[Git][security-tracker-team/security-tracker][master] Update information for CVE-2020-19751

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
51a7da1e by Salvatore Bonaccorso at 2021-09-09T22:03:47+02:00
Update information for CVE-2020-19751

Mark as addressed in 1.0.1+dfsg1-2 as it is the first version containing
the change from https://github.com/gpac/gpac/issues/1272 to address the
potential buffer overflow.

Drop the not-affected for buster as the code touched seems introduced
before already.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -80269,8 +80269,7 @@ CVE-2020-19752 (The find_color_or_error function in gifsicle 1.92 contains a NUL
 	NOTE: https://github.com/kohler/gifsicle/issues/140
 	NOTE: https://github.com/kohler/gifsicle/commit/eb9e083dcc0050996d79de2076ddc76011ad2f10 (v1.93)
 CVE-2020-19751 (An issue was discovered in gpac 0.8.0. The gf_odf_del_ipmp_tool functi ...)
-	- gpac <unfixed> (bug #993979)
-	[buster] - gpac <not-affected> (Vulnerable code introduced later)
+	- gpac 1.0.1+dfsg1-2 (bug #993979)
 	[stretch] - gpac <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/gpac/gpac/issues/1272
 	NOTE: https://github.com/gpac/gpac/commit/c26b0aa605aaea1f0ebe8d21fe1398d94680adf7 (v0.9.0-preview~20)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/51a7da1ecae92553de796f98510082c5f0bd9e5e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/51a7da1ecae92553de796f98510082c5f0bd9e5e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210909/76defbb8/attachment-0001.htm>