Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
99ed24cb by Moritz Muehlenhoff at 2021-07-06T09:41:28+02:00
buster triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11391,14 +11391,17 @@ CVE-2021-31263
RESERVED
CVE-2021-31262 (The AV1_DuplicateConfig function in GPAC 1.0.1 allows
attackers to cau ...)
- gpac 1.0.1+dfsg1-4 (bug #987280)
+ [buster] - gpac <not-affected> (Vulnerable code not present)
NOTE:
https://github.com/gpac/gpac/commit/b2eab95e07cb5819375a50358d4806a8813b6e50
NOTE: https://github.com/gpac/gpac/issues/1738
CVE-2021-31261 (The gf_hinter_track_new function in GPAC 1.0.1 allows
attackers to rea ...)
- - gpac 1.0.1+dfsg1-4 (bug #987280)
+ - gpac 1.0.1+dfsg1-4 (unimportant; bug #987280)
NOTE:
https://github.com/gpac/gpac/commit/cd3738dea038dbd12e603ad48cd7373ae0440f65
NOTE: https://github.com/gpac/gpac/issues/1737
+ NOTE: Negligible security impact
CVE-2021-31260 (The MergeTrack function in GPAC 1.0.1 allows attackers to
cause a deni ...)
- gpac 1.0.1+dfsg1-4 (bug #987280)
+ [buster] - gpac <no-dsa> (Minor issue)
NOTE:
https://github.com/gpac/gpac/commit/df8fffd839fe5ae9acd82d26fd48280a397411d9
NOTE: https://github.com/gpac/gpac/issues/1736
CVE-2021-31259 (The gf_isom_cenc_get_default_info_internal function in GPAC
1.0.1 allo ...)
@@ -11408,18 +11411,22 @@ CVE-2021-31259 (The
gf_isom_cenc_get_default_info_internal function in GPAC 1.0.
NOTE: Introduced in
https://github.com/gpac/gpac/commit/f966d85ee940b0a19dbbe972bc9ff042a98d7264
(after v1.0.1)
CVE-2021-31258 (The gf_isom_set_extraction_slc function in GPAC 1.0.1 allows
attackers ...)
- gpac 1.0.1+dfsg1-4 (bug #987280)
+ [buster] - gpac <no-dsa> (Minor issue)
NOTE:
https://github.com/gpac/gpac/commit/ebfa346eff05049718f7b80041093b4c5581c24e
NOTE: https://github.com/gpac/gpac/issues/1706
CVE-2021-31257 (The HintFile function in GPAC 1.0.1 allows attackers to cause
a denial ...)
- gpac 1.0.1+dfsg1-4 (bug #987280)
+ [buster] - gpac <no-dsa> (Minor issue)
NOTE:
https://github.com/gpac/gpac/commit/87afe070cd6866df7fe80f11b26ef75161de85e0
NOTE: https://github.com/gpac/gpac/issues/1734
CVE-2021-31256 (Memory leak in the stbl_GetSampleInfos function in MP4Box in
GPAC 1.0. ...)
- - gpac 1.0.1+dfsg1-4 (bug #987280)
+ - gpac 1.0.1+dfsg1-4 (bug #987280; unimportant)
NOTE:
https://github.com/gpac/gpac/commit/2da2f68bffd51d89b1d272d22aa8cc023c1c066e
NOTE: https://github.com/gpac/gpac/issues/1705
+ NOTE: Negligible security impact
CVE-2021-31255 (Buffer overflow in the abst_box_read function in MP4Box in
GPAC 1.0.1 ...)
- gpac 1.0.1+dfsg1-4 (bug #987280)
+ [buster] - gpac <not-affected> (Vulnerable code not present)
NOTE:
https://github.com/gpac/gpac/commit/758135e91e623d7dfe7f6aaad7aeb3f791b7a4e5
NOTE: https://github.com/gpac/gpac/issues/1733
CVE-2021-31254 (Buffer overflow in the tenc_box_read function in MP4Box in
GPAC 1.0.1 ...)
@@ -13870,6 +13877,7 @@ CVE-2021-30200
RESERVED
CVE-2021-30199 (In filters/reframe_latm.c in GPAC 1.0.1 there is a Null
Pointer Derefe ...)
- gpac 1.0.1+dfsg1-4 (bug #987323)
+ [buster] - gpac <not-affected> (Vulnerable code not present)
NOTE:
https://github.com/gpac/gpac/commit/b2db2f99b4c30f96e17b9a14537c776da6cb5dca
NOTE: https://github.com/gpac/gpac/issues/1728
CVE-2021-30198
@@ -14393,16 +14401,19 @@ CVE-2021-30023
RESERVED
CVE-2021-30022 (There is a integer overflow in media_tools/av_parsers.c in the
gf_avc_ ...)
- gpac 1.0.1+dfsg1-4 (bug #987323)
+ [buster] - gpac <not-affected> (Vulnerable code not present)
NOTE:
https://github.com/gpac/gpac/commit/51cdb67ff7c5f1242ac58c5aa603ceaf1793b788
NOTE: https://github.com/gpac/gpac/issues/1720
CVE-2021-30021
RESERVED
CVE-2021-30020 (In the function gf_hevc_read_pps_bs_internal function in
media_tools/a ...)
- gpac 1.0.1+dfsg1-4 (bug #987323)
+ [buster] - gpac <not-affected> (Vulnerable code not present)
NOTE:
https://github.com/gpac/gpac/commit/51cdb67ff7c5f1242ac58c5aa603ceaf1793b788
NOTE: https://github.com/gpac/gpac/issues/1722
CVE-2021-30019 (In the adts_dmx_process function in filters/reframe_adts.c in
GPAC 1.0 ...)
- gpac 1.0.1+dfsg1-4 (bug #987323)
+ [buster] - gpac <not-affected> (Vulnerable code not present)
NOTE:
https://github.com/gpac/gpac/commit/22774aa9e62f586319c8f107f5bae950fed900bc
NOTE: https://github.com/gpac/gpac/issues/1723
CVE-2021-30018
@@ -14413,6 +14424,7 @@ CVE-2021-30016
RESERVED
CVE-2021-30015 (There is a Null Pointer Dereference in function
filter_core/filter_pck ...)
- gpac 1.0.1+dfsg1-4 (bug #987323)
+ [buster] - gpac <not-affected> (Vulnerable code not present)
NOTE:
https://github.com/gpac/gpac/commit/13dad7d5ef74ca2e6fe4010f5b03eb12e9bbe0ec
NOTE: https://github.com/gpac/gpac/issues/1719
CVE-2021-30014 (There is a integer overflow in media_tools/av_parsers.c in the
hevc_pa ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/99ed24cb7d712ecff548f02fe60044be90a5ab14
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/99ed24cb7d712ecff548f02fe60044be90a5ab14
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
