Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: c83cbad4 by Salvatore Bonaccorso at 2023-09-11T23:33:41+02:00 Add Debian bug references for gpac issues - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -548,7 +548,7 @@ CVE-2023-4781 (Heap-based Buffer Overflow in GitHub repository vim/vim prior to NOTE: https://huntr.dev/bounties/c867eb0a-aa8b-4946-a621-510350673883/ NOTE: https://github.com/vim/vim/commit/f6d28fe2c95c678cc3202cc5dc825a3fcc709e93 (v9.0.1873) CVE-2023-4778 (Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV.) - - gpac <unfixed> + - gpac <unfixed> (bug #1051740) [bullseye] - gpac <no-dsa> (Minor issue) [buster] - gpac <end-of-life> (EOL in buster LTS) NOTE: https://huntr.dev/bounties/abb450fb-4ab2-49b0-90da-3d878eea5397/ @@ -685,25 +685,25 @@ CVE-2023-34321 [arm32: The cache may not be properly cleaned/invalidated] [buster] - xen <end-of-life> (DSA 4677-1) NOTE: https://xenbits.xen.org/xsa/advisory-437.html CVE-2023-4758 (Buffer Over-read in GitHub repository gpac/gpac prior to 2.3-DEV.) - - gpac <unfixed> + - gpac <unfixed> (bug #1051740) [bullseye] - gpac <no-dsa> (Minor issue) [buster] - gpac <end-of-life> (EOL in buster LTS) NOTE: https://github.com/gpac/gpac/commit/193633b1648582444fc99776cd741d7ba0125e86 NOTE: https://huntr.dev/bounties/2f496261-1090-45ac-bc89-cc93c82090d6 CVE-2023-4756 (Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2. ...) - - gpac <unfixed> + - gpac <unfixed> (bug #1051740) [bullseye] - gpac <no-dsa> (Minor issue) [buster] - gpac <end-of-life> (EOL in buster LTS) NOTE: https://github.com/gpac/gpac/commit/6914d016e2b540bac2c471c4aea156ddef8e8e01 NOTE: https://huntr.dev/bounties/2342da0e-f097-4ce7-bfdc-3ec0ba446e05 CVE-2023-4755 (Use After Free in GitHub repository gpac/gpac prior to 2.3-DEV.) - - gpac <unfixed> + - gpac <unfixed> (bug #1051740) [bullseye] - gpac <no-dsa> (Minor issue) [buster] - gpac <end-of-life> (EOL in buster LTS) NOTE: https://github.com/gpac/gpac/commit/895ac12da168435eb8db3f96978ffa4c69d66c3a NOTE: https://huntr.dev/bounties/463474b7-a4e8-42b6-8b30-e648a77ee6b3 CVE-2023-4754 (Out-of-bounds Write in GitHub repository gpac/gpac prior to 2.3-DEV.) - - gpac <unfixed> + - gpac <unfixed> (bug #1051740) [buster] - gpac <end-of-life> (EOL in buster LTS) NOTE: https://github.com/gpac/gpac/commit/7e2e92feb1b30fac1d659f6620d743b5a188ffe0 NOTE: https://huntr.dev/bounties/b7ed24ad-7d0b-40b7-8f4d-3c18a906620c @@ -1092,17 +1092,17 @@ CVE-2023-39979 (There is a vulnerability in MXsecurity versions prior to 1.0.1 t CVE-2023-4718 (The Font Awesome 4 Menus plugin for WordPress is vulnerable to Stored ...) NOT-FOR-US: Font Awesome 4 Menus plugin for WordPress CVE-2023-4722 (Integer Overflow or Wraparound in GitHub repository gpac/gpac prior to ...) - - gpac <unfixed> + - gpac <unfixed> (bug #1051740) [buster] - gpac <end-of-life> (EOL in buster LTS) NOTE: https://github.com/gpac/gpac/commit/de7f3a852bef72a52825fd307cf4e8f486401a76 NOTE: https://huntr.dev/bounties/ddfdb41d-e708-4fec-afe5-68ff1f88f830 CVE-2023-4721 (Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV.) - - gpac <unfixed> + - gpac <unfixed> (bug #1051740) [buster] - gpac <end-of-life> (EOL in buster LTS) NOTE: https://github.com/gpac/gpac/commit/3ec93d73d048ed7b46fe6e9f307cc7a0cc13db63 NOTE: https://huntr.dev/bounties/f457dc62-3cff-47bd-8fd2-1cb2b4a832fc CVE-2023-4720 (Floating Point Comparison with Incorrect Operator in GitHub repository ...) - - gpac <unfixed> + - gpac <unfixed> (bug #1051740) [buster] - gpac <end-of-life> (EOL in buster LTS) NOTE: https://github.com/gpac/gpac/commit/e396648e48c57e2d53988d3fd4465b068b96c89a NOTE: https://huntr.dev/bounties/1dc2954c-8497-49fa-b2af-113e1e9381ad @@ -1275,24 +1275,24 @@ CVE-2023-41749 (Sensitive information disclosure due to