Source: gpac Version: 2.2.1+dfsg1-3 Severity: important Tags: security upstream Forwarded: https://github.com/gpac/gpac/issues/2662 X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org>
Hi, The following vulnerability was published for gpac. CVE-2023-46929[0]: | An issue discovered in GPAC 2.3-DEV-rev605-gfc9e29089-master in | MP4Box in gf_avc_change_vui | /afltest/gpac/src/media_tools/av_parsers.c:6872:55 allows attackers | to crash the application. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2023-46929 https://www.cve.org/CVERecord?id=CVE-2023-46929 [1] https://github.com/gpac/gpac/issues/2662 [2] https://github.com/gpac/gpac/commit/4248def5d24325aeb0e35cacde3d56c9411816a6 Please adjust the affected versions in the BTS as needed. Regards, Salvatore