[Git][security-tracker-team/security-tracker][master] gpac: Seveal CVEs previously fixed in experimental fixed in unstable

Salvatore Bonaccorso carnil at debian.org
Sun Nov 22 07:48:57 GMT 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e1908dba by Salvatore Bonaccorso at 2020-11-22T08:48:25+01:00
gpac: Seveal CVEs previously fixed in experimental fixed in unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -43639,8 +43639,7 @@ CVE-2020-11560 (NCH Express Invoice 7.25 allows local users to discover the clea
 CVE-2020-11559
 	RESERVED
 CVE-2020-11558 (An issue was discovered in libgpac.a in GPAC 0.8.0, as demonstrated by ...)
-	[experimental] - gpac 1.0.1+dfsg1-1
-	- gpac <unfixed> (bug #972053)
+	- gpac 1.0.1+dfsg1-2 (bug #972053)
 	[buster] - gpac <no-dsa> (Minor issue)
 	[stretch] - gpac <no-dsa> (Minor issue)
 	[jessie] - gpac <not-affected> (Vulnerable code not present and not reproducible)
@@ -45446,40 +45445,35 @@ CVE-2020-10882 (This vulnerability allows network-adjacent attackers to execute
 CVE-2020-10881 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: TP-Link
 CVE-2019-20632 (An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstr ...)
-	[experimental] - gpac 1.0.1+dfsg1-1
-	- gpac <unfixed> (bug #972053)
+	- gpac 1.0.1+dfsg1-2 (bug #972053)
 	[buster] - gpac <no-dsa> (Minor issue)
 	[stretch] - gpac <no-dsa> (Minor issue)
 	[jessie] - gpac <ignored> (Minor issue)
 	NOTE: https://github.com/gpac/gpac/commit/1ab4860609f2e7a35634930571e7d0531297e090
 	NOTE: https://github.com/gpac/gpac/issues/1271
 CVE-2019-20631 (An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstr ...)
-	[experimental] - gpac 1.0.1+dfsg1-1
-	- gpac <unfixed> (bug #972053)
+	- gpac 1.0.1+dfsg1-2 (bug #972053)
 	[buster] - gpac <no-dsa> (Minor issue)
 	[stretch] - gpac <no-dsa> (Minor issue)
 	[jessie] - gpac <ignored> (Minor issue)
 	NOTE: https://github.com/gpac/gpac/commit/1ab4860609f2e7a35634930571e7d0531297e090
 	NOTE: https://github.com/gpac/gpac/issues/1270
 CVE-2019-20630 (An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstr ...)
-	[experimental] - gpac 1.0.1+dfsg1-1
-	- gpac <unfixed> (bug #972053)
+	- gpac 1.0.1+dfsg1-2 (bug #972053)
 	[buster] - gpac <no-dsa> (Minor issue)
 	[stretch] - gpac <no-dsa> (Minor issue)
 	[jessie] - gpac <ignored> (Minor issue)
 	NOTE: https://github.com/gpac/gpac/commit/1ab4860609f2e7a35634930571e7d0531297e090
 	NOTE: https://github.com/gpac/gpac/issues/1268
 CVE-2019-20629 (An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstr ...)
-	[experimental] - gpac 1.0.1+dfsg1-1
-	- gpac <unfixed> (bug #972053)
+	- gpac 1.0.1+dfsg1-2 (bug #972053)
 	[buster] - gpac <no-dsa> (Minor issue)
 	[stretch] - gpac <no-dsa> (Minor issue)
 	[jessie] - gpac <ignored> (Minor issue)
 	NOTE: https://github.com/gpac/gpac/commit/2320eb73afba753b39b7147be91f7be7afc0eeb7
 	NOTE: https://github.com/gpac/gpac/issues/1264
 CVE-2019-20628 (An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstr ...)
-	[experimental] - gpac 1.0.1+dfsg1-1
-	- gpac <unfixed> (bug #972053)
+	- gpac 1.0.1+dfsg1-2 (bug #972053)
 	[buster] - gpac <no-dsa> (Minor issue)
 	[stretch] - gpac <no-dsa> (Minor issue)
 	[jessie] - gpac <ignored> (Minor issue)
@@ -56267,8 +56261,7 @@ CVE-2020-6633
 CVE-2020-6632 (In PrestaShop 1.7.6.2, XSS can occur during addition or removal of a Q ...)
 	NOT-FOR-US: PrestaShop
 CVE-2020-6631 (An issue was discovered in GPAC version 0.8.0. There is a NULL pointer ...)