excessive collection of CVE-2023-39912 (Zoho ManageEngine ADManager Plus through 7202 allows admin users to do ...) NOT-FOR-US: Zoho CVE-2023-4683 (NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.3-D ...) - - gpac <unfixed> + - gpac <unfixed> (bug #1051740) [bullseye] - gpac <ignored> (Minor issue) [buster] - gpac <end-of-life> (EOL in buster LTS) NOTE: https://github.com/gpac/gpac/commit/112767e8b178fc82dec3cf82a1ca14d802cdb8ec NOTE: https://huntr.dev/bounties/7852e4d2-af4e-4421-a39e-db23e0549922 CVE-2023-4682 (Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3 ...) - - gpac <unfixed> + - gpac <unfixed> (bug #1051740) [buster] - gpac <end-of-life> (EOL in buster LTS) NOTE: https://github.com/gpac/gpac/commit/b1042c3eefca87c4bc32afb404ed6518d693e5be NOTE: https://huntr.dev/bounties/15232a74-e3b8-43f0-ae8a-4e89d56c474c CVE-2023-4681 (NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.3-D ...) - - gpac <unfixed> + - gpac <unfixed> (bug #1051740) [bullseye] - gpac <ignored> (Minor issue) [buster] - gpac <end-of-life> (EOL in buster LTS) NOTE: https://github.com/gpac/gpac/commit/4bac19ad854159b21ba70d8ab7c4e1cd1db8ea1c NOTE: https://huntr.dev/bounties/d67c5619-ab36-41cc-93b7-04828e25f60e CVE-2023-4678 (Divide By Zero in GitHub repository gpac/gpac prior to 2.3-DEV.) - - gpac <unfixed> + - gpac <unfixed> (bug #1051740) [bullseye] - gpac <ignored> (Minor issue) [buster] - gpac <end-of-life> (EOL in buster LTS) NOTE: https://github.com/gpac/gpac/commit/4607052c482a51dbdacfe1ade10645c181d07b07 @@ -2064,7 +2064,7 @@ CVE-2023-39652 (theme volty tvcmsvideotab up to v4.0.0 was discovered to contain CVE-2023-39578 (A stored cross-site scripting (XSS) vulnerability in the Create functi ...) NOT-FOR-US: Zenario CMS CVE-2023-39562 (GPAC v2.3-DEV-rev449-g5948e4f70-master was discovered to contain a hea ...) - - gpac <unfixed> + - gpac <unfixed> (bug #1051740) [buster] - gpac <end-of-life> (EOL in buster LTS) NOTE: https://github.com/gpac/gpac/issues/2537 NOTE: https://github.com/gpac/gpac/commit/9024531ee8e6ae8318a8fe0cbb64710d1acc31f6 @@ -11218,7 +11218,7 @@ CVE-2023-2783 (Mattermost Apps Framework fails to verify that a secret provided - mattermost-server <itp> (bug #823556) CVE-2023-3291 (Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2 ...) {DSA-5452-1} - - gpac <unfixed> + - gpac <unfixed> (bug #1051740) [buster] - gpac <end-of-life> (EOL in buster LTS) NOTE: https://huntr.dev/bounties/526954e6-8683-4697-bfa2-886c3204a1d5/ NOTE: https://github.com/gpac/gpac/commit/6a748ccc3f76ff10e3ae43014967ea4b0c088aaf @@ -13037,14 +13037,14 @@ CVE-2023-3015 (A vulnerability has been found in yiwent Vip Video Analysis 1.0 a CVE-2023-3014 (A vulnerability, which was classified as problematic, was found in Bei ...) NOT-FOR-US: BeipyVideoResolution CVE-2023-3013 (Unchecked Return Value in GitHub repository gpac/gpac prior to 2.2.2.) - - gpac <unfixed> + - gpac <unfixed> (bug #1051740) [bullseye] - gpac <ignored> (Minor issue) [buster] - gpac <end-of-life> (EOL in buster LTS) NOTE: https://huntr.dev/bounties/52f95edc-cc03-4a9f-9bf8-74f641260073 NOTE: https://github.com/gpac/gpac/commit/78e539b43293829a14a32e821f5267e3b7417594 CVE-2023-3012 (NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.2.2 ...) {DSA-5452-1} - - gpac <unfixed> + - gpac <unfixed> (bug #1051740) [buster] - gpac <end-of-life> (EOL in buster LTS) NOTE: https://huntr.dev/bounties/916b787a-c603-409d-afc6-25bb02070e69 NOTE: https://github.com/gpac/gpac/commit/53387aa86c1af1228d0fa57c67f9c7330716d5a7 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c83cbad4b035595fbfc72197a34b0deaaaef29fe -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c83cbad4b035595fbfc72197a34b0deaaaef29fe You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits