[Git][security-tracker-team/security-tracker][master] 3 commits: mark CVE-2021-36584 as no-dsa

Sat Aug 28 19:08:11 BST 2021


Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4a5195e6 by Thorsten Alteholz at 2021-08-28T20:04:45+02:00
mark CVE-2021-36584 as no-dsa

- - - - -
3a596096 by Thorsten Alteholz at 2021-08-28T20:07:23+02:00
mark CVE-2021-32439 as postponed in Stretch

- - - - -
7b804355 by Thorsten Alteholz at 2021-08-28T20:07:52+02:00
no upload needed yet

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -8027,6 +8027,7 @@ CVE-2021-36585
 	RESERVED
 CVE-2021-36584 (An issue was discovered in GPAC 1.0.1. There is a heap-based buffer ov ...)
 	- gpac <unfixed> (bug #991965)
+	[stretch] - gpac <ignored> (Minor issue)
 	NOTE: https://github.com/gpac/gpac/issues/1842
 	NOTE: https://github.com/gpac/gpac/commit/13442ec1c401a4181ba6d7f79c27df6054c817c7
 CVE-2021-36583
@@ -17734,6 +17735,7 @@ CVE-2021-32440 (The Media_RewriteODFrame function in GPAC 1.0.1 allows attackers
 	NOTE: https://github.com/gpac/gpac/issues/1772
 CVE-2021-32439 (Buffer overflow in the stbl_AppendSize function in MP4Box in GPAC 1.0. ...)
 	- gpac <unfixed>
+	[stretch] - gpac <postponed> (Minor issue; can be fixed in next update)
 	NOTE: https://github.com/gpac/gpac/commit/77ed81c069e10b3861d88f72e1c6be1277ee7eae
 	NOTE: https://github.com/gpac/gpac/issues/1774
 CVE-2021-32438 (The gf_media_export_filters function in GPAC 1.0.1 allows attackers to ...)


=====================================
data/dla-needed.txt
=====================================
@@ -27,9 +27,6 @@ firmware-nonfree (Anton Gladky)
   NOTE: 20210815: Planed to be finished on CW 34/2021
   NOTE: 20210822: Work is delayed due to urgent regression fix in another package
 --
-gpac (Thorsten Alteholz)
-  NOTE: 20210815: WIP, almost done, still testing package
---
 grilo (Thorsten Alteholz)
   NOTE: 20210825: ssl-use-system-ca-file is used in libsoup2.4 since version 2.38
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/7c043b91d1d9f6f1926224aa423f904a938b61cc...7b804355815a1adfe9f2adc778c647e6d5d6610e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/7c043b91d1d9f6f1926224aa423f904a938b61cc...7b804355815a1adfe9f2adc778c647e6d5d6610e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210828/1021f94b/attachment-0001.htm>
