Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c83cbad4 by Salvatore Bonaccorso at 2023-09-11T23:33:41+02:00
Add Debian bug references for gpac issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -548,7 +548,7 @@ CVE-2023-4781 (Heap-based Buffer Overflow in GitHub
repository vim/vim prior to
NOTE: https://huntr.dev/bounties/c867eb0a-aa8b-4946-a621-510350673883/
NOTE:
https://github.com/vim/vim/commit/f6d28fe2c95c678cc3202cc5dc825a3fcc709e93
(v9.0.1873)
CVE-2023-4778 (Out-of-bounds Read in GitHub repository gpac/gpac prior to
2.3-DEV.)
- - gpac <unfixed>
+ - gpac <unfixed> (bug #1051740)
[bullseye] - gpac <no-dsa> (Minor issue)
[buster] - gpac <end-of-life> (EOL in buster LTS)
NOTE: https://huntr.dev/bounties/abb450fb-4ab2-49b0-90da-3d878eea5397/
@@ -685,25 +685,25 @@ CVE-2023-34321 [arm32: The cache may not be properly
cleaned/invalidated]
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-437.html
CVE-2023-4758 (Buffer Over-read in GitHub repository gpac/gpac prior to
2.3-DEV.)
- - gpac <unfixed>
+ - gpac <unfixed> (bug #1051740)
[bullseye] - gpac <no-dsa> (Minor issue)
[buster] - gpac <end-of-life> (EOL in buster LTS)
NOTE:
https://github.com/gpac/gpac/commit/193633b1648582444fc99776cd741d7ba0125e86
NOTE: https://huntr.dev/bounties/2f496261-1090-45ac-bc89-cc93c82090d6
CVE-2023-4756 (Stack-based Buffer Overflow in GitHub repository gpac/gpac
prior to 2. ...)
- - gpac <unfixed>
+ - gpac <unfixed> (bug #1051740)
[bullseye] - gpac <no-dsa> (Minor issue)
[buster] - gpac <end-of-life> (EOL in buster LTS)
NOTE:
https://github.com/gpac/gpac/commit/6914d016e2b540bac2c471c4aea156ddef8e8e01
NOTE: https://huntr.dev/bounties/2342da0e-f097-4ce7-bfdc-3ec0ba446e05
CVE-2023-4755 (Use After Free in GitHub repository gpac/gpac prior to 2.3-DEV.)
- - gpac <unfixed>
+ - gpac <unfixed> (bug #1051740)
[bullseye] - gpac <no-dsa> (Minor issue)
[buster] - gpac <end-of-life> (EOL in buster LTS)
NOTE:
https://github.com/gpac/gpac/commit/895ac12da168435eb8db3f96978ffa4c69d66c3a
NOTE: https://huntr.dev/bounties/463474b7-a4e8-42b6-8b30-e648a77ee6b3
CVE-2023-4754 (Out-of-bounds Write in GitHub repository gpac/gpac prior to
2.3-DEV.)
- - gpac <unfixed>
+ - gpac <unfixed> (bug #1051740)
[buster] - gpac <end-of-life> (EOL in buster LTS)
NOTE:
https://github.com/gpac/gpac/commit/7e2e92feb1b30fac1d659f6620d743b5a188ffe0
NOTE: https://huntr.dev/bounties/b7ed24ad-7d0b-40b7-8f4d-3c18a906620c
@@ -1092,17 +1092,17 @@ CVE-2023-39979 (There is a vulnerability in MXsecurity
versions prior to 1.0.1 t
CVE-2023-4718 (The Font Awesome 4 Menus plugin for WordPress is vulnerable to
Stored ...)
NOT-FOR-US: Font Awesome 4 Menus plugin for WordPress
CVE-2023-4722 (Integer Overflow or Wraparound in GitHub repository gpac/gpac
prior to ...)
- - gpac <unfixed>
+ - gpac <unfixed> (bug #1051740)
[buster] - gpac <end-of-life> (EOL in buster LTS)
NOTE:
https://github.com/gpac/gpac/commit/de7f3a852bef72a52825fd307cf4e8f486401a76
NOTE: https://huntr.dev/bounties/ddfdb41d-e708-4fec-afe5-68ff1f88f830
CVE-2023-4721 (Out-of-bounds Read in GitHub repository gpac/gpac prior to
2.3-DEV.)
- - gpac <unfixed>
+ - gpac <unfixed> (bug #1051740)
[buster] - gpac <end-of-life> (EOL in buster LTS)
NOTE:
https://github.com/gpac/gpac/commit/3ec93d73d048ed7b46fe6e9f307cc7a0cc13db63
NOTE: https://huntr.dev/bounties/f457dc62-3cff-47bd-8fd2-1cb2b4a832fc
CVE-2023-4720 (Floating Point Comparison with Incorrect Operator in GitHub
repository ...)
- - gpac <unfixed>
+ - gpac <unfixed> (bug #1051740)
[buster] - gpac <end-of-life> (EOL in buster LTS)
NOTE:
https://github.com/gpac/gpac/commit/e396648e48c57e2d53988d3fd4465b068b96c89a
NOTE: https://huntr.dev/bounties/1dc2954c-8497-49fa-b2af-113e1e9381ad
@@ -1275,24 +1275,24 @@ CVE-2023-41749 (Sensitive information disclosure due to
excessive collection of
CVE-2023-39912 (Zoho ManageEngine ADManager Plus through 7202 allows admin
users to do ...)
