[Git][security-tracker-team/security-tracker][master] more gpac security fixes in experimental
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Fri Feb 25 15:23:54 GMT 2022
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9f9dceb9 by Moritz Muehlenhoff at 2022-02-25T16:23:23+01:00
more gpac security fixes in experimental
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -12879,9 +12879,10 @@ CVE-2021-45832 (A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.
NOTE: https://github.com/HDFGroup/hdf5/issues/1315
NOTE: https://github.com/advisories/GHSA-hvh7-f5p9-68g8
CVE-2021-45831 (A Null Pointer Dereference vulnerability exitgs in GPAC 1.0.1 in MP4Bo ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/1990
- NOTE: https://github.com/gpac/gpac/commit/4613a35362e15a6df90453bd632d083645e5a765
+ NOTE: https://github.com/gpac/gpac/commit/4613a35362e15a6df90453bd632d083645e5a765 (v2.0.0)
CVE-2021-45830 (A heap-based buffer overflow vulnerability exists in HDF5 1.13.1-1 via ...)
- hdf5 <undetermined>
NOTE: https://github.com/HDFGroup/hdf5/issues/1314
@@ -13013,31 +13014,36 @@ CVE-2021-45769 (A NULL pointer dereference in AcseConnection_parseMessage at src
CVE-2021-45768
RESERVED
CVE-2021-45767 (GPAC 1.1.0 was discovered to contain an invalid memory address derefer ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/1982
- NOTE: https://github.com/gpac/gpac/commit/830548acd030467e857f4cf0b79af8ebf1e04dde
+ NOTE: https://github.com/gpac/gpac/commit/830548acd030467e857f4cf0b79af8ebf1e04dde (v2.0.0)
CVE-2021-45766
RESERVED
CVE-2021-45765
RESERVED
CVE-2021-45764 (GPAC v1.1.0 was discovered to contain an invalid memory address derefe ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/1971
- NOTE: https://github.com/gpac/gpac/commit/e54df17892bee983d09d9437e44e6a1528fb46cb
+ NOTE: https://github.com/gpac/gpac/commit/e54df17892bee983d09d9437e44e6a1528fb46cb (v2.0.0)
CVE-2021-45763 (GPAC v1.1.0 was discovered to contain an invalid call in the function ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/1974
- NOTE: https://github.com/gpac/gpac/commit/d2f74e49f2cb8d687c0dc38f66b99e3c5c7d7fec
+ NOTE: https://github.com/gpac/gpac/commit/d2f74e49f2cb8d687c0dc38f66b99e3c5c7d7fec (v2.0.0)
CVE-2021-45762 (GPAC v1.1.0 was discovered to contain an invalid memory address derefe ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/1978
- NOTE: https://github.com/gpac/gpac/commit/6d647f6e458c9b727eae1a8077d27fa433ced788
+ NOTE: https://github.com/gpac/gpac/commit/6d647f6e458c9b727eae1a8077d27fa433ced788 (v2.0.0)
CVE-2021-45761 (ROPium v3.1 was discovered to contain an invalid memory address derefe ...)
NOT-FOR-US: ROPium
CVE-2021-45760 (GPAC v1.1.0 was discovered to contain an invalid memory address derefe ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/1966
- NOTE: https://github.com/gpac/gpac/commit/5041fcbaa904a89d280561905a163171b3828cea
+ NOTE: https://github.com/gpac/gpac/commit/5041fcbaa904a89d280561905a163171b3828cea (v2.0.0)
CVE-2021-45759
RESERVED
CVE-2021-45758
@@ -14645,9 +14651,10 @@ CVE-2021-45299
CVE-2021-45298
RESERVED
CVE-2021-45297 (An infinite loop vulnerability exists in Gpac 1.0.1 in gf_get_bit_size ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/1973
- NOTE: https://github.com/gpac/gpac/commit/fb13af36286b9d898e332e8762a286eb83bd1770
+ NOTE: https://github.com/gpac/gpac/commit/fb13af36286b9d898e332e8762a286eb83bd1770 (v2.0.0)
CVE-2021-45296
RESERVED
CVE-2021-45295
@@ -14661,13 +14668,15 @@ CVE-2021-45293 (A Denial of Service vulnerability exists in Binaryen 103 due to
NOTE: https://github.com/WebAssembly/binaryen/commit/b1f6298ed8756bdc3336429c04b92ba58d000b49 (version_104)
NOTE: Crash in CLI tool, no security impact
CVE-2021-45292 (The gf_isom_hint_rtp_read function in GPAC 1.0.1 allows attackers to c ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/1958
- NOTE: https://github.com/gpac/gpac/commit/3dafcb5e71e9ffebb50238784dcad8b105da81f6
+ NOTE: https://github.com/gpac/gpac/commit/3dafcb5e71e9ffebb50238784dcad8b105da81f6 (v2.0.0)
CVE-2021-45291 (The gf_dump_setup function in GPAC 1.0.1 allows malicoius users to cau ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/1955
- NOTE: https://github.com/gpac/gpac/commit/a07c64979af592aad56bc175157b7397e43fa9cc
+ NOTE: https://github.com/gpac/gpac/commit/a07c64979af592aad56bc175157b7397e43fa9cc (v2.0.0)
CVE-2021-45290 (A Denial of Service vulnerability exits in Binaryen 103 due to an asse ...)
