Debian Bug report logs -
#921969
CVE-2018-20760 CVE-2018-20761 CVE-2018-20762 CVE-2018-20763
Reported by: Moritz Muehlenhoff <jmm@debian.org>
Date: Sun, 10 Feb 2019 18:51:01 UTC
Severity: grave
Tags: fixed-upstream, security, upstream
Found in versions gpac/0.5.2-426-gc5ad4e4+dfsg5-4, gpac/0.5.2-426-gc5ad4e4+dfsg5-3
Fixed in versions gpac/0.5.2-426-gc5ad4e4+dfsg5-4.1, gpac/0.7.1+dfsg1-2, gpac/0.5.2-426-gc5ad4e4+dfsg5-3+deb9u1
Done: Moritz Mühlenhoff <jmm@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, team@security.debian.org, Debian Multimedia Maintainers <debian-multimedia@lists.debian.org>:
Bug#921969; Package src:gpac.
(Sun, 10 Feb 2019 18:51:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Moritz Muehlenhoff <jmm@debian.org>:
New Bug report received and forwarded. Copy sent to team@security.debian.org, Debian Multimedia Maintainers <debian-multimedia@lists.debian.org>.
(Sun, 10 Feb 2019 18:51:04 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Source: gpac
Severity: grave
Tags: security
CVE-2018-20760:
https://github.com/gpac/gpac/commit/4c1360818fc8948e9307059fba4dc47ba8ad255d
https://github.com/gpac/gpac/issues/1177
CVE-2018-20761:
https://github.com/gpac/gpac/commit/35ab4475a7df9b2a4bcab235e379c0c3ec543658
https://github.com/gpac/gpac/issues/1186
CVE-2018-20762:
https://github.com/gpac/gpac/commit/35ab4475a7df9b2a4bcab235e379c0c3ec543658
https://github.com/gpac/gpac/issues/1187
CVE-2018-20763:
https://github.com/gpac/gpac/commit/1c449a34fe0b50aaffb881bfb9d7c5ab0bb18cdd
https://github.com/gpac/gpac/issues/1188
Cheers,
Moritz
Added tag(s) upstream.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Sun, 10 Feb 2019 19:54:02 GMT) (full text, mbox, link).
Marked as found in versions gpac/0.5.2-426-gc5ad4e4+dfsg5-4.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Sun, 10 Feb 2019 19:54:03 GMT) (full text, mbox, link).
Marked as found in versions gpac/0.5.2-426-gc5ad4e4+dfsg5-3.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Sun, 10 Feb 2019 19:54:03 GMT) (full text, mbox, link).
Added tag(s) pending.
Request was from Hideki Yamane <henrich@iijmio-mail.jp>
to control@bugs.debian.org.
(Mon, 18 Mar 2019 08:12:05 GMT) (full text, mbox, link).
Added tag(s) fixed-upstream.
Request was from Hideki Yamane <henrich@iijmio-mail.jp>
to control@bugs.debian.org.
(Mon, 18 Mar 2019 08:12:05 GMT) (full text, mbox, link).
Reply sent
to Moritz Muehlenhoff <jmm@debian.org>:
You have taken responsibility.
(Mon, 01 Apr 2019 21:51:10 GMT) (full text, mbox, link).
Notification sent
to Moritz Muehlenhoff <jmm@debian.org>:
Bug acknowledged by developer.
(Mon, 01 Apr 2019 21:51:10 GMT) (full text, mbox, link).
Message #20 received at 921969-close@bugs.debian.org (full text, mbox, reply):
Source: gpac
Source-Version: 0.5.2-426-gc5ad4e4+dfsg5-4.1
We believe that the bug you reported is fixed in the latest version of
gpac, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 921969@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Moritz Muehlenhoff <jmm@debian.org> (supplier of updated gpac package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 01 Apr 2019 23:07:02 +0200
Source: gpac
Binary: gpac gpac-modules-base libgpac4 libgpac-dev
Architecture: source amd64
Version: 0.5.2-426-gc5ad4e4+dfsg5-4.1
Distribution: unstable
Urgency: medium
Maintainer: Debian Multimedia Maintainers <debian-multimedia@lists.debian.org>
Changed-By: Moritz Muehlenhoff <jmm@debian.org>
Description:
gpac - GPAC Project on Advanced Content - utilities
gpac-modules-base - GPAC Project on Advanced Content - modules
libgpac-dev - GPAC Project on Advanced Content - development files
libgpac4 - GPAC Project on Advanced Content - shared libraries
Closes: 892526 902782 921969
Changes:
gpac (0.5.2-426-gc5ad4e4+dfsg5-4.1) unstable; urgency=medium
.