NOT-FOR-US: Zoho
CVE-2023-4683 (NULL Pointer Dereference in GitHub repository gpac/gpac prior
to 2.3-D ...)
- - gpac <unfixed>
+ - gpac <unfixed> (bug #1051740)
[bullseye] - gpac <ignored> (Minor issue)
[buster] - gpac <end-of-life> (EOL in buster LTS)
NOTE:
https://github.com/gpac/gpac/commit/112767e8b178fc82dec3cf82a1ca14d802cdb8ec
NOTE: https://huntr.dev/bounties/7852e4d2-af4e-4421-a39e-db23e0549922
CVE-2023-4682 (Heap-based Buffer Overflow in GitHub repository gpac/gpac prior
to 2.3 ...)
- - gpac <unfixed>
+ - gpac <unfixed> (bug #1051740)
[buster] - gpac <end-of-life> (EOL in buster LTS)
NOTE:
https://github.com/gpac/gpac/commit/b1042c3eefca87c4bc32afb404ed6518d693e5be
NOTE: https://huntr.dev/bounties/15232a74-e3b8-43f0-ae8a-4e89d56c474c
CVE-2023-4681 (NULL Pointer Dereference in GitHub repository gpac/gpac prior
to 2.3-D ...)
- - gpac <unfixed>
+ - gpac <unfixed> (bug #1051740)
[bullseye] - gpac <ignored> (Minor issue)
[buster] - gpac <end-of-life> (EOL in buster LTS)
NOTE:
https://github.com/gpac/gpac/commit/4bac19ad854159b21ba70d8ab7c4e1cd1db8ea1c
NOTE: https://huntr.dev/bounties/d67c5619-ab36-41cc-93b7-04828e25f60e
CVE-2023-4678 (Divide By Zero in GitHub repository gpac/gpac prior to 2.3-DEV.)
- - gpac <unfixed>
+ - gpac <unfixed> (bug #1051740)
[bullseye] - gpac <ignored> (Minor issue)
[buster] - gpac <end-of-life> (EOL in buster LTS)
NOTE:
https://github.com/gpac/gpac/commit/4607052c482a51dbdacfe1ade10645c181d07b07
@@ -2064,7 +2064,7 @@ CVE-2023-39652 (theme volty tvcmsvideotab up to v4.0.0
was discovered to contain
CVE-2023-39578 (A stored cross-site scripting (XSS) vulnerability in the
Create functi ...)
NOT-FOR-US: Zenario CMS
CVE-2023-39562 (GPAC v2.3-DEV-rev449-g5948e4f70-master was discovered to
contain a hea ...)
- - gpac <unfixed>
+ - gpac <unfixed> (bug #1051740)
[buster] - gpac <end-of-life> (EOL in buster LTS)
NOTE: https://github.com/gpac/gpac/issues/2537
NOTE:
https://github.com/gpac/gpac/commit/9024531ee8e6ae8318a8fe0cbb64710d1acc31f6
@@ -11218,7 +11218,7 @@ CVE-2023-2783 (Mattermost Apps Framework fails to
verify that a secret provided
- mattermost-server <itp> (bug #823556)
CVE-2023-3291 (Heap-based Buffer Overflow in GitHub repository gpac/gpac prior
to 2.2 ...)
{DSA-5452-1}
- - gpac <unfixed>
+ - gpac <unfixed> (bug #1051740)
[buster] - gpac <end-of-life> (EOL in buster LTS)
NOTE: https://huntr.dev/bounties/526954e6-8683-4697-bfa2-886c3204a1d5/
NOTE:
https://github.com/gpac/gpac/commit/6a748ccc3f76ff10e3ae43014967ea4b0c088aaf
@@ -13037,14 +13037,14 @@ CVE-2023-3015 (A vulnerability has been found in
yiwent Vip Video Analysis 1.0 a
CVE-2023-3014 (A vulnerability, which was classified as problematic, was found
in Bei ...)
NOT-FOR-US: BeipyVideoResolution
CVE-2023-3013 (Unchecked Return Value in GitHub repository gpac/gpac prior to
2.2.2.)
- - gpac <unfixed>
+ - gpac <unfixed> (bug #1051740)
[bullseye] - gpac <ignored> (Minor issue)
[buster] - gpac <end-of-life> (EOL in buster LTS)
NOTE: https://huntr.dev/bounties/52f95edc-cc03-4a9f-9bf8-74f641260073
NOTE:
https://github.com/gpac/gpac/commit/78e539b43293829a14a32e821f5267e3b7417594
CVE-2023-3012 (NULL Pointer Dereference in GitHub repository gpac/gpac prior
to 2.2.2 ...)
{DSA-5452-1}
- - gpac <unfixed>
+ - gpac <unfixed> (bug #1051740)
[buster] - gpac <end-of-life> (EOL in buster LTS)
NOTE: https://huntr.dev/bounties/916b787a-c603-409d-afc6-25bb02070e69
NOTE:
https://github.com/gpac/gpac/commit/53387aa86c1af1228d0fa57c67f9c7330716d5a7
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c83cbad4b035595fbfc72197a34b0deaaaef29fe
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c83cbad4b035595fbfc72197a34b0deaaaef29fe
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