- binaryen 104-1 (unimportant)
NOTE: https://github.com/WebAssembly/binaryen/issues/4383
@@ -14675,13 +14684,15 @@ CVE-2021-45290 (A Denial of Service vulnerability exits in Binaryen 103 due to a
NOTE: https://github.com/WebAssembly/binaryen/commit/62d83d5fcad015ce52f0f3122eab9df1c629cafb (version_104)
NOTE: Crash in CLI tool, no security impact
CVE-2021-45289 (A vulnerability exists in GPAC 1.0.1 due to an omission of security-re ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/1972
- NOTE: https://github.com/gpac/gpac/commit/5e1f084e0c6ad2736c9913715c4abb57c554209d
+ NOTE: https://github.com/gpac/gpac/commit/5e1f084e0c6ad2736c9913715c4abb57c554209d (v2.0.0)
CVE-2021-45288 (A Double Free vulnerability exists in filedump.c in GPAC 1.0.1, which ...)
+ [experimental] - gpac 2.0.0+dfsg1-1v2.0.0
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/1956
- NOTE: https://github.com/gpac/gpac/commit/9bbce9634cba1128aa4b96d590be578ae3ce80b3
+ NOTE: https://github.com/gpac/gpac/commit/9bbce9634cba1128aa4b96d590be578ae3ce80b3 (v2.0.0)
CVE-2021-45287
RESERVED
CVE-2021-45286 (Directory Traversal vulnerability exists in ZZCMS 2021 via the skin pa ...)
@@ -14723,49 +14734,56 @@ CVE-2021-45269
CVE-2021-45268 (** DISPUTED ** A Cross Site Request Forgery (CSRF) vulnerability exist ...)
NOT-FOR-US: Backdrop CMS
CVE-2021-45267 (An invalid memory address dereference vulnerability exists in gpac 1.1 ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/1965
- NOTE: https://github.com/gpac/gpac/commit/29f31f431b18278b94c659452562e8a027436487
+ NOTE: https://github.com/gpac/gpac/commit/29f31f431b18278b94c659452562e8a027436487 (v2.0.0)
CVE-2021-45266 (A null pointer dereference vulnerability exists in gpac 1.1.0 via the ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/1985
- NOTE: https://github.com/gpac/gpac/commit/76b9e3f578a056fee07a4b317f5b36a83d01810e
+ NOTE: https://github.com/gpac/gpac/commit/76b9e3f578a056fee07a4b317f5b36a83d01810e (v2.0.0)
CVE-2021-45265
RESERVED
CVE-2021-45264
RESERVED
CVE-2021-45263 (An invalid free vulnerability exists in gpac 1.1.0 via the gf_svg_dele ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/1975
- NOTE: https://github.com/gpac/gpac/commit/b232648da3b111a0efe500501ee8ca8f32b616e9
+ NOTE: https://github.com/gpac/gpac/commit/b232648da3b111a0efe500501ee8ca8f32b616e9 (v2.0.0)
CVE-2021-45262 (An invalid free vulnerability exists in gpac 1.1.0 via the gf_sg_comma ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/1980
- NOTE: https://github.com/gpac/gpac/commit/ef86a8eba3b166b885dec219066dd3a47501e03a
+ NOTE: https://github.com/gpac/gpac/commit/ef86a8eba3b166b885dec219066dd3a47501e03a (v2.0.0)
CVE-2021-45261 (An Invalid Pointer vulnerability exists in GNU patch 2.7 via the anoth ...)
