[Git][security-tracker-team/security-tracker][master] gpac: precise triage
Sylvain Beucler
beuc at debian.org
Thu Jan 16 20:46:20 GMT 2020
Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c8323a37 by Sylvain Beucler at 2020-01-16T21:46:02+01:00
gpac: precise triage
CVE-2019-20159,CVE-2019-20163,CVE-2019-20164,CVE-2019-20165,CVE-2019-20166,CVE-2019-20167
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4757,24 +4757,33 @@ CVE-2019-20168 (An issue was discovered in GPAC version 0.8.0 and 0.9.0-developm
NOTE: https://github.com/gpac/gpac/commit/5250afecbc770c8f26829e9566d5b226a3c5fa80
CVE-2019-20167 (An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20 ...)
- gpac <unfixed>
+ [buster] - gpac <not-affected> (vulnerable code introduced in development version after v0.8)
+ [stretch] - gpac <not-affected> (vulnerable code introduced in development version after v0.8)
+ [jessie] - gpac <not-affected> (vulnerable code introduced in development version after v0.8)
NOTE: https://github.com/gpac/gpac/issues/1330
- NOTE: https://github.com/gpac/gpac/commit/5250afecbc770c8f26829e9566d5b226a3c5fa80
+ NOTE: https://github.com/gpac/gpac/commit/5250afecbc770c8f26829e9566d5b226a3c5fa80 (chunk #3)
CVE-2019-20166 (An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20 ...)
- gpac <unfixed>
+ [buster] - gpac <not-affected> (vulnerable code introduced in 0.7.0)
+ [stretch] - gpac <not-affected> (vulnerable code introduced in 0.7.0)
+ [jessie] - gpac <not-affected> (vulnerable code introduced in 0.7.0)
NOTE: https://github.com/gpac/gpac/issues/1331
- NOTE: https://github.com/gpac/gpac/commit/5250afecbc770c8f26829e9566d5b226a3c5fa80
+ NOTE: https://github.com/gpac/gpac/commit/5250afecbc770c8f26829e9566d5b226a3c5fa80 (chunk #2)
CVE-2019-20165 (An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20 ...)
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/1338
- NOTE: https://github.com/gpac/gpac/commit/5250afecbc770c8f26829e9566d5b226a3c5fa80
+ NOTE: https://github.com/gpac/gpac/commit/5250afecbc770c8f26829e9566d5b226a3c5fa80 (chunk #1)
CVE-2019-20164 (An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20 ...)
- gpac <unfixed>
+ [buster] - gpac <not-affected> (vulnerable code introduced in 0.7.0)
+ [stretch] - gpac <not-affected> (vulnerable code introduced in 0.7.0)
+ [jessie] - gpac <not-affected> (vulnerable code introduced in 0.7.0)
NOTE: https://github.com/gpac/gpac/issues/1332
- NOTE: https://github.com/gpac/gpac/commit/5250afecbc770c8f26829e9566d5b226a3c5fa80
+ NOTE: https://github.com/gpac/gpac/commit/5250afecbc770c8f26829e9566d5b226a3c5fa80 (chunk #2)
CVE-2019-20163 (An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20 ...)
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/1335
- NOTE: https://github.com/gpac/gpac/commit/5250afecbc770c8f26829e9566d5b226a3c5fa80
+ NOTE: https://github.com/gpac/gpac/commit/5250afecbc770c8f26829e9566d5b226a3c5fa80 (chunk #4)
CVE-2019-20162 (An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20 ...)
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/1327
@@ -4789,6 +4798,9 @@ CVE-2019-20160 (An issue was discovered in GPAC version 0.8.0 and 0.9.0-developm
NOTE: https://github.com/gpac/gpac/commit/bcfcb3e90476692fe0d2bb532ea8deeb2a77580e
CVE-2019-20159 (An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20 ...)
- gpac <unfixed>
+ [buster] - gpac <not-affected> (vulnerable code introduced in 0.7.0)
+ [stretch] - gpac <not-affected> (vulnerable code introduced in 0.7.0)
+ [jessie] - gpac <not-affected> (vulnerable code introduced in 0.7.0)
NOTE: https://github.com/gpac/gpac/issues/1321
NOTE: https://github.com/gpac/gpac/commit/e4c1f09ab9618b6af3bec6b94b8b349f2d01dbf8
CVE-2019-20158
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c8323a37f4784f017ed11028224060478b3a4e3a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c8323a37f4784f017ed11028224060478b3a4e3a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200116/01c256ac/attachment.html>
More information about the debian-security-tracker-commits
mailing list