-	[experimental] - gpac 1.0.1+dfsg1-1
-	- gpac <unfixed> (bug #972053)
+	- gpac 1.0.1+dfsg1-2 (bug #972053)
 	[buster] - gpac <no-dsa> (Minor issue)
 	[stretch] - gpac <no-dsa> (Minor issue)
 	[jessie] - gpac <postponed> (Minor issue, clean crash, MP42TS not shipped, incomplete patch)
@@ -56276,8 +56269,7 @@ CVE-2020-6631 (An issue was discovered in GPAC version 0.8.0. There is a NULL po
 	NOTE: https://github.com/gpac/gpac/commit/c7e46e948ebe2d4a532539c7e714cdf655b84521
 	NOTE: fix considered "ugly" by upstream and introduces abort(3)-based DoS
 CVE-2020-6630 (An issue was discovered in GPAC version 0.8.0. There is a NULL pointer ...)
-	[experimental] - gpac 1.0.1+dfsg1-1
-	- gpac <unfixed> (bug #972053)
+	- gpac 1.0.1+dfsg1-2 (bug #972053)
 	[buster] - gpac <no-dsa> (Minor issue)
 	[stretch] - gpac <no-dsa> (Minor issue)
 	[jessie] - gpac <postponed> (Minor issue, clean crash, MP42TS not shipped, incomplete patch)
@@ -60227,8 +60219,7 @@ CVE-2019-20209 (The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and E
 	NOT-FOR-US: themes for WordPress
 CVE-2019-20208 (dimC_Read in isomedia/box_code_3gpp.c in GPAC 0.8.0 has a stack-based  ...)
 	{DLA-2072-1}
-	[experimental] - gpac 1.0.1+dfsg1-1
-	- gpac <unfixed> (bug #972053)
+	- gpac 1.0.1+dfsg1-2 (bug #972053)
 	[buster] - gpac <no-dsa> (Minor issue)
 	[stretch] - gpac <no-dsa> (Minor issue)
 	NOTE: https://github.com/gpac/gpac/issues/1348
@@ -60434,8 +60425,7 @@ CVE-2019-20171 (An issue was discovered in GPAC version 0.8.0 and 0.9.0-developm
 	NOTE: https://github.com/gpac/gpac/commit/2bcca3f1d4605100bb27d3ed7be25b53cddbc75c
 CVE-2019-20170 (An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20 ...)
 	{DLA-2072-1}
-	[experimental] - gpac 1.0.1+dfsg1-1
-	- gpac <unfixed> (bug #972053)
+	- gpac 1.0.1+dfsg1-2 (bug #972053)
 	[buster] - gpac <no-dsa> (Minor issue)
 	[stretch] - gpac <no-dsa> (Minor issue)
 	NOTE: https://github.com/gpac/gpac/issues/1328
@@ -60461,8 +60451,7 @@ CVE-2019-20166 (An issue was discovered in GPAC version 0.8.0 and 0.9.0-developm
 	NOTE: https://github.com/gpac/gpac/commit/5250afecbc770c8f26829e9566d5b226a3c5fa80 (chunk #2)
 CVE-2019-20165 (An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20 ...)
 	{DLA-2072-1}
-	[experimental] - gpac 1.0.1+dfsg1-1
-	- gpac <unfixed> (bug #972053)
+	- gpac 1.0.1+dfsg1-2 (bug #972053)
 	[buster] - gpac <no-dsa> (Minor issue)
 	[stretch] - gpac <no-dsa> (Minor issue)
 	NOTE: https://github.com/gpac/gpac/issues/1338
@@ -60473,24 +60462,21 @@ CVE-2019-20164 (An issue was discovered in GPAC version 0.8.0 and 0.9.0-developm
 	NOTE: https://github.com/gpac/gpac/commit/5250afecbc770c8f26829e9566d5b226a3c5fa80 (chunk #2)
 CVE-2019-20163 (An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20 ...)
 	{DLA-2072-1}
-	[experimental] - gpac 1.0.1+dfsg1-1
-	- gpac <unfixed> (bug #972053)
+	- gpac 1.0.1+dfsg1-2 (bug #972053)
 	[buster] - gpac <no-dsa> (Minor issue)
 	[stretch] - gpac <no-dsa> (Minor issue)
 	NOTE: https://github.com/gpac/gpac/issues/1335
 	NOTE: https://github.com/gpac/gpac/commit/5250afecbc770c8f26829e9566d5b226a3c5fa80 (chunk #4)
 CVE-2019-20162 (An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20 ...)
 	{DLA-2072-1}
-	[experimental] - gpac 1.0.1+dfsg1-1
-	- gpac <unfixed> (bug #972053)
+	- gpac 1.0.1+dfsg1-2 (bug #972053)
 	[buster] - gpac <no-dsa> (Minor issue)
 	[stretch] - gpac <no-dsa> (Minor issue)
 	NOTE: https://github.com/gpac/gpac/issues/1327
 	NOTE: https://github.com/gpac/gpac/commit/3c0ba42546c8148c51169c3908e845c308746c77
 CVE-2019-20161 (An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20 ...)
