[Git][security-tracker-team/security-tracker][master] new gpac issues
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Thu Aug 19 22:29:42 BST 2021
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
84a24b9c by Moritz Muehlenhoff at 2021-08-19T23:29:18+02:00
new gpac issues
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -41513,63 +41513,188 @@ CVE-2021-21864 (A unsafe deserialization vulnerability exists in the ComponentMo
CVE-2021-21863 (A unsafe deserialization vulnerability exists in the ComponentModel Pr ...)
NOT-FOR-US: CODESYS
CVE-2021-21862 (Multiple exploitable integer truncation vulnerabilities exist within t ...)
- TODO: check
+ - gpac <not-affected> (Vulnerable code not present)
+ NOTE: Introduced in https://github.com/gpac/gpac/commit/69ae9059fc
+ NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1298
+ NOTE: https://github.com/gpac/gpac/commit/8cd33e8977fd5f4215e4b67c309fd403762bfeb7
+ NOTE: https://github.com/gpac/gpac/issues/1814
CVE-2021-21861 (An exploitable integer truncation vulnerability exists within the MPEG ...)
- TODO: check
+ - gpac <unfixed>
+ [buster] - gpac <not-affected> (Vulnerable code not present)
+ NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1298
+ NOTE: https://github.com/gpac/gpac/commit/8cd33e8977fd5f4215e4b67c309fd403762bfeb7
+ NOTE: https://github.com/gpac/gpac/issues/1814
CVE-2021-21860 (An exploitable integer truncation vulnerability exists within the MPEG ...)
- TODO: check
+ - gpac <unfixed>
+ [buster] - gpac <not-affected> (Vulnerable code not present)
+ NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1298
+ NOTE: https://github.com/gpac/gpac/commit/8cd33e8977fd5f4215e4b67c309fd403762bfeb7
+ NOTE: https://github.com/gpac/gpac/issues/1814
CVE-2021-21859 (An exploitable integer truncation vulnerability exists within the MPEG ...)
- TODO: check
+ - gpac <unfixed>
+ [buster] - gpac <not-affected> (Vulnerable code not present)
+ NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1298
+ NOTE: https://github.com/gpac/gpac/commit/8cd33e8977fd5f4215e4b67c309fd403762bfeb7
+ NOTE: https://github.com/gpac/gpac/issues/1814
CVE-2021-21858 (Multiple exploitable integer overflow vulnerabilities exist within the ...)
- TODO: check
+ - gpac <unfixed>
+ [buster] - gpac <not-affected> (Vulnerable code not present)
+ NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1299
+ NOTE: https://github.com/gpac/gpac/commit/bbd741e0e5a6e7e1e90a73c350acc061dde9450b
+ NOTE: https://github.com/gpac/gpac/issues/1814
CVE-2021-21857 (Multiple exploitable integer overflow vulnerabilities exist within the ...)
- TODO: check
+ - gpac <unfixed>
+ [buster] - gpac <not-affected> (Vulnerable code not present)
+ NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1299
+ NOTE: https://github.com/gpac/gpac/commit/bbd741e0e5a6e7e1e90a73c350acc061dde9450b
+ NOTE: https://github.com/gpac/gpac/issues/1814
CVE-2021-21856 (Multiple exploitable integer overflow vulnerabilities exist within the ...)
- TODO: check
+ - gpac <not-affected> (Vulnerable code not present)
+ NOTE: Introduced in https://github.com/gpac/gpac/commit/35c4644cb5
+ NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1297
+ NOTE: https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
+ NOTE: https://github.com/gpac/gpac/issues/1814
CVE-2021-21855 (Multiple exploitable integer overflow vulnerabilities exist within the ...)
- TODO: check
+ - gpac <unfixed>
+ [buster] - gpac <not-affected> (Vulnerable code not present)
+ NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1299
+ NOTE: https://github.com/gpac/gpac/commit/bbd741e0e5a6e7e1e90a73c350acc061dde9450b
+ NOTE: https://github.com/gpac/gpac/issues/1814
CVE-2021-21854 (Multiple exploitable integer overflow vulnerabilities exist within the ...)
- TODO: check
+ - gpac <unfixed>
+ [buster] - gpac <not-affected> (Vulnerable code not present)
+ NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1299
+ NOTE: https://github.com/gpac/gpac/commit/bbd741e0e5a6e7e1e90a73c350acc061dde9450b
+ NOTE: https://github.com/gpac/gpac/issues/1814
CVE-2021-21853 (Multiple exploitable integer overflow vulnerabilities exist within the ...)
- TODO: check
+ - gpac <unfixed>
+ [buster] - gpac <not-affected> (Vulnerable code not present)
+ NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1299
+ NOTE: https://github.com/gpac/gpac/commit/bbd741e0e5a6e7e1e90a73c350acc061dde9450b
+ NOTE: https://github.com/gpac/gpac/issues/1814
CVE-2021-21852 (Multiple exploitable integer overflow vulnerabilities exist within the ...)
- TODO: check
+ - gpac <unfixed>
+ [buster] - gpac <not-affected> (Vulnerable code not present)
+ NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1297
+ NOTE: https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
+ NOTE: https://github.com/gpac/gpac/issues/1814
CVE-2021-21851 (Multiple exploitable integer overflow vulnerabilities exist within the ...)
