Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b6022c7d by Salvatore Bonaccorso at 2020-11-21T11:51:27+01:00
Track fixes via experimental for various gpac affecting CVEs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -43637,6 +43637,7 @@ CVE-2020-11560 (NCH Express Invoice 7.25 allows local
users to discover the clea
CVE-2020-11559
RESERVED
CVE-2020-11558 (An issue was discovered in libgpac.a in GPAC 0.8.0, as
demonstrated by ...)
+ [experimental] - gpac 1.0.1+dfsg1-1
- gpac <unfixed> (bug #972053)
[buster] - gpac <no-dsa> (Minor issue)
[stretch] - gpac <no-dsa> (Minor issue)
@@ -45443,6 +45444,7 @@ CVE-2020-10882 (This vulnerability allows
network-adjacent attackers to execute
CVE-2020-10881 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
NOT-FOR-US: TP-Link
CVE-2019-20632 (An issue was discovered in libgpac.a in GPAC before 0.8.0, as
demonstr ...)
+ [experimental] - gpac 1.0.1+dfsg1-1
- gpac <unfixed> (bug #972053)
[buster] - gpac <no-dsa> (Minor issue)
[stretch] - gpac <no-dsa> (Minor issue)
@@ -45450,6 +45452,7 @@ CVE-2019-20632 (An issue was discovered in libgpac.a in
GPAC before 0.8.0, as de
NOTE:
https://github.com/gpac/gpac/commit/1ab4860609f2e7a35634930571e7d0531297e090
NOTE: https://github.com/gpac/gpac/issues/1271
CVE-2019-20631 (An issue was discovered in libgpac.a in GPAC before 0.8.0, as
demonstr ...)
+ [experimental] - gpac 1.0.1+dfsg1-1
- gpac <unfixed> (bug #972053)
[buster] - gpac <no-dsa> (Minor issue)
[stretch] - gpac <no-dsa> (Minor issue)
@@ -45457,6 +45460,7 @@ CVE-2019-20631 (An issue was discovered in libgpac.a in
GPAC before 0.8.0, as de
NOTE:
https://github.com/gpac/gpac/commit/1ab4860609f2e7a35634930571e7d0531297e090
NOTE: https://github.com/gpac/gpac/issues/1270
CVE-2019-20630 (An issue was discovered in libgpac.a in GPAC before 0.8.0, as
demonstr ...)
+ [experimental] - gpac 1.0.1+dfsg1-1
- gpac <unfixed> (bug #972053)
[buster] - gpac <no-dsa> (Minor issue)
[stretch] - gpac <no-dsa> (Minor issue)
@@ -45464,6 +45468,7 @@ CVE-2019-20630 (An issue was discovered in libgpac.a in
GPAC before 0.8.0, as de
NOTE:
https://github.com/gpac/gpac/commit/1ab4860609f2e7a35634930571e7d0531297e090
NOTE: https://github.com/gpac/gpac/issues/1268
CVE-2019-20629 (An issue was discovered in libgpac.a in GPAC before 0.8.0, as
demonstr ...)
+ [experimental] - gpac 1.0.1+dfsg1-1
- gpac <unfixed> (bug #972053)
[buster] - gpac <no-dsa> (Minor issue)
[stretch] - gpac <no-dsa> (Minor issue)
@@ -45471,6 +45476,7 @@ CVE-2019-20629 (An issue was discovered in libgpac.a in
GPAC before 0.8.0, as de
NOTE:
https://github.com/gpac/gpac/commit/2320eb73afba753b39b7147be91f7be7afc0eeb7
NOTE: https://github.com/gpac/gpac/issues/1264
CVE-2019-20628 (An issue was discovered in libgpac.a in GPAC before 0.8.0, as
demonstr ...)
+ [experimental] - gpac 1.0.1+dfsg1-1
- gpac <unfixed> (bug #972053)
[buster] - gpac <no-dsa> (Minor issue)
[stretch] - gpac <no-dsa> (Minor issue)
@@ -56259,6 +56265,7 @@ CVE-2020-6633
CVE-2020-6632 (In PrestaShop 1.7.6.2, XSS can occur during addition or removal
of a Q ...)
NOT-FOR-US: PrestaShop
CVE-2020-6631 (An issue was discovered in GPAC version 0.8.0. There is a NULL
pointer ...)