- patch <unfixed> (unimportant)
NOTE: https://savannah.gnu.org/bugs/?61685
NOTE: Negligible security impact
CVE-2021-45260 (A null pointer dereference vulnerability exists in gpac 1.1.0 in the l ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
[bullseye] - gpac <ignored> (Minor issue)
[buster] - gpac <ignored> (Minor issue)
NOTE: https://github.com/gpac/gpac/issues/1979
NOTE: https://github.com/gpac/gpac/issues/1977
- NOTE: https://github.com/gpac/gpac/commit/5e5e9c48b1a61e3844e9fbe26292305ab4c06d04
+ NOTE: https://github.com/gpac/gpac/commit/5e5e9c48b1a61e3844e9fbe26292305ab4c06d04 (v2.0.0)
NOTE: Reported twice upstream, fix is in issue 1977 - identical report in issue 1979
CVE-2021-45259 (An Invalid pointer reference vulnerability exists in gpac 1.1.0 via th ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
[bullseye] - gpac <ignored> (Minor issue)
[buster] - gpac <ignored> (Minor issue)
NOTE: https://github.com/gpac/gpac/issues/1986
- NOTE: https://github.com/gpac/gpac/commit/654c796482c2609aa736315f9273d6c5912e0a29
+ NOTE: https://github.com/gpac/gpac/commit/654c796482c2609aa736315f9273d6c5912e0a29 (v2.0.0)
CVE-2021-45258 (A stack overflow vulnerability exists in gpac 1.1.0 via the gf_bifs_de ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
[bullseye] - gpac <ignored> (Minor issue)
[buster] - gpac <ignored> (Minor issue)
NOTE: https://github.com/gpac/gpac/issues/1970
- NOTE: https://github.com/gpac/gpac/commit/47a26a32c9a2cd630c48517c3e6ab2fa5f6a26ad
+ NOTE: https://github.com/gpac/gpac/commit/47a26a32c9a2cd630c48517c3e6ab2fa5f6a26ad (v2.0.0)
CVE-2021-45257 (An infinite loop vulnerability exists in nasm 2.16rc0 via the gpaste_t ...)
- nasm <unfixed> (unimportant)
NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392790
@@ -16107,47 +16125,57 @@ CVE-2021-44929
CVE-2021-44928
RESERVED
CVE-2021-44927 (A null pointer dereference vulnerability exists in gpac 1.1.0 in the g ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/1960
- NOTE: https://github.com/gpac/gpac/commit/eaea647cc7dec7b452c17e72f4ce46be35348c92
+ NOTE: https://github.com/gpac/gpac/commit/eaea647cc7dec7b452c17e72f4ce46be35348c92 (v2.0.0)
CVE-2021-44926 (A null pointer dereference vulnerability exists in gpac 1.1.0-DEV in t ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/1961
- NOTE: https://github.com/gpac/gpac/commit/f73da86bf32992f62b9ff2b9c9e853e3c97edf8e
+ NOTE: https://github.com/gpac/gpac/commit/f73da86bf32992f62b9ff2b9c9e853e3c97edf8e (v2.0.0)
CVE-2021-44925 (A null pointer dereference vulnerability exists in gpac 1.1.0 in the g ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/1967
- NOTE: https://github.com/gpac/gpac/commit/a5a8dbcdd95666f763fe59ab65154ae9271a18f2
+ NOTE: https://github.com/gpac/gpac/commit/a5a8dbcdd95666f763fe59ab65154ae9271a18f2 (v2.0.0)
CVE-2021-44924 (An infinite loop vulnerability exists in gpac 1.1.0 in the gf_log func ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/1959
- NOTE: https://github.com/gpac/gpac/commit/e2acb1511d1e69115141ea3080afd1cce6a15497
+ NOTE: https://github.com/gpac/gpac/commit/e2acb1511d1e69115141ea3080afd1cce6a15497 (v2.0.0)
CVE-2021-44923 (A null pointer dereference vulnerability exists in gpac 1.1.0 in the g ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/1962
- NOTE: https://github.com/gpac/gpac/commit/8a3c021109d26894c3cb85c9d7cda5780a3a2229
+ NOTE: https://github.com/gpac/gpac/commit/8a3c021109d26894c3cb85c9d7cda5780a3a2229 (v2.0.0)
CVE-2021-44922 (A null pointer dereference vulnerability exists in gpac 1.1.0 in the B ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/1969
NOTE: https://github.com/gpac/gpac/issues/1968
