Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
75fdfb7f by Moritz Muehlenhoff at 2022-02-25T22:24:46+01:00
more gpac fixes in experimental
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5044,11 +5044,12 @@ CVE-2022-24251
CVE-2022-24250
RESERVED
CVE-2022-24249 (A Null Pointer Dereference vulnerability exists in GPAC 1.1.0
via the ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
[bullseye] - gpac <no-dsa> (Minor issue)
[buster] - gpac <no-dsa> (Minor issue)
NOTE: https://github.com/gpac/gpac/issues/2081
- NOTE:
https://github.com/gpac/gpac/commit/71f9871fc210e60df041b58c84572782b4849de9
+ NOTE:
https://github.com/gpac/gpac/commit/71f9871fc210e60df041b58c84572782b4849de9
(v2.0.0)
CVE-2022-24248
RESERVED
CVE-2022-24247
@@ -8414,19 +8415,21 @@ CVE-2021-46315 (Remote Command Execution (RCE)
vulnerability exists in HNAP1/con
CVE-2021-46314 (A Remote Command Execution (RCE) vulnerability exists in
HNAP1/control ...)
NOT-FOR-US: D-Link
CVE-2021-46313 (The binary MP4Box in GPAC v1.0.1 was discovered to contain a
segmentat ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
[bullseye] - gpac <ignored> (Minor issue)
[buster] - gpac <ignored> (Minor issue)
NOTE: https://github.com/gpac/gpac/issues/2039
- NOTE:
https://github.com/gpac/gpac/commit/ee969d3c4c425ecb25999eb68ada616925b58eba
+ NOTE:
https://github.com/gpac/gpac/commit/ee969d3c4c425ecb25999eb68ada616925b58eba
(v2.0.0)
CVE-2021-46312
RESERVED
CVE-2021-46311 (A NULL pointer dereference vulnerability exists in GPAC v1.1.0
via the ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
[bullseye] - gpac <ignored> (Minor issue)
[buster] - gpac <ignored> (Minor issue)
NOTE: https://github.com/gpac/gpac/issues/2038
- NOTE:
https://github.com/gpac/gpac/commit/ad19e0c4504a89ca273442b1b1483ae7adfb9491
+ NOTE:
https://github.com/gpac/gpac/commit/ad19e0c4504a89ca273442b1b1483ae7adfb9491
(v2.0.0)
CVE-2021-46310
RESERVED
CVE-2021-46309 (An SQL Injection vulnerability exists in Sourcecodester
Employee and V ...)
@@ -9922,38 +9925,44 @@ CVE-2021-46242 (HDF5 v1.13.1-1 was discovered to
contain a heap-use-after free v
CVE-2021-46241
RESERVED
CVE-2021-46240 (A NULL pointer dereference vulnerability exists in GPAC v1.1.0
via the ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
[bullseye] - gpac <ignored> (Minor issue)
[buster] - gpac <ignored> (Minor issue)
NOTE: https://github.com/gpac/gpac/issues/2028
- NOTE:
https://github.com/gpac/gpac/commit/31eb879ea67b3a6ff67d3211f4c6b83369d4898d
+ NOTE:
https://github.com/gpac/gpac/commit/31eb879ea67b3a6ff67d3211f4c6b83369d4898d
(v2.0.0)
CVE-2021-46239 (The binary MP4Box in GPAC v1.1.0 was discovered to contain an
invalid ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
[bullseye] - gpac <ignored> (Minor issue)
[buster] - gpac <ignored> (Minor issue)
NOTE: https://github.com/gpac/gpac/issues/2026
- NOTE:
https://github.com/gpac/gpac/commit/4e1215758fa89455e8de1262df36f11740bb1bc4
+ NOTE:
https://github.com/gpac/gpac/commit/4e1215758fa89455e8de1262df36f11740bb1bc4
(v2.0.0)
CVE-2021-46238 (GPAC v1.1.0 was discovered to contain a stack overflow via the
functio ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
[bullseye] - gpac <ignored> (Minor issue)
[buster] - gpac <ignored> (Minor issue)
NOTE: https://github.com/gpac/gpac/issues/2027
- NOTE:
https://github.com/gpac/gpac/commit/4b9736ab8c9274db5858e5bf9fe0470bc3e7b6cf
+ NOTE:
https://github.com/gpac/gpac/commit/4b9736ab8c9274db5858e5bf9fe0470bc3e7b6cf
(v2.0.0)
CVE-2021-46237 (An untrusted pointer dereference vulnerability exists in GPAC
v1.1.0 v ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
[bullseye] - gpac <ignored> (Minor issue)