+ [experimental] - gpac 1.0.1+dfsg1-1
- gpac <unfixed> (bug #972053)
[buster] - gpac <no-dsa> (Minor issue)
[stretch] - gpac <no-dsa> (Minor issue)
@@ -56267,6 +56274,7 @@ CVE-2020-6631 (An issue was discovered in GPAC version
0.8.0. There is a NULL po
NOTE:
https://github.com/gpac/gpac/commit/c7e46e948ebe2d4a532539c7e714cdf655b84521
NOTE: fix considered "ugly" by upstream and introduces abort(3)-based
DoS
CVE-2020-6630 (An issue was discovered in GPAC version 0.8.0. There is a NULL
pointer ...)
+ [experimental] - gpac 1.0.1+dfsg1-1
- gpac <unfixed> (bug #972053)
[buster] - gpac <no-dsa> (Minor issue)
[stretch] - gpac <no-dsa> (Minor issue)
@@ -60217,6 +60225,7 @@ CVE-2019-20209 (The CTHthemes CityBook before 2.3.4,
TownHub before 1.0.6, and E
NOT-FOR-US: themes for WordPress
CVE-2019-20208 (dimC_Read in isomedia/box_code_3gpp.c in GPAC 0.8.0 has a
stack-based ...)
{DLA-2072-1}
+ [experimental] - gpac 1.0.1+dfsg1-1
- gpac <unfixed> (bug #972053)
[buster] - gpac <no-dsa> (Minor issue)
[stretch] - gpac <no-dsa> (Minor issue)
@@ -60423,6 +60432,7 @@ CVE-2019-20171 (An issue was discovered in GPAC version
0.8.0 and 0.9.0-developm
NOTE:
https://github.com/gpac/gpac/commit/2bcca3f1d4605100bb27d3ed7be25b53cddbc75c
CVE-2019-20170 (An issue was discovered in GPAC version 0.8.0 and
0.9.0-development-20 ...)
{DLA-2072-1}
+ [experimental] - gpac 1.0.1+dfsg1-1
- gpac <unfixed> (bug #972053)
[buster] - gpac <no-dsa> (Minor issue)
[stretch] - gpac <no-dsa> (Minor issue)
@@ -60449,6 +60459,7 @@ CVE-2019-20166 (An issue was discovered in GPAC version
0.8.0 and 0.9.0-developm
NOTE:
https://github.com/gpac/gpac/commit/5250afecbc770c8f26829e9566d5b226a3c5fa80
(chunk #2)
CVE-2019-20165 (An issue was discovered in GPAC version 0.8.0 and
0.9.0-development-20 ...)
{DLA-2072-1}
+ [experimental] - gpac 1.0.1+dfsg1-1
- gpac <unfixed> (bug #972053)
[buster] - gpac <no-dsa> (Minor issue)
[stretch] - gpac <no-dsa> (Minor issue)
@@ -60460,6 +60471,7 @@ CVE-2019-20164 (An issue was discovered in GPAC version
0.8.0 and 0.9.0-developm
NOTE:
https://github.com/gpac/gpac/commit/5250afecbc770c8f26829e9566d5b226a3c5fa80
(chunk #2)
CVE-2019-20163 (An issue was discovered in GPAC version 0.8.0 and
0.9.0-development-20 ...)
{DLA-2072-1}
+ [experimental] - gpac 1.0.1+dfsg1-1
- gpac <unfixed> (bug #972053)
[buster] - gpac <no-dsa> (Minor issue)
[stretch] - gpac <no-dsa> (Minor issue)
@@ -60467,6 +60479,7 @@ CVE-2019-20163 (An issue was discovered in GPAC version
0.8.0 and 0.9.0-developm
NOTE:
https://github.com/gpac/gpac/commit/5250afecbc770c8f26829e9566d5b226a3c5fa80
(chunk #4)
CVE-2019-20162 (An issue was discovered in GPAC version 0.8.0 and
0.9.0-development-20 ...)
{DLA-2072-1}
+ [experimental] - gpac 1.0.1+dfsg1-1
- gpac <unfixed> (bug #972053)
[buster] - gpac <no-dsa> (Minor issue)
[stretch] - gpac <no-dsa> (Minor issue)
@@ -60474,6 +60487,7 @@ CVE-2019-20162 (An issue was discovered in GPAC version
0.8.0 and 0.9.0-developm
NOTE:
https://github.com/gpac/gpac/commit/3c0ba42546c8148c51169c3908e845c308746c77
CVE-2019-20161 (An issue was discovered in GPAC version 0.8.0 and
0.9.0-development-20 ...)