- NOTE: https://github.com/gpac/gpac/commit/75474199cf7187868fa4be4e76377db3c659ee9a
+ NOTE: https://github.com/gpac/gpac/commit/75474199cf7187868fa4be4e76377db3c659ee9a (v2.0.0)
CVE-2021-44921 (A null pointer dereference vulnerability exists in gpac 1.1.0 in the g ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/1964
- NOTE: https://github.com/gpac/gpac/commit/5b4a6417a90223f1ef6c0b41b055716f7bfbbca2
+ NOTE: https://github.com/gpac/gpac/commit/5b4a6417a90223f1ef6c0b41b055716f7bfbbca2 (v2.0.0)
CVE-2021-44920 (An invalid memory address dereference vulnerability exists in gpac 1.1 ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/1957
- NOTE: https://github.com/gpac/gpac/commit/339fe399e7c8eab748bab76e9e6a9da7e117eeb4
+ NOTE: https://github.com/gpac/gpac/commit/339fe399e7c8eab748bab76e9e6a9da7e117eeb4 (v2.0.0)
CVE-2021-44919 (A Null Pointer Dereference vulnerability exists in the gf_sg_vrml_mf_a ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/1963
NOTE: https://github.com/gpac/gpac/issues/1962
- NOTE: https://github.com/gpac/gpac/commit/8a3c021109d26894c3cb85c9d7cda5780a3a2229
+ NOTE: https://github.com/gpac/gpac/commit/8a3c021109d26894c3cb85c9d7cda5780a3a2229 (v2.0.0)
CVE-2021-44918 (A Null Pointer Dereference vulnerability exists in gpac 1.1.0 in the g ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/1968
- NOTE: https://github.com/gpac/gpac/commit/75474199cf7187868fa4be4e76377db3c659ee9a
+ NOTE: https://github.com/gpac/gpac/commit/75474199cf7187868fa4be4e76377db3c659ee9a (v2.0.0)
CVE-2021-44917 (A Divide by Zero vulnerability exists in gnuplot 5.4 in the boundary3d ...)
- gnuplot 5.4.2+dfsg2-2 (unimportant; bug #1002539)
NOTE: https://sourceforge.net/p/gnuplot/bugs/2474/
@@ -28752,25 +28780,28 @@ CVE-2021-41461 (Cross-site scripting (XSS) vulnerability in concrete/elements/co
CVE-2021-41460
RESERVED
CVE-2021-41459 (There is a stack buffer overflow in MP4Box v1.0.1 at src/filters/dmx_n ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
[buster] - gpac <not-affected> (Vulnerable code not present)
[stretch] - gpac <not-affected> (Vulnerable code not present)
NOTE: https://github.com/gpac/gpac/issues/1912
- NOTE: Fixed by: https://github.com/gpac/gpac/commit/7d4538e104f2b3ff6a65a41394795654e6972339
+ NOTE: Fixed by: https://github.com/gpac/gpac/commit/7d4538e104f2b3ff6a65a41394795654e6972339 (v2.0.0)
CVE-2021-41458
RESERVED
CVE-2021-41457 (There is a stack buffer overflow in MP4Box 1.1.0 at src/filters/dmx_nh ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
[buster] - gpac <not-affected> (Vulnerable code not present)
[stretch] - gpac <not-affected> (Vulnerable code not present)
NOTE: https://github.com/gpac/gpac/issues/1909
- NOTE: Fixed by: https://github.com/gpac/gpac/commit/ae2828284f2fc0381548aaa991958f1eb9b90619
+ NOTE: Fixed by: https://github.com/gpac/gpac/commit/ae2828284f2fc0381548aaa991958f1eb9b90619 (v2.0.0)
CVE-2021-41456 (There is a stack buffer overflow in MP4Box v1.0.1 at src/filters/dmx_n ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
[buster] - gpac <not-affected> (Vulnerable code not present)
[stretch] - gpac <not-affected> (Vulnerable code not present)
NOTE: https://github.com/gpac/gpac/issues/1911
- NOTE: Fixed by: https://github.com/gpac/gpac/commit/74695dea7278e78af3db467e586233fe8773c07e
+ NOTE: Fixed by: https://github.com/gpac/gpac/commit/74695dea7278e78af3db467e586233fe8773c07e (v2.0.0)
CVE-2021-41455
RESERVED
CVE-2021-41454
@@ -30888,73 +30919,89 @@ CVE-2021-40578 (Authenticated Blind & Error-based SQL injection vulnerabilit
CVE-2021-40577 (A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecode ...)