- TODO: check
+ - gpac <not-affected> (Vulnerable code not present)
+ NOTE: Introduced in https://github.com/gpac/gpac/commit/0f9761c48541bc01f0c619b7d02916d28e87dea9
+ NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1297
+ NOTE: https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
+ NOTE: https://github.com/gpac/gpac/issues/1814
CVE-2021-21850
RESERVED
+ - gpac <unfixed>
+ [buster] - gpac <not-affected> (Vulnerable code not present)
+ NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1297
+ NOTE: https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
+ NOTE: https://github.com/gpac/gpac/issues/1814
CVE-2021-21849
RESERVED
+ - gpac <unfixed>
+ [buster] - gpac <not-affected> (Vulnerable code not present)
+ NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1297
+ NOTE: https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
+ NOTE: https://github.com/gpac/gpac/issues/1814
CVE-2021-21848
RESERVED
+ - gpac <unfixed>
+ [buster] - gpac <not-affected> (Vulnerable code not present)
+ NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1297
+ NOTE: https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
+ NOTE: https://github.com/gpac/gpac/issues/1814
CVE-2021-21847 (Multiple exploitable integer overflow vulnerabilities exist within the ...)
- TODO: check
+ - gpac <unfixed>
+ [buster] - gpac <not-affected> (Vulnerable code not present)
+ NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1297
+ NOTE: https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
+ NOTE: https://github.com/gpac/gpac/issues/1814
CVE-2021-21846 (Multiple exploitable integer overflow vulnerabilities exist within the ...)
- TODO: check
+ - gpac <unfixed>
+ [buster] - gpac <not-affected> (Vulnerable code not present)
+ NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1297
+ NOTE: https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
+ NOTE: https://github.com/gpac/gpac/issues/1814
CVE-2021-21845 (Multiple exploitable integer overflow vulnerabilities exist within the ...)
- TODO: check
+ - gpac <unfixed>
+ [buster] - gpac <not-affected> (Vulnerable code not present)
+ NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1297
+ NOTE: https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
+ NOTE: https://github.com/gpac/gpac/issues/1814
CVE-2021-21844 (Multiple exploitable integer overflow vulnerabilities exist within the ...)
- TODO: check
+ - gpac <unfixed>
+ [buster] - gpac <not-affected> (Vulnerable code not present)
+ NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1297
+ NOTE: https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
+ NOTE: https://github.com/gpac/gpac/issues/1814
CVE-2021-21843 (Multiple exploitable integer overflow vulnerabilities exist within the ...)
- TODO: check
+ - gpac <unfixed>
+ [buster] - gpac <not-affected> (Vulnerable code not present)
+ NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1297
+ NOTE: https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
+ NOTE: https://github.com/gpac/gpac/issues/1814
CVE-2021-21842
RESERVED
+ - gpac <unfixed>
+ [buster] - gpac <not-affected> (Vulnerable code not present)
+ NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1297
+ NOTE: https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
+ NOTE: https://github.com/gpac/gpac/issues/1814
CVE-2021-21841
RESERVED
+ - gpac <unfixed>
+ [buster] - gpac <not-affected> (Vulnerable code not present)
+ NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1297
+ NOTE: https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
+ NOTE: https://github.com/gpac/gpac/issues/1814
CVE-2021-21840
RESERVED
+ - gpac <unfixed>
+ [buster] - gpac <not-affected> (Vulnerable code not present)
+ NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1297
+ NOTE: https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
+ NOTE: https://github.com/gpac/gpac/issues/1814
CVE-2021-21839 (Multiple exploitable integer overflow vulnerabilities exist within the ...)
- TODO: check
+ - gpac <unfixed>
+ [buster] - gpac <not-affected> (Vulnerable code not present)
+ NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1297
+ NOTE: https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
+ NOTE: https://github.com/gpac/gpac/issues/1814
CVE-2021-21838 (Multiple exploitable integer overflow vulnerabilities exist within the ...)
- TODO: check
+ - gpac <unfixed>
+ [buster] - gpac <not-affected> (Vulnerable code not present)
+ NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1297
+ NOTE: https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
+ NOTE: https://github.com/gpac/gpac/issues/1814
CVE-2021-21837 (Multiple exploitable integer overflow vulnerabilities exist within the ...)
- TODO: check
+ - gpac <unfixed>
+ [buster] - gpac <not-affected> (Vulnerable code not present)
+ NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1297
+ NOTE: https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
+ NOTE: https://github.com/gpac/gpac/issues/1814
CVE-2021-21836
RESERVED
+ - gpac <unfixed>
+ [buster] - gpac <not-affected> (Vulnerable code not present)
+ NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1297
+ NOTE: https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
+ NOTE: https://github.com/gpac/gpac/issues/1814
CVE-2021-21835
RESERVED
+ - gpac <not-affected> (Vulnerable code not present)
+ NOTE: Introduced in https://github.com/gpac/gpac/commit/0f9761c48541bc01f0c619b7d02916d28e87dea9
+ NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1297
+ NOTE: https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
+ NOTE: https://github.com/gpac/gpac/issues/1814
CVE-2021-21834
RESERVED
+ - gpac <unfixed>
+ [buster] - gpac <not-affected> (Vulnerable code not present)
+ NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1297
+ NOTE: https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
+ NOTE: https://github.com/gpac/gpac/issues/1814
CVE-2021-21833 (An improper array index validation vulnerability exists in the TIF IP_ ...)
NOT-FOR-US: Accusoft ImageGear
CVE-2021-21832 (A memory corruption vulnerability exists in the ISO Parsing functional ...)
=====================================
data/dsa-needed.txt
=====================================
@@ -20,6 +20,8 @@ chromium
--
djvulibre
--
+gpac/stable (jmm)
+--
icu
--
linux (carnil)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/84a24b9c531e2cf2b0edea7273dccca673edfcb6
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/84a24b9c531e2cf2b0edea7273dccca673edfcb6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210819/cdd632c9/attachment.htm>
More information about the debian-security-tracker-commits
mailing list