[Git][security-tracker-team/security-tracker][master] gpac: precise triage

Sylvain Beucler Thu, 16 Jan 2020 12:46:45 -0800


Sylvain Beucler pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
c8323a37 by Sylvain Beucler at 2020-01-16T21:46:02+01:00
gpac: precise triage
CVE-2019-20159,CVE-2019-20163,CVE-2019-20164,CVE-2019-20165,CVE-2019-20166,CVE-2019-20167

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4757,24 +4757,33 @@ CVE-2019-20168 (An issue was discovered in GPAC version 
0.8.0 and 0.9.0-developm
        NOTE: 
https://github.com/gpac/gpac/commit/5250afecbc770c8f26829e9566d5b226a3c5fa80
 CVE-2019-20167 (An issue was discovered in GPAC version 0.8.0 and 
0.9.0-development-20 ...)
        - gpac <unfixed>
+       [buster] - gpac <not-affected> (vulnerable code introduced in 
development version after v0.8)
+       [stretch] - gpac <not-affected> (vulnerable code introduced in 
development version after v0.8)
+       [jessie] - gpac <not-affected> (vulnerable code introduced in 
development version after v0.8)
        NOTE: https://github.com/gpac/gpac/issues/1330
-       NOTE: 
https://github.com/gpac/gpac/commit/5250afecbc770c8f26829e9566d5b226a3c5fa80
+       NOTE: 
https://github.com/gpac/gpac/commit/5250afecbc770c8f26829e9566d5b226a3c5fa80 
(chunk #3)
 CVE-2019-20166 (An issue was discovered in GPAC version 0.8.0 and 
0.9.0-development-20 ...)
        - gpac <unfixed>
+       [buster] - gpac <not-affected> (vulnerable code introduced in 0.7.0)
+       [stretch] - gpac <not-affected> (vulnerable code introduced in 0.7.0)
+       [jessie] - gpac <not-affected> (vulnerable code introduced in 0.7.0)
        NOTE: https://github.com/gpac/gpac/issues/1331
-       NOTE: 
https://github.com/gpac/gpac/commit/5250afecbc770c8f26829e9566d5b226a3c5fa80
+       NOTE: 
https://github.com/gpac/gpac/commit/5250afecbc770c8f26829e9566d5b226a3c5fa80 
(chunk #2)
 CVE-2019-20165 (An issue was discovered in GPAC version 0.8.0 and 
0.9.0-development-20 ...)
        - gpac <unfixed>
        NOTE: https://github.com/gpac/gpac/issues/1338
-       NOTE: 
https://github.com/gpac/gpac/commit/5250afecbc770c8f26829e9566d5b226a3c5fa80
+       NOTE: 
https://github.com/gpac/gpac/commit/5250afecbc770c8f26829e9566d5b226a3c5fa80 
(chunk #1)
 CVE-2019-20164 (An issue was discovered in GPAC version 0.8.0 and 
0.9.0-development-20 ...)
        - gpac <unfixed>
+       [buster] - gpac <not-affected> (vulnerable code introduced in 0.7.0)
+       [stretch] - gpac <not-affected> (vulnerable code introduced in 0.7.0)
+       [jessie] - gpac <not-affected> (vulnerable code introduced in 0.7.0)
        NOTE: https://github.com/gpac/gpac/issues/1332
-       NOTE: 
https://github.com/gpac/gpac/commit/5250afecbc770c8f26829e9566d5b226a3c5fa80
+       NOTE: 
https://github.com/gpac/gpac/commit/5250afecbc770c8f26829e9566d5b226a3c5fa80 
(chunk #2)
 CVE-2019-20163 (An issue was discovered in GPAC version 0.8.0 and 
0.9.0-development-20 ...)
        - gpac <unfixed>
        NOTE: https://github.com/gpac/gpac/issues/1335
-       NOTE: 
https://github.com/gpac/gpac/commit/5250afecbc770c8f26829e9566d5b226a3c5fa80
+       NOTE: 
https://github.com/gpac/gpac/commit/5250afecbc770c8f26829e9566d5b226a3c5fa80 
(chunk #4)
 CVE-2019-20162 (An issue was discovered in GPAC version 0.8.0 and 
0.9.0-development-20 ...)
        - gpac <unfixed>
        NOTE: https://github.com/gpac/gpac/issues/1327
@@ -4789,6 +4798,9 @@ CVE-2019-20160 (An issue was discovered in GPAC version 
0.8.0 and 0.9.0-developm
        NOTE: 
https://github.com/gpac/gpac/commit/bcfcb3e90476692fe0d2bb532ea8deeb2a77580e
 CVE-2019-20159 (An issue was discovered in GPAC version 0.8.0 and 
0.9.0-development-20 ...)
        - gpac <unfixed>
+       [buster] - gpac <not-affected> (vulnerable code introduced in 0.7.0)
+       [stretch] - gpac <not-affected> (vulnerable code introduced in 0.7.0)
+       [jessie] - gpac <not-affected> (vulnerable code introduced in 0.7.0)
        NOTE: https://github.com/gpac/gpac/issues/1321
        NOTE: 
https://github.com/gpac/gpac/commit/e4c1f09ab9618b6af3bec6b94b8b349f2d01dbf8
 CVE-2019-20158



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/c8323a37f4784f017ed11028224060478b3a4e3a

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/c8323a37f4784f017ed11028224060478b3a4e3a
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] gpac: precise triage

Reply via email to