[Git][security-tracker-team/security-tracker][master] new gpac issues

Moritz Muehlenhoff (@jmm) jmm at debian.org
Thu Aug 19 21:45:39 BST 2021



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
eb7aa04b by Moritz Muehlenhoff at 2021-08-19T22:45:16+02:00
new gpac issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -15776,13 +15776,27 @@ CVE-2021-32442
 CVE-2021-32441
 	RESERVED
 CVE-2021-32440 (The Media_RewriteODFrame function in GPAC 1.0.1 allows attackers to ca ...)
-	TODO: check
+	- gpac <unfixed>
+	[bullseye] - gpac <ignored> (Minor issue)
+	[buster] - gpac <ignored> (Minor issue)
+	NOTE: https://github.com/gpac/gpac/commit/f0ba83717b6e4d7a15a1676d1fe06152e199b011
+	NOTE: https://github.com/gpac/gpac/issues/1772
 CVE-2021-32439 (Buffer overflow in the stbl_AppendSize function in MP4Box in GPAC 1.0. ...)
-	TODO: check
+	- gpac <unfixed>
+	NOTE: https://github.com/gpac/gpac/commit/77ed81c069e10b3861d88f72e1c6be1277ee7eae
+	NOTE: https://github.com/gpac/gpac/issues/1774
 CVE-2021-32438 (The gf_media_export_filters function in GPAC 1.0.1 allows attackers to ...)
-	TODO: check
+	- gpac <unfixed>
+	[bullseye] - gpac <ignored> (Minor issue)
+	[buster] - gpac <not-affected> (Vulnerable code not present)
+	NOTE: https://github.com/gpac/gpac/commit/00194f5fe462123f70b0bae7987317b52898b868
+	NOTE: https://github.com/gpac/gpac/issues/1769 de not present)
 CVE-2021-32437 (The gf_hinter_finalize function in GPAC 1.0.1 allows attackers to caus ...)
-	TODO: check
+	- gpac <unfixed>
+	[bullseye] - gpac <ignored> (Minor issue)
+	[buster] - gpac <ignored> (Minor issue)
+	NOTE: https://github.com/gpac/gpac/commit/1653f31cf874eb6df964bea88d58d8e9b98b485e
+	NOTE: https://github.com/gpac/gpac/issues/1770
 CVE-2021-32436
 	RESERVED
 CVE-2021-32435



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eb7aa04b033089ec4c1f8ffea05eecf332e9c9aa

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eb7aa04b033089ec4c1f8ffea05eecf332e9c9aa
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210819/fce12f22/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list