[Git][security-tracker-team/security-tracker][master] Track fixes via experimental for gpac issues from #1034187

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Jun 20 20:45:29 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
eec27ed7 by Salvatore Bonaccorso at 2023-06-20T21:44:47+02:00
Track fixes via experimental for gpac issues from #1034187

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -11624,17 +11624,21 @@ CVE-2023-1657
 CVE-2023-1656 (Cleartext Transmission of Sensitive Information vulnerability in Forge ...)
 	NOT-FOR-US: ForgeRock
 CVE-2023-1655 (Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.4 ...)
+	[experimental] - gpac 2.2.1+dfsg1-1
 	- gpac <unfixed> (bug #1034187)
 	[bullseye] - gpac <not-affected> (Vulnerable code not present)
 	[buster] - gpac <not-affected> (Vulnerable code not present)
 	NOTE: https://huntr.dev/bounties/05f1d1de-bbfd-43fe-bdf9-7f73419ce7c9
 	NOTE: https://github.com/gpac/gpac/commit/e7f96c2d3774e4ea25f952bcdf55af1dd6e919f4
+	NOTE: https://github.com/gpac/gpac/commit/07a17aa004cfcdbc19ed7820444ec6586c0f980a (v2.2.1)
 CVE-2023-1654 (Denial of Service in GitHub repository gpac/gpac prior to 2.4.0.)
 	{DSA-5411-1}
+	[experimental] - gpac 2.2.1+dfsg1-1
 	- gpac <unfixed> (bug #1034187)
 	[buster] - gpac <end-of-life> (EOL in buster LTS)
 	NOTE: https://huntr.dev/bounties/33652b56-128f-41a7-afcc-10641f69ff14
 	NOTE: https://github.com/gpac/gpac/commit/2c055153d401b8c49422971e3a0159869652d3da
+	NOTE: https://github.com/gpac/gpac/commit/2dad447d37226a5adcbb1c2f2e3f47d6321c8cbe (v2.2.1)
 CVE-2023-1653
 	RESERVED
 CVE-2023-1652 (A use-after-free flaw was found in nfsd4_ssc_setup_dul in fs/nfsd/nfs4 ...)
@@ -13092,26 +13096,32 @@ CVE-2023-1453 (A vulnerability was found in Watchdog Anti-Virus 1.4.214.0. It ha
 	NOT-FOR-US: Watchdog Anti-Virus
 CVE-2023-1452 (A vulnerability was found in GPAC 2.3-DEV-rev35-gbbca86917-master. It  ...)
 	{DSA-5411-1}
+	[experimental] - gpac 2.2.1+dfsg1-1
 	- gpac <unfixed> (bug #1034187)
 	[buster] - gpac <end-of-life> (EOL in buster LTS)
 	NOTE: https://github.com/gpac/gpac/issues/2386
 	NOTE: https://github.com/gpac/gpac/commit/a5efec8187de02d1f0a412140b0bf030a6747d3f
+	NOTE: https://github.com/gpac/gpac/commit/6d6c4533ca7004f76d524129b52bda241dc231b5 (v2.2.1)
 CVE-2023-1451 (A vulnerability was found in MP4v2 2.1.2. It has been classified as pr ...)
 	- mp4v2 <removed>
 CVE-2023-1450 (A vulnerability was found in MP4v2 2.1.2 and classified as problematic ...)
 	- mp4v2 <removed>
 CVE-2023-1449 (A vulnerability has been found in GPAC 2.3-DEV-rev35-gbbca86917-master ...)
 	{DSA-5411-1}
+	[experimental] - gpac 2.2.1+dfsg1-1
 	- gpac <unfixed> (bug #1034187)
 	[buster] - gpac <end-of-life> (EOL in buster LTS)
 	NOTE: https://github.com/gpac/gpac/issues/2387
 	NOTE: https://github.com/gpac/gpac/commit/8ebbfd61c73d61a2913721a492e5a81fb8d9f9a9
+	NOTE: https://github.com/gpac/gpac/commit/7c07b1346d64354ba3ac6412097cce1db119eef0 (v2.2.1)
 CVE-2023-1448 (A vulnerability, which was classified as problematic, was found in GPA ...)
 	{DSA-5411-1}
+	[experimental] - gpac 2.2.1+dfsg1-1
 	- gpac <unfixed> (bug #1034187)
 	[buster] - gpac <end-of-life> (EOL in buster LTS)
 	NOTE: https://github.com/gpac/gpac/issues/2388
 	NOTE: https://github.com/gpac/gpac/commit/8db20cb634a546c536c31caac94e1f74b778b463
+	NOTE: https://github.com/gpac/gpac/commit/e76699a83a148345247a02501293b28bc62d6a2e (v2.2.1)
 CVE-2023-1447 (A vulnerability, which was classified as problematic, has been found i ...)
 	NOT-FOR-US: SourceCodester Medicine Tracker System
 CVE-2023-1446 (A vulnerability classified as problematic was found in Watchdog Anti-V ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eec27ed74bc25b8d62e766134a01378760eb5cae

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eec27ed74bc25b8d62e766134a01378760eb5cae
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230620/9b010cd1/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list