[Git][security-tracker-team/security-tracker][master] Add two new gpac issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Oct 18 11:10:14 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b4c53f65 by Salvatore Bonaccorso at 2023-10-18T12:09:42+02:00
Add two new gpac issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -221,7 +221,9 @@ CVE-2012-10016 (A vulnerability classified as problematic has been found in Halu
 CVE-2011-10004 (A vulnerability was found in reciply Plugin up to 1.1.7 on WordPress.  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-5595 (Denial of Service in GitHub repository gpac/gpac prior to 2.3.0-DEV.)
-	TODO: check
+	- gpac <unfixed>
+	NOTE: https://huntr.dev/bounties/0064cf76-ece1-495d-82b4-e4a1bebeb28e
+	NOTE: https://github.com/gpac/gpac/commit/7a6f636db3360bb16d18078d51e8c596f31302a1
 CVE-2023-5575 (Improper access control in the permission inheritance in Devolutions S ...)
 	NOT-FOR-US: Devolutions Server
 CVE-2023-5561 (The Popup Builder WordPress plugin through 4.1.15 does not sanitise an ...)
@@ -518,7 +520,9 @@ CVE-2018-25091 (urllib3 before 1.24.2 does not remove the authorization HTTP hea
 	NOTE: This issue exists because of an incomplete fix for CVE-2018-20060 (which was case-sensitive).
 	NOTE: Fixed by https://github.com/urllib3/urllib3/commit/adb358f8e06865406d1f05e581a16cbea2136fbc (1.25)
 CVE-2023-5586 (NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.3.0 ...)
-	TODO: check
+	- gpac <unfixed>
+	NOTE: https://huntr.dev/bounties/d2a6ea71-3555-47a6-9b18-35455d103740
+	NOTE: https://github.com/gpac/gpac/commit/ca1b48f0abe71bf81a58995d7d75dc27f5a17ddc
 CVE-2023-5585 (A vulnerability was found in SourceCodester Online Motorcycle Rental S ...)
 	NOT-FOR-US: SourceCodester
 CVE-2023-45871 (An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c i ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b4c53f65cd035e89bd8f210f9aaec419fd4ead37

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b4c53f65cd035e89bd8f210f9aaec419fd4ead37
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231018/cd1756ea/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list