[Git][security-tracker-team/security-tracker][master] Triage CVE-2023-50120, CVE-2024-0321 & CVE-2024-0322 in gpac for buster LTS.

Chris Lamb (@lamby) lamby at debian.org
Tue Jan 16 10:04:02 GMT 2024 


Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c32a5597 by Chris Lamb at 2024-01-16T10:03:24+00:00
Triage CVE-2023-50120, CVE-2024-0321 & CVE-2024-0322 in gpac for buster LTS.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1077,6 +1077,7 @@ CVE-2023-50172 (A recovery notification bypass vulnerability exists in the userR
 CVE-2023-50120 (MP4Box GPAC version 2.3-DEV-rev636-gfbd7e13aa-master was discovered to ...)
 	- gpac <unfixed> (bug #1060696)
 	[bullseye] - gpac <not-affected> (Vulnerable code not present)
+	[buster] - gpac <end-of-life> (EOL in buster LTS)
 	NOTE: https://github.com/gpac/gpac/issues/2698
 	NOTE: https://github.com/gpac/gpac/commit/b655955b840ccd7c7198bb15375aa510e76208eb
 CVE-2023-49864 (An information disclosure vulnerability exists in the aVideoEncoderRec ...)
@@ -1589,10 +1590,12 @@ CVE-2024-21644 (pyLoad is the free and open-source Download Manager written in p
 	- pyload <itp> (bug #1001980)
 CVE-2024-0322 (Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV.)
 	- gpac <unfixed> (bug #1060409)
+	[buster] - gpac <end-of-life> (EOL in buster LTS)
 	NOTE: https://huntr.com/bounties/87611fc9-ed7c-43e9-8e52-d83cd270bbec/
 	NOTE: https://github.com/gpac/gpac/commit/092904b80edbc4dce315684a59cc3184c45c1b70
 CVE-2024-0321 (Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2. ...)
 	- gpac <unfixed> (bug #1060409)
+	[buster] - gpac <end-of-life> (EOL in buster LTS)
 	NOTE: https://huntr.com/bounties/4c027b94-8e9c-4c31-a169-893b25047769/
 	NOTE: https://github.com/gpac/gpac/commit/d0ced41651b279bb054eb6390751e2d4eb84819a
 CVE-2024-0308 (A vulnerability was found in Inis up to 2.0.1. It has been rated as cr ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c32a55974121084e1feae79cdac604e311bb40bb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c32a55974121084e1feae79cdac604e311bb40bb
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240116/47be807b/attachment.htm>

More information about the debian-security-tracker-commits mailing list