++ b/glsa-202311-10.xml @@ -0,0 +1,44 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> +<glsa id="202311-10"> + <title>RenderDoc: Multiple Vulnerabilities</title> + <synopsis>Multiple vulnerabilities have been discovered in RenderDoc, the worst of which leads to remote code execution.</synopsis> + <product type="ebuild">renderdoc</product> + <announced>2023-11-25</announced> + <revised count="1">2023-11-25</revised> + <bug>908031</bug> + <access>remote</access> + <affected> + <package name="media-gfx/renderdoc" auto="yes" arch="*"> + <unaffected range="ge">1.27</unaffected> + <vulnerable range="lt">1.27</vulnerable> + </package> + </affected> + <background> + <p>RenderDoc is a free MIT licensed stand-alone graphics debugger that allows quick and easy single-frame capture and detailed introspection of any application using Vulkan, D3D11, OpenGL & OpenGL ES or D3D12 across Windows, Linux, Android, or Nintendo Switch™.</p> + </background> + <description> + <p>Multiple vulnerabilities have been discovered in GRUB. Please review the CVE identifiers referenced below for details.</p> + </description> + <impact type="high"> + <p>Please review the referenced CVE identifiers for details.</p> + </impact> + <workaround> + <p>There is no known workaround at this time.</p> + </workaround> + <resolution> + <p>All RenderDoc users should upgrade to the latest version:</p> + + <code> + # emerge --sync + # emerge --ask --oneshot --verbose ">=media-gfx/renderdoc-1.27" + </code> + </resolution> + <references> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-33863">CVE-2023-33863</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-33864">CVE-2023-33864</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-33865">CVE-2023-33865</uri> + </references> + <metadata tag="requester" timestamp="2023-11-25T09:36:29.923016Z">graaff</metadata> + <metadata tag="submitter" timestamp="2023-11-25T09:36:29.925676Z">graaff</metadata> +</glsa>
\ No newline at end of file |