NOT-FOR-US: Sourcecodester
CVE-2021-40576 (The binary MP4Box in Gpac 1.0.1 has a null pointer dereference vulnera ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/1904
- NOTE: https://github.com/gpac/gpac/commit/ad18ece95fa064efc0995c4ab2c985f77fb166ec
+ NOTE: https://github.com/gpac/gpac/commit/ad18ece95fa064efc0995c4ab2c985f77fb166ec (v2.0.0)
CVE-2021-40575 (The binary MP4Box in Gpac 1.0.1 has a null pointer dereference vulnera ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/1905
- NOTE: https://github.com/gpac/gpac/commit/5f2c2a16d30229b6241f02fa28e3d6b810d64858
+ NOTE: https://github.com/gpac/gpac/commit/5f2c2a16d30229b6241f02fa28e3d6b810d64858 (v2.0.0)
CVE-2021-40574 (The binary MP4Box in Gpac 1.0.1 has a double-free vulnerability in the ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/1897
- NOTE: https://github.com/gpac/gpac/commit/30ac5e5236b790accd1f25347eebf2dc8c6c1bcb
+ NOTE: https://github.com/gpac/gpac/commit/30ac5e5236b790accd1f25347eebf2dc8c6c1bcb (v2.0.0)
CVE-2021-40573 (The binary MP4Box in Gpac 1.0.1 has a double-free vulnerability in the ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/1891
- NOTE: https://github.com/gpac/gpac/commit/b03c9f252526bb42fbd1b87b9f5e339c3cf2390a
+ NOTE: https://github.com/gpac/gpac/commit/b03c9f252526bb42fbd1b87b9f5e339c3cf2390a (v2.0.0)
CVE-2021-40572 (The binary MP4Box in Gpac 1.0.1 has a double-free bug in the av1dmx_fi ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/1893
- NOTE: https://github.com/gpac/gpac/commit/7bb1b4a4dd23c885f9db9f577dfe79ecc5433109
+ NOTE: https://github.com/gpac/gpac/commit/7bb1b4a4dd23c885f9db9f577dfe79ecc5433109 (v2.0.0)
CVE-2021-40571 (The binary MP4Box in Gpac 1.0.1 has a double-free vulnerability in the ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/1895
- NOTE: https://github.com/gpac/gpac/commit/a69b567b8c95c72f9560c873c5ab348be058f340
+ NOTE: https://github.com/gpac/gpac/commit/a69b567b8c95c72f9560c873c5ab348be058f340 (v2.0.0)
CVE-2021-40570 (The binary MP4Box in Gpac 1.0.1 has a double-free vulnerability in the ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/1899
- NOTE: https://github.com/gpac/gpac/commit/04dbf08bff4d61948bab80c3f9096ecc60c7f302
+ NOTE: https://github.com/gpac/gpac/commit/04dbf08bff4d61948bab80c3f9096ecc60c7f302 (v2.0.0)
CVE-2021-40569 (The binary MP4Box in Gpac through 1.0.1 has a double-free vulnerabilit ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/1890
- NOTE: https://github.com/gpac/gpac/commit/b03c9f252526bb42fbd1b87b9f5e339c3cf2390a
+ NOTE: https://github.com/gpac/gpac/commit/b03c9f252526bb42fbd1b87b9f5e339c3cf2390a (v2.0.0)
CVE-2021-40568 (A buffer overflow vulnerability exists in Gpac through 1.0.1 via a mal ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/1900
- NOTE: https://github.com/gpac/gpac/commit/f1ae01d745200a258cdf62622f71754c37cb6c30
+ NOTE: https://github.com/gpac/gpac/commit/f1ae01d745200a258cdf62622f71754c37cb6c30 (v2.0.0)
CVE-2021-40567 (Segmentation fault vulnerability exists in Gpac through 1.0.1 via the ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/1889
- NOTE: https://github.com/gpac/gpac/commit/f5a038e6893019ee471b6a57490cf7a495673816
