[Git][security-tracker-team/security-tracker][master] two gpac issues n/a
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Wed May 12 22:08:02 BST 2021
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9a7e8b5e by Moritz Muehlenhoff at 2021-05-12T23:07:43+02:00
two gpac issues n/a
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3185,9 +3185,10 @@ CVE-2021-31260 (The MergeTrack function in GPAC 1.0.1 allows attackers to cause
NOTE: https://github.com/gpac/gpac/commit/df8fffd839fe5ae9acd82d26fd48280a397411d9
NOTE: https://github.com/gpac/gpac/issues/1736
CVE-2021-31259 (The gf_isom_cenc_get_default_info_internal function in GPAC 1.0.1 allo ...)
- - gpac <unfixed> (bug #987280)
+ - gpac <not-affected> (Vulnerable code was introduced later)
NOTE: https://github.com/gpac/gpac/commit/3b84ffcbacf144ce35650df958432f472b6483f8
NOTE: https://github.com/gpac/gpac/issues/1735
+ NOTE: Introduced in https://github.com/gpac/gpac/commit/f966d85ee940b0a19dbbe972bc9ff042a98d7264 (after v1.0.1)
CVE-2021-31258 (The gf_isom_set_extraction_slc function in GPAC 1.0.1 allows attackers ...)
- gpac <unfixed> (bug #987280)
NOTE: https://github.com/gpac/gpac/commit/ebfa346eff05049718f7b80041093b4c5581c24e
@@ -3205,9 +3206,10 @@ CVE-2021-31255 (Buffer overflow in the abst_box_read function in MP4Box in GPAC
NOTE: https://github.com/gpac/gpac/commit/758135e91e623d7dfe7f6aaad7aeb3f791b7a4e5
NOTE: https://github.com/gpac/gpac/issues/1733
CVE-2021-31254 (Buffer overflow in the tenc_box_read function in MP4Box in GPAC 1.0.1 ...)
- - gpac <unfixed> (bug #987280)
+ - gpac <not-affected> (Vulnerable code was introduced later)
NOTE: https://github.com/gpac/gpac/commit/8986422c21fbd9a7bf6561cae65aae42077447e8
NOTE: https://github.com/gpac/gpac/issues/1703
+ NOTE: Introduced in https://github.com/gpac/gpac/commit/f966d85ee940b0a19dbbe972bc9ff042a98d7264 (after v1.0.1)
CVE-2021-31253
RESERVED
CVE-2021-31252
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9a7e8b5e1b44bd3e2ecb7081893fccbfa3d4e685
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9a7e8b5e1b44bd3e2ecb7081893fccbfa3d4e685
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210512/e0bf827c/attachment.htm>
More information about the debian-security-tracker-commits
mailing list