[buster] - gpac <ignored> (Minor issue)
NOTE: https://github.com/gpac/gpac/issues/2033
- NOTE:
https://github.com/gpac/gpac/commit/3cc122ad664a2355cce9784f50b59c6272d43f00
+ NOTE:
https://github.com/gpac/gpac/commit/3cc122ad664a2355cce9784f50b59c6272d43f00
(v2.0.0)
CVE-2021-46236 (A NULL pointer dereference vulnerability exists in GPAC v1.1.0
via the ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
[bullseye] - gpac <ignored> (Minor issue)
[buster] - gpac <ignored> (Minor issue)
NOTE: https://github.com/gpac/gpac/issues/2024
- NOTE:
https://github.com/gpac/gpac/commit/6a5effb57153cb05e72f6e9bd72afefc334a673d
+ NOTE:
https://github.com/gpac/gpac/commit/6a5effb57153cb05e72f6e9bd72afefc334a673d
(v2.0.0)
CVE-2021-46235
RESERVED
CVE-2021-46234 (A NULL pointer dereference vulnerability exists in GPAC v1.1.0
via the ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
[bullseye] - gpac <ignored> (Minor issue)
[buster] - gpac <ignored> (Minor issue)
@@ -11988,21 +11997,23 @@ CVE-2021-46052 (A Denial of Service vulnerability
exists in Binaryen 104 due to
NOTE: https://github.com/WebAssembly/binaryen/issues/4411
NOTE: Crash in CLI tool, no security impact
CVE-2021-46051 (A Pointer Dereference Vulnerability exists in GPAC 1.0.1 via
the Media ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
[bullseye] - gpac <no-dsa> (Minor issue)
[buster] - gpac <no-dsa> (Minor issue)
NOTE: https://github.com/gpac/gpac/issues/2011
- NOTE:
https://github.com/gpac/gpac/commit/f5a778edd1febd574ff9558d2faa57133bdb4a5f
+ NOTE:
https://github.com/gpac/gpac/commit/f5a778edd1febd574ff9558d2faa57133bdb4a5f
(v2.0.0)
CVE-2021-46050 (A Stack Overflow vulnerability exists in Binaryen 103 via the
printf_c ...)
- binaryen <unfixed> (unimportant)
NOTE: https://github.com/WebAssembly/binaryen/issues/4391
NOTE: Crash in CLI tool, no security impact
CVE-2021-46049 (A Pointer Dereference Vulnerability exists in GPAC 1.0.1 via
the gf_fi ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
[bullseye] - gpac <no-dsa> (Minor issue)
[buster] - gpac <no-dsa> (Minor issue)
NOTE: https://github.com/gpac/gpac/issues/2013
- NOTE:
https://github.com/gpac/gpac/commit/f5a778edd1febd574ff9558d2faa57133bdb4a5f
+ NOTE:
https://github.com/gpac/gpac/commit/f5a778edd1febd574ff9558d2faa57133bdb4a5f
(v2.0.0)
CVE-2021-46048 (A Denial of Service vulnerability exists in Binaryen 104 due
to an ass ...)
- binaryen <unfixed> (unimportant)
NOTE: https://github.com/WebAssembly/binaryen/issues/4412
@@ -12012,61 +12023,70 @@ CVE-2021-46047 (A Pointer Dereference Vulnerability
exists in GPAC 1.0.1 via the
[bullseye] - gpac <no-dsa> (Minor issue)
[buster] - gpac <no-dsa> (Minor issue)
NOTE: https://github.com/gpac/gpac/issues/2008
- NOTE:
https://github.com/gpac/gpac/commit/dd2e8b1b9378a9679de8e7e5dcb2d7841acd5dbd
+ NOTE:
https://github.com/gpac/gpac/commit/dd2e8b1b9378a9679de8e7e5dcb2d7841acd5dbd
(v2.0.0)
CVE-2021-46046 (A Pointer Derefernce Vulnerbility exists GPAC 1.0.1 the
gf_isom_box_si ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
[bullseye] - gpac <no-dsa> (Minor issue)
[buster] - gpac <no-dsa> (Minor issue)
NOTE: https://github.com/gpac/gpac/issues/2005
- NOTE:
https://github.com/gpac/gpac/commit/f5a778edd1febd574ff9558d2faa57133bdb4a5f
+ NOTE:
https://github.com/gpac/gpac/commit/f5a778edd1febd574ff9558d2faa57133bdb4a5f
(v2.0.0)
CVE-2021-46045 (GPAC 1.0.1 is affected by: Abort failed. The impact is: cause
a denial ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
[bullseye] - gpac <no-dsa> (Minor issue)
[buster] - gpac <no-dsa> (Minor issue)
NOTE: https://github.com/gpac/gpac/issues/2007
- NOTE:
https://github.com/gpac/gpac/commit/f5a778edd1febd574ff9558d2faa57133bdb4a5f
