[Git][security-tracker-team/security-tracker][master] mark several CVEs from gpac as not-affected
Thorsten Alteholz (@alteholz)
alteholz at debian.org
Wed Jul 28 15:50:44 BST 2021
Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f2528f1b by Thorsten Alteholz at 2021-07-28T16:50:25+02:00
mark several CVEs from gpac as not-affected
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -14791,6 +14791,7 @@ CVE-2021-31263
CVE-2021-31262 (The AV1_DuplicateConfig function in GPAC 1.0.1 allows attackers to cau ...)
- gpac 1.0.1+dfsg1-4 (bug #987280)
[buster] - gpac <not-affected> (Vulnerable code not present)
+ [stretch] - gpac <not-affected> (Vulnerable code not present)
NOTE: https://github.com/gpac/gpac/commit/b2eab95e07cb5819375a50358d4806a8813b6e50
NOTE: https://github.com/gpac/gpac/issues/1738
CVE-2021-31261 (The gf_hinter_track_new function in GPAC 1.0.1 allows attackers to rea ...)
@@ -14826,6 +14827,7 @@ CVE-2021-31256 (Memory leak in the stbl_GetSampleInfos function in MP4Box in GPA
CVE-2021-31255 (Buffer overflow in the abst_box_read function in MP4Box in GPAC 1.0.1 ...)
- gpac 1.0.1+dfsg1-4 (bug #987280)
[buster] - gpac <not-affected> (Vulnerable code not present)
+ [stretch] - gpac <not-affected> (Vulnerable code not present)
NOTE: https://github.com/gpac/gpac/commit/758135e91e623d7dfe7f6aaad7aeb3f791b7a4e5
NOTE: https://github.com/gpac/gpac/issues/1733
CVE-2021-31254 (Buffer overflow in the tenc_box_read function in MP4Box in GPAC 1.0.1 ...)
@@ -17444,6 +17446,7 @@ CVE-2021-30200
CVE-2021-30199 (In filters/reframe_latm.c in GPAC 1.0.1 there is a Null Pointer Derefe ...)
- gpac 1.0.1+dfsg1-4 (bug #987323)
[buster] - gpac <not-affected> (Vulnerable code not present)
+ [stretch] - gpac <not-affected> (Vulnerable code not present)
NOTE: https://github.com/gpac/gpac/commit/b2db2f99b4c30f96e17b9a14537c776da6cb5dca
NOTE: https://github.com/gpac/gpac/issues/1728
CVE-2021-30198
@@ -17969,6 +17972,7 @@ CVE-2021-30023
CVE-2021-30022 (There is a integer overflow in media_tools/av_parsers.c in the gf_avc_ ...)
- gpac 1.0.1+dfsg1-4 (bug #987323)
[buster] - gpac <not-affected> (Vulnerable code not present)
+ [stretch] - gpac <not-affected> (Vulnerable code not present)
NOTE: https://github.com/gpac/gpac/commit/51cdb67ff7c5f1242ac58c5aa603ceaf1793b788
NOTE: https://github.com/gpac/gpac/issues/1720
CVE-2021-30021
@@ -17976,11 +17980,13 @@ CVE-2021-30021
CVE-2021-30020 (In the function gf_hevc_read_pps_bs_internal function in media_tools/a ...)
- gpac 1.0.1+dfsg1-4 (bug #987323)
[buster] - gpac <not-affected> (Vulnerable code not present)
+ [stretch] - gpac <not-affected> (Vulnerable code not present)
NOTE: https://github.com/gpac/gpac/commit/51cdb67ff7c5f1242ac58c5aa603ceaf1793b788
NOTE: https://github.com/gpac/gpac/issues/1722
CVE-2021-30019 (In the adts_dmx_process function in filters/reframe_adts.c in GPAC 1.0 ...)
- gpac 1.0.1+dfsg1-4 (bug #987323)
[buster] - gpac <not-affected> (Vulnerable code not present)
+ [stretch] - gpac <not-affected> (Vulnerable code not present)
NOTE: https://github.com/gpac/gpac/commit/22774aa9e62f586319c8f107f5bae950fed900bc
NOTE: https://github.com/gpac/gpac/issues/1723
CVE-2021-30018
@@ -17992,6 +17998,7 @@ CVE-2021-30016
CVE-2021-30015 (There is a Null Pointer Dereference in function filter_core/filter_pck ...)
- gpac 1.0.1+dfsg1-4 (bug #987323)
[buster] - gpac <not-affected> (Vulnerable code not present)
+ [stretch] - gpac <not-affected> (Vulnerable code not present)
NOTE: https://github.com/gpac/gpac/commit/13dad7d5ef74ca2e6fe4010f5b03eb12e9bbe0ec
NOTE: https://github.com/gpac/gpac/issues/1719
CVE-2021-30014 (There is a integer overflow in media_tools/av_parsers.c in the hevc_pa ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f2528f1b590723491575bc936c14c913fcb2ba67
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f2528f1b590723491575bc936c14c913fcb2ba67
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210728/b47089f1/attachment.htm>
More information about the debian-security-tracker-commits
mailing list