[Git][security-tracker-team/security-tracker][master] Triage CVE-2023-46927, CVE-2023-46928, CVE-2023-46930 & CVE-2023-46931 in gpac for buster LTS.
Chris Lamb (@lamby)
lamby at debian.org
Thu Nov 2 14:36:45 GMT 2023
Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1e9014be by Chris Lamb at 2023-11-02T15:36:02+01:00
Triage CVE-2023-46927, CVE-2023-46928, CVE-2023-46930 & CVE-2023-46931 in gpac for buster LTS.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -66,18 +66,22 @@ CVE-2023-4452 (A vulnerability has been identified in the EDR-810, EDR-G902, and
NOT-FOR-US: Moxa
CVE-2023-46931 (GPAC 2.3-DEV-rev605-gfc9e29089-master contains a heap-buffer-overflow ...)
- gpac <unfixed>
+ [buster] - gpac <end-of-life> (EOL in buster LTS)
NOTE: https://github.com/gpac/gpac/issues/2664
NOTE: https://github.com/gpac/gpac/commit/671976fccc971b3dff8d3dcf6ebd600472ca64bf
CVE-2023-46930 (GPAC 2.3-DEV-rev605-gfc9e29089-master contains a SEGV in gpac/MP4Box i ...)
- gpac <unfixed>
+ [buster] - gpac <end-of-life> (EOL in buster LTS)
NOTE: https://github.com/gpac/gpac/issues/2666
NOTE: https://github.com/gpac/gpac/commit/3809955065afa3da1ad580012ec43deadbb0f2c8
CVE-2023-46928 (GPAC 2.3-DEV-rev605-gfc9e29089-master contains a SEGV in gpac/MP4Box i ...)
- gpac <unfixed>
+ [buster] - gpac <end-of-life> (EOL in buster LTS)
NOTE: https://github.com/gpac/gpac/issues/2661
NOTE: https://github.com/gpac/gpac/commit/0753bf6d867343a80a044bf47a27d0b7accc8bf1
CVE-2023-46927 (GPAC 2.3-DEV-rev605-gfc9e29089-master contains a heap-buffer-overflow ...)
- gpac <unfixed>
+ [buster] - gpac <end-of-life> (EOL in buster LTS)
NOTE: https://github.com/gpac/gpac/issues/2657
NOTE: https://github.com/gpac/gpac/commit/a7b467b151d9b54badbc4dd71e7a366b7c391817
CVE-2023-46911 (There is a Cross Site Scripting (XSS) vulnerability in the choose_styl ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1e9014bec18058c797befc9d4c616621560cd11e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1e9014bec18058c797befc9d4c616621560cd11e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231102/a0274482/attachment.htm>
More information about the debian-security-tracker-commits
mailing list