+ NOTE:
https://github.com/gpac/gpac/commit/f5a778edd1febd574ff9558d2faa57133bdb4a5f
(v2.0.0)
CVE-2021-46044 (A Pointer Dereference Vulnerabilty exists in GPAC 1.0.1via
ShiftMetaOf ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
[bullseye] - gpac <no-dsa> (Minor issue)
[buster] - gpac <no-dsa> (Minor issue)
NOTE: https://github.com/gpac/gpac/issues/2006
- NOTE:
https://github.com/gpac/gpac/commit/f5a778edd1febd574ff9558d2faa57133bdb4a5f
+ NOTE:
https://github.com/gpac/gpac/commit/f5a778edd1febd574ff9558d2faa57133bdb4a5f
(v2.0.0)
CVE-2021-46043 (A Pointer Dereference Vulnerability exits in GPAC 1.0.1 in the
gf_list ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
[bullseye] - gpac <no-dsa> (Minor issue)
[buster] - gpac <no-dsa> (Minor issue)
NOTE: https://github.com/gpac/gpac/issues/2001
- NOTE:
https://github.com/gpac/gpac/commit/f5a778edd1febd574ff9558d2faa57133bdb4a5f
+ NOTE:
https://github.com/gpac/gpac/commit/f5a778edd1febd574ff9558d2faa57133bdb4a5f
(v2.0.0)
CVE-2021-46042 (A Pointer Dereference Vulnerability exists in GPAC 1.0.1 via
the _fsee ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
[bullseye] - gpac <no-dsa> (Minor issue)
[buster] - gpac <no-dsa> (Minor issue)
NOTE: https://github.com/gpac/gpac/issues/2002
- NOTE:
https://github.com/gpac/gpac/commit/f5a778edd1febd574ff9558d2faa57133bdb4a5f
+ NOTE:
https://github.com/gpac/gpac/commit/f5a778edd1febd574ff9558d2faa57133bdb4a5f
(v2.0.0)
CVE-2021-46041 (A Segmentation Fault Vulnerability exists in GPAC 1.0.1 via
the co64_b ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
[bullseye] - gpac <no-dsa> (Minor issue)
[buster] - gpac <no-dsa> (Minor issue)
NOTE: https://github.com/gpac/gpac/issues/2004
- NOTE:
https://github.com/gpac/gpac/commit/f5a778edd1febd574ff9558d2faa57133bdb4a5f
+ NOTE:
https://github.com/gpac/gpac/commit/f5a778edd1febd574ff9558d2faa57133bdb4a5f
(v2.0.0)
CVE-2021-46040 (A Pointer Dereference Vulnerabilty exists in GPAC 1.0.1 via
the finpla ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
[bullseye] - gpac <no-dsa> (Minor issue)
[buster] - gpac <no-dsa> (Minor issue)
NOTE: https://github.com/gpac/gpac/issues/2003
- NOTE:
https://github.com/gpac/gpac/commit/f5a778edd1febd574ff9558d2faa57133bdb4a5f
+ NOTE:
https://github.com/gpac/gpac/commit/f5a778edd1febd574ff9558d2faa57133bdb4a5f
(v2.0.0)
CVE-2021-46039 (A Pointer Dereference Vulnerabilty exists in GPAC 1.0.1 via
the shift_ ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
[bullseye] - gpac <no-dsa> (Minor issue)
[buster] - gpac <no-dsa> (Minor issue)
NOTE: https://github.com/gpac/gpac/issues/1999
- NOTE:
https://github.com/gpac/gpac/commit/f5a778edd1febd574ff9558d2faa57133bdb4a5f
+ NOTE:
https://github.com/gpac/gpac/commit/f5a778edd1febd574ff9558d2faa57133bdb4a5f
(v2.0.0)
CVE-2021-46038 (A Pointer Dereference vulnerability exists in GPAC 1.0.1 in
unlink_chu ...)
+ [experimental] - gpac 2.0.0+dfsg1-1
- gpac <unfixed>
[bullseye] - gpac <no-dsa> (Minor issue)
[buster] - gpac <no-dsa> (Minor issue)
NOTE: https://github.com/gpac/gpac/issues/2000
- NOTE:
https://github.com/gpac/gpac/commit/f5a778edd1febd574ff9558d2faa57133bdb4a5f
+ NOTE:
https://github.com/gpac/gpac/commit/f5a778edd1febd574ff9558d2faa57133bdb4a5f
(v2.0.0)
CVE-2021-46037 (MCMS v5.2.4 was discovered to contain an arbitrary file
deletion vulne ...)
NOT-FOR-US: MCMS
CVE-2021-46036 (An arbitrary file upload vulnerability in the component
/ms/file/uploa ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/75fdfb7f39063c9bfecdbdbe52abd402948ca480
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/75fdfb7f39063c9bfecdbdbe52abd402948ca480
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
