[Git][security-tracker-team/security-tracker][master] Triage CVE-2023-2837, CVE-2023-2838, CVE-2023-2839 & CVE-2023-2840 in gpac for buster LTS.

Tue, 23 May 2023 10:13:02 -0700 


Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker


Commits:
083d060f by Chris Lamb at 2023-05-23T10:12:33-07:00
Triage CVE-2023-2837, CVE-2023-2838, CVE-2023-2839 & CVE-2023-2840 in gpac 
for buster LTS.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -64,18 +64,22 @@ CVE-2023-31584 (GitHub repository cu/silicon commit a9ef36 
was discovered to con
        NOT-FOR-US: cu/silicon
 CVE-2023-2840 (NULL Pointer Dereference in GitHub repository gpac/gpac prior 
to 2.2.2 ...)
        - gpac <unfixed>
+       [buster] - gpac <end-of-life> (EOL in buster LTS)
        NOTE: https://huntr.dev/bounties/21926fc2-6eb1-4e24-8a36-e60f487d0257/
        NOTE: 
https://github.com/gpac/gpac/commit/ba59206b3225f0e8e95a27eff41cb1c49ddf9a37
 CVE-2023-2839 (Divide By Zero in GitHub repository gpac/gpac prior to 2.2.2.)
        - gpac <unfixed>
+       [buster] - gpac <end-of-life> (EOL in buster LTS)
        NOTE: https://huntr.dev/bounties/42dce889-f63d-4ea9-970f-1f20fc573d5f/
        NOTE: 
https://github.com/gpac/gpac/commit/047f96fb39e6bf70cb9f344093f5886e51dce0ac
 CVE-2023-2838 (Out-of-bounds Read in GitHub repository gpac/gpac prior to 
2.2.2.)
        - gpac <unfixed>
+       [buster] - gpac <end-of-life> (EOL in buster LTS)
        NOTE: https://huntr.dev/bounties/711e0988-5345-4c01-a2fe-1179604dd07f/
        NOTE: 
https://github.com/gpac/gpac/commit/c88df2e202efad214c25b4e586f243b2038779ba
 CVE-2023-2837 (Stack-based Buffer Overflow in GitHub repository gpac/gpac 
prior to 2. ...)
        - gpac <unfixed>
+       [buster] - gpac <end-of-life> (EOL in buster LTS)
        NOTE: https://huntr.dev/bounties/a6bfd1b2-aba8-4c6f-90c4-e95b1831cb17/
        NOTE: 
https://github.com/gpac/gpac/commit/6f28c4cd607d83ce381f9b4a9f8101ca1e79c611
 CVE-2023-2832 (SQL Injection in GitHub repository unilogies/bumsys prior to 
2.2.0.)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/083d060f73e8f2d07d7c0a654ea223be9e3930a7

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/083d060f73e8f2d07d7c0a654ea223be9e3930a7
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to