[Git][security-tracker-team/security-tracker][master] Track some older gpac issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Jun 29 20:32:57 BST 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d9140107 by Salvatore Bonaccorso at 2022-06-29T21:32:37+02:00
Track some older gpac issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -55692,7 +55692,9 @@ CVE-2021-40946
 CVE-2021-40945
 	RESERVED
 CVE-2021-40944 (In GPAC MP4Box 1.1.0, there is a Null pointer reference in the functio ...)
-	TODO: check
+	- gpac 2.0.0+dfsg1-2
+	NOTE: https://github.com/gpac/gpac/issues/1906
+	NOTE: https://github.com/gpac/gpac/commit/44fdc3d972c31c56efe73e1a3b63438d46087652 (v2.0.0)
 CVE-2021-40943 (In Bento4 1.6.0-638, there is a null pointer reference in the function ...)
 	NOT-FOR-US: Bento4
 CVE-2021-40942 (In GPAC MP4Box v1.1.0, there is a heap-buffer-overflow in the function ...)
@@ -56508,13 +56510,21 @@ CVE-2021-40611
 CVE-2021-40610 (Emlog Pro v 1.0.4 cross-site scripting (XSS) in Emlog Pro background m ...)
 	NOT-FOR-US: emlog
 CVE-2021-40609 (The GetHintFormat function in GPAC 1.0.1 allows attackers to cause a d ...)
-	TODO: check
+	- gpac 2.0.0+dfsg1-2
+	NOTE: https://github.com/gpac/gpac/issues/1894
+	NOTE: https://github.com/gpac/gpac/commit/86c1566f040b2b84c72afcb6cbd444c5aff56cfe (v2.0.0)
 CVE-2021-40608 (The gf_hinter_track_finalize function in GPAC 1.0.1 allows attackers t ...)
-	TODO: check
+	- gpac 2.0.0+dfsg1-2
+	NOTE: https://github.com/gpac/gpac/issues/1883
+	NOTE: https://github.com/gpac/gpac/commit/b09c75dc2d4bf68ac447daa71e72365aa30231a9 (v2.0.0)
 CVE-2021-40607 (The schm_box_size function in GPAC 1.0.1 allows attackers to cause a d ...)
-	TODO: check
+	- gpac 2.0.0+dfsg1-2
+	NOTE: https://github.com/gpac/gpac/issues/1879
+	NOTE: https://github.com/gpac/gpac/commit/f19668964bf422cf5a63e4dbe1d3c6c75edadcbb (v2.0.0)
 CVE-2021-40606 (The gf_bs_write_data function in GPAC 1.0.1 allows attackers to cause  ...)
-	TODO: check
+	- gpac 2.0.0+dfsg1-2
+	NOTE: https://github.com/gpac/gpac/issues/1885
+	NOTE: https://github.com/gpac/gpac/commit/f5a038e6893019ee471b6a57490cf7a495673816 (v2.0.0)
 CVE-2021-40605
 	RESERVED
 CVE-2021-40604 (A Server-Side Request Forgery (SSRF) vulnerability in IPS Community Su ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d914010778fd5dc66df6c3b609a743b6387a1e75

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d914010778fd5dc66df6c3b609a743b6387a1e75
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220629/ac0fd215/attachment.htm>

More information about the debian-security-tracker-commits mailing list