+ NOTE: https://github.com/gpac/gpac/commit/f5a038e6893019ee471b6a57490cf7a495673816 (v2.0.0)
CVE-2021-40566 (A Segmentation fault casued by heap use after free vulnerability exist ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/1887
- NOTE: https://github.com/gpac/gpac/commit/96047e0e6166407c40cc19f4e94fb35cd7624391
+ NOTE: https://github.com/gpac/gpac/commit/96047e0e6166407c40cc19f4e94fb35cd7624391 (v2.0.0)
CVE-2021-40565 (A Segmentation fault caused by a null pointer dereference vulnerabilit ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/1902
- NOTE: https://github.com/gpac/gpac/commit/893fb99b606eebfae46cde151846a980e689039b
+ NOTE: https://github.com/gpac/gpac/commit/893fb99b606eebfae46cde151846a980e689039b (v2.0.0)
CVE-2021-40564 (A Segmentation fault caused by null pointer dereference vulnerability ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/1898
- NOTE: https://github.com/gpac/gpac/commit/cf6771c857eb9a290e2c19ddacfdd3ed98b27618
+ NOTE: https://github.com/gpac/gpac/commit/cf6771c857eb9a290e2c19ddacfdd3ed98b27618 (v2.0.0)
CVE-2021-40563 (A Segmentation fault exists casued by null pointer dereference exists ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/1892
- NOTE: https://github.com/gpac/gpac/commit/5ce0c906ed8599d218036b18b78e8126a496f137
+ NOTE: https://github.com/gpac/gpac/commit/5ce0c906ed8599d218036b18b78e8126a496f137 (v2.0.0)
CVE-2021-40562 (A Segmentation fault caused by a floating point exception exists in Gp ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/1901
- NOTE: https://github.com/gpac/gpac/commit/5dd71c7201a3e5cf40732d585bfb21c906c171d3
+ NOTE: https://github.com/gpac/gpac/commit/5dd71c7201a3e5cf40732d585bfb21c906c171d3 (v2.0.0)
CVE-2021-40561
RESERVED
CVE-2021-40560
RESERVED
CVE-2021-40559 (A null pointer deference vulnerability exists in gpac through 1.0.1 vi ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/1886
- NOTE: https://github.com/gpac/gpac/commit/70607fc71a671cf48a05e013a4e411429373dce7
+ NOTE: https://github.com/gpac/gpac/commit/70607fc71a671cf48a05e013a4e411429373dce7 (v2.0.0)
CVE-2021-40558
RESERVED
CVE-2021-40557
@@ -40907,12 +40954,13 @@ CVE-2021-36586
CVE-2021-36585
RESERVED
CVE-2021-36584 (An issue was discovered in GPAC 1.0.1. There is a heap-based buffer ov ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed> (bug #991965)
[bullseye] - gpac <ignored> (Minor issue)
[buster] - gpac <ignored> (Minor issue)
[stretch] - gpac <ignored> (Minor issue)
NOTE: https://github.com/gpac/gpac/issues/1842
- NOTE: https://github.com/gpac/gpac/commit/13442ec1c401a4181ba6d7f79c27df6054c817c7
+ NOTE: https://github.com/gpac/gpac/commit/13442ec1c401a4181ba6d7f79c27df6054c817c7 (v2.0.0)
CVE-2021-36583
RESERVED
CVE-2021-36582 (In Kooboo CMS 2.1.1.0, it is possible to upload a remote shell (e.g., ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9f9dceb96f98bb42c94754f285b917742121cf6c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9f9dceb96f98bb42c94754f285b917742121cf6c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220225/cd4a5fb2/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list