 	{DLA-2072-1}
-	[experimental] - gpac 1.0.1+dfsg1-1
-	- gpac <unfixed> (bug #972053)
+	- gpac 1.0.1+dfsg1-2 (bug #972053)
 	[buster] - gpac <no-dsa> (Minor issue)
 	[stretch] - gpac <no-dsa> (Minor issue)
 	NOTE: https://github.com/gpac/gpac/issues/1320
@@ -81651,16 +81637,14 @@ CVE-2018-21017 (GPAC 0.7.1 has a memory leak in dinf_Read in isomedia/box_code_b
 	NOTE: Fixed by: https://github.com/gpac/gpac/commit/d2371b4b204f0a3c0af51ad4e9b491144dd1225c (v0.8.)
 CVE-2018-21016 (audio_sample_entry_AddBox() at isomedia/box_code_base.c in GPAC 0.7.1  ...)
 	{DLA-2072-1}
-	[experimental] - gpac 1.0.1+dfsg1-1
-	- gpac <unfixed> (bug #940882)
+	- gpac 1.0.1+dfsg1-2 (bug #940882)
 	[buster] - gpac <no-dsa> (Minor issue)
 	[stretch] - gpac <no-dsa> (Minor issue)
 	NOTE: https://github.com/gpac/gpac/issues/1180
 	NOTE: https://github.com/gpac/gpac/commit/ea13945f3c2dc2c21e30e2731bf2782384307a13
 CVE-2018-21015 (AVC_DuplicateConfig() at isomedia/avc_ext.c in GPAC 0.7.1 allows remot ...)
 	{DLA-2072-1}
-	[experimental] - gpac 1.0.1+dfsg1-1
-	- gpac <unfixed> (bug #940882)
+	- gpac 1.0.1+dfsg1-2 (bug #940882)
 	[buster] - gpac <no-dsa> (Minor issue)
 	[stretch] - gpac <no-dsa> (Minor issue)
 	NOTE: https://github.com/gpac/gpac/issues/1179
@@ -90674,8 +90658,7 @@ CVE-2019-13619 (In Wireshark 3.0.0 to 3.0.2, 2.6.0 to 2.6.9, and 2.4.0 to 2.4.15
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=7e90aed666e809c0db5de9d1816802a7dcea28d9
 CVE-2019-13618 (In GPAC before 0.8.0, isomedia/isom_read.c in libgpac.a has a heap-bas ...)
 	{DLA-2072-1}
-	[experimental] - gpac 1.0.1+dfsg1-1
-	- gpac <unfixed> (low; bug #932242)
+	- gpac 1.0.1+dfsg1-2 (low; bug #932242)
 	[buster] - gpac <no-dsa> (Minor issue)
 	[stretch] - gpac <no-dsa> (Minor issue)
 	NOTE: https://github.com/gpac/gpac/issues/1250
@@ -94773,24 +94756,21 @@ CVE-2019-12484
 	RESERVED
 CVE-2019-12483 (An issue was discovered in GPAC 0.7.1. There is a heap-based buffer ov ...)
 	{DLA-1841-1}
-	[experimental] - gpac 1.0.1+dfsg1-1
-	- gpac <unfixed> (bug #931088)
+	- gpac 1.0.1+dfsg1-2 (bug #931088)
 	[buster] - gpac <no-dsa> (Minor issue)
 	[stretch] - gpac <no-dsa> (Minor issue)
 	NOTE: https://github.com/gpac/gpac/issues/1249
 	NOTE: https://github.com/gpac/gpac/commit/f40aaaf959d4d1f7fa0dcd04c0666592e615c8f1
 CVE-2019-12482 (An issue was discovered in GPAC 0.7.1. There is a NULL pointer derefer ...)
 	{DLA-1841-1}
-	[experimental] - gpac 1.0.1+dfsg1-1
-	- gpac <unfixed> (bug #931088)
+	- gpac 1.0.1+dfsg1-2 (bug #931088)
 	[buster] - gpac <no-dsa> (Minor issue)
 	[stretch] - gpac <no-dsa> (Minor issue)
 	NOTE: https://github.com/gpac/gpac/issues/1249
 	NOTE: https://github.com/gpac/gpac/commit/f40aaaf959d4d1f7fa0dcd04c0666592e615c8f1
 CVE-2019-12481 (An issue was discovered in GPAC 0.7.1. There is a NULL pointer derefer ...)
 	{DLA-1841-1}
-	[experimental] - gpac 1.0.1+dfsg1-1
-	- gpac <unfixed> (bug #931088)
+	- gpac 1.0.1+dfsg1-2 (bug #931088)
 	[buster] - gpac <no-dsa> (Minor issue)
 	[stretch] - gpac <no-dsa> (Minor issue)
 	NOTE: https://github.com/gpac/gpac/issues/1249



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e1908dba653837b05eab27945ddf2ebd06f490fb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e1908dba653837b05eab27945ddf2ebd06f490fb
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201122/ac240911/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list