[Git][security-tracker-team/security-tracker][master] new gpac issues

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7aa16ca8 by Moritz Muehlenhoff at 2025-01-24T12:55:24+01:00
new gpac issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -34,9 +34,15 @@ CVE-2024-53588 (A DLL hijacking vulnerability in iTop VPN v16.0 allows attackers
 CVE-2024-53379 (Heap buffer overflow in the server site handshake implementation in Re ...)
 	NOT-FOR-US: SharkSSL
 CVE-2024-50665 (gpac 2.4 contains a SEGV at src/isomedia/drm_sample.c:1562:96 in isom_ ...)
-	TODO: check
+	- gpac <removed>
+	[bullseye] - gpac <end-of-life> (EOL in bullseye LTS)
+	NOTE: https://github.com/gpac/gpac/issues/2987
+	NOTE: https://github.com/gpac/gpac/commit/ba8778cec7bdf5dbb722b4f0fec68e00b796d68e
 CVE-2024-50664 (gpac 2.4 contains a heap-buffer-overflow at isomedia/sample_descs.c:17 ...)
-	TODO: check
+	- gpac <removed>
+	[bullseye] - gpac <end-of-life> (EOL in bullseye LTS)
+	NOTE: https://github.com/gpac/gpac/issues/2988
+	NOTE: https://github.com/gpac/gpac/commit/56ce0b952a0a3cbd39ec1b41237df062f9648cb9
 CVE-2024-13683 (The Automate Hub Free by Sperse.IO plugin for WordPress is vulnerable  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-13680 (The Form Builder CP plugin for WordPress is vulnerable to SQL Injectio ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7aa16ca821282c149df7416e74df2ebd7e1f8fc5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7aa16ca821282c149df7416e74df2ebd7e1f8fc5
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250124/11fd9a62/attachment.htm>