{DLA-2072-1}
+ [experimental] - gpac 1.0.1+dfsg1-1
- gpac <unfixed> (bug #972053)
[buster] - gpac <no-dsa> (Minor issue)
[stretch] - gpac <no-dsa> (Minor issue)
@@ -81635,6 +81649,7 @@ CVE-2018-21017 (GPAC 0.7.1 has a memory leak in
dinf_Read in isomedia/box_code_b
NOTE: Fixed by:
https://github.com/gpac/gpac/commit/d2371b4b204f0a3c0af51ad4e9b491144dd1225c
(v0.8.)
CVE-2018-21016 (audio_sample_entry_AddBox() at isomedia/box_code_base.c in
GPAC 0.7.1 ...)
{DLA-2072-1}
+ [experimental] - gpac 1.0.1+dfsg1-1
- gpac <unfixed> (bug #940882)
[buster] - gpac <no-dsa> (Minor issue)
[stretch] - gpac <no-dsa> (Minor issue)
@@ -81642,6 +81657,7 @@ CVE-2018-21016 (audio_sample_entry_AddBox() at
isomedia/box_code_base.c in GPAC
NOTE:
https://github.com/gpac/gpac/commit/ea13945f3c2dc2c21e30e2731bf2782384307a13
CVE-2018-21015 (AVC_DuplicateConfig() at isomedia/avc_ext.c in GPAC 0.7.1
allows remot ...)
{DLA-2072-1}
+ [experimental] - gpac 1.0.1+dfsg1-1
- gpac <unfixed> (bug #940882)
[buster] - gpac <no-dsa> (Minor issue)
[stretch] - gpac <no-dsa> (Minor issue)
@@ -90656,6 +90672,7 @@ CVE-2019-13619 (In Wireshark 3.0.0 to 3.0.2, 2.6.0 to
2.6.9, and 2.4.0 to 2.4.15
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=7e90aed666e809c0db5de9d1816802a7dcea28d9
CVE-2019-13618 (In GPAC before 0.8.0, isomedia/isom_read.c in libgpac.a has a
heap-bas ...)
{DLA-2072-1}
+ [experimental] - gpac 1.0.1+dfsg1-1
- gpac <unfixed> (low; bug #932242)
[buster] - gpac <no-dsa> (Minor issue)
[stretch] - gpac <no-dsa> (Minor issue)
@@ -94754,6 +94771,7 @@ CVE-2019-12484
RESERVED
CVE-2019-12483 (An issue was discovered in GPAC 0.7.1. There is a heap-based
buffer ov ...)
{DLA-1841-1}
+ [experimental] - gpac 1.0.1+dfsg1-1
- gpac <unfixed> (bug #931088)
[buster] - gpac <no-dsa> (Minor issue)
[stretch] - gpac <no-dsa> (Minor issue)
@@ -94761,6 +94779,7 @@ CVE-2019-12483 (An issue was discovered in GPAC 0.7.1.
There is a heap-based buf
NOTE:
https://github.com/gpac/gpac/commit/f40aaaf959d4d1f7fa0dcd04c0666592e615c8f1
CVE-2019-12482 (An issue was discovered in GPAC 0.7.1. There is a NULL pointer
derefer ...)
{DLA-1841-1}
+ [experimental] - gpac 1.0.1+dfsg1-1
- gpac <unfixed> (bug #931088)
[buster] - gpac <no-dsa> (Minor issue)
[stretch] - gpac <no-dsa> (Minor issue)
@@ -94768,6 +94787,7 @@ CVE-2019-12482 (An issue was discovered in GPAC 0.7.1.
There is a NULL pointer d
NOTE:
https://github.com/gpac/gpac/commit/f40aaaf959d4d1f7fa0dcd04c0666592e615c8f1
CVE-2019-12481 (An issue was discovered in GPAC 0.7.1. There is a NULL pointer
derefer ...)
{DLA-1841-1}
+ [experimental] - gpac 1.0.1+dfsg1-1
- gpac <unfixed> (bug #931088)
[buster] - gpac <no-dsa> (Minor issue)
[stretch] - gpac <no-dsa> (Minor issue)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b6022c7de45370b820e27abedeb4b597d64bd500
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b6022c7de45370b820e27abedeb4b597d64bd500
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