* CVE-2018-7752 (Closes: #892526)
* CVE-2018-13005, CVE-2018-13006 (Closes: #902782)
* CVE-2018-20760, CVE-2018-20761, CVE-2018-20762, CVE-2018-20763
(Closes: #921969)
Checksums-Sha1:
88c95b02c5b5ca1f0e0696ab697e9dd54a2a6f2f 2686 gpac_0.5.2-426-gc5ad4e4+dfsg5-4.1.dsc
2ffae4792256cf1f96dd9ca8e91ba4082f54206f 42180 gpac_0.5.2-426-gc5ad4e4+dfsg5-4.1.debian.tar.xz
a6a3c9bf1c05f11237894be74a8247b315918360 641276 gpac-dbgsym_0.5.2-426-gc5ad4e4+dfsg5-4.1_amd64.deb
383bfe0f24177e932c71f88dbab1a7755294b02b 984916 gpac-modules-base-dbgsym_0.5.2-426-gc5ad4e4+dfsg5-4.1_amd64.deb
7be3baee0cfbf42126a8695d9319c8303f9763c1 238316 gpac-modules-base_0.5.2-426-gc5ad4e4+dfsg5-4.1_amd64.deb
12743d6b8bda69e87efc154ff80f54faf6a82966 15895 gpac_0.5.2-426-gc5ad4e4+dfsg5-4.1_amd64.buildinfo
6ed3bed1c2251c0b9b8596c231a6874f6c9cf8b8 273874 gpac_0.5.2-426-gc5ad4e4+dfsg5-4.1_amd64.deb
88f35ca3cf249e391b9ce1d5f7e22d24a7527299 2050152 libgpac-dev_0.5.2-426-gc5ad4e4+dfsg5-4.1_amd64.deb
81542bad03d48360a206243bf082dcfcf5efe87b 5633788 libgpac4-dbgsym_0.5.2-426-gc5ad4e4+dfsg5-4.1_amd64.deb
ed532f2123797ef02f2ac8be64fd2f51a80c8737 1558852 libgpac4_0.5.2-426-gc5ad4e4+dfsg5-4.1_amd64.deb
Checksums-Sha256:
ead408615704ef45faf845bb32f7d29c70c93631d331e6538559206d1df67efe 2686 gpac_0.5.2-426-gc5ad4e4+dfsg5-4.1.dsc
52a098dd836896b2110be9c9c01c78e5ff7c933617fb23f0d9daf8f2dce08f4a 42180 gpac_0.5.2-426-gc5ad4e4+dfsg5-4.1.debian.tar.xz
713bc2e8570f725112e43a95b0876cde008f7db8920d83df4265f1820363faaa 641276 gpac-dbgsym_0.5.2-426-gc5ad4e4+dfsg5-4.1_amd64.deb
36c5c45705382209f15094c2f3a5da3681398ed8cf45330a98b28d6bf3749626 984916 gpac-modules-base-dbgsym_0.5.2-426-gc5ad4e4+dfsg5-4.1_amd64.deb
4f789d4f53424a459e7fdd202cfc931263ab5429db78abd44767ca71259a95a2 238316 gpac-modules-base_0.5.2-426-gc5ad4e4+dfsg5-4.1_amd64.deb
90882e0ce11416fa60c7d15586d9d9a2ad1d0b175bb118eed8affdc08f1b45f3 15895 gpac_0.5.2-426-gc5ad4e4+dfsg5-4.1_amd64.buildinfo
c609a874c6b11ccaea8de310cfd1b297a81aecefa345e68db208238c43f0a520 273874 gpac_0.5.2-426-gc5ad4e4+dfsg5-4.1_amd64.deb
1fcd4af3793d162b9a7df43d1e04fdd76e2c2592bf1d745c3a1307c846af1bc7 2050152 libgpac-dev_0.5.2-426-gc5ad4e4+dfsg5-4.1_amd64.deb
c6cde3368f45397cf5c3803f829f623e0f302444447fb0527748bd283a88b050 5633788 libgpac4-dbgsym_0.5.2-426-gc5ad4e4+dfsg5-4.1_amd64.deb
3218cca5bd29c546309dea48bc40c839c0b2b2a1b4f0b2d5f5949e53e9abd0c4 1558852 libgpac4_0.5.2-426-gc5ad4e4+dfsg5-4.1_amd64.deb
Files:
23007082b717e64f33bdd268ca548be4 2686 graphics optional gpac_0.5.2-426-gc5ad4e4+dfsg5-4.1.dsc
732557c580664a355a2c458ae8ec07b8 42180 graphics optional gpac_0.5.2-426-gc5ad4e4+dfsg5-4.1.debian.tar.xz
3672224b3645a3fdeda5e3bc5eef57cc 641276 debug extra gpac-dbgsym_0.5.2-426-gc5ad4e4+dfsg5-4.1_amd64.deb
809586bf87e6eaf746a67f77574c8754 984916 debug extra gpac-modules-base-dbgsym_0.5.2-426-gc5ad4e4+dfsg5-4.1_amd64.deb
dfaa0061f7fd6189cbbb6f47d79007cc 238316 graphics optional gpac-modules-base_0.5.2-426-gc5ad4e4+dfsg5-4.1_amd64.deb
8cad7de83f10667c1af4af3d97c3491a 15895 graphics optional gpac_0.5.2-426-gc5ad4e4+dfsg5-4.1_amd64.buildinfo
d7fa04be5e94145a8352127750b60fc2 273874 graphics optional gpac_0.5.2-426-gc5ad4e4+dfsg5-4.1_amd64.deb
d9ae887a69543b7d4bd9664ac7bc0387 2050152 libdevel optional libgpac-dev_0.5.2-426-gc5ad4e4+dfsg5-4.1_amd64.deb
d927d33519964f33ccfd46c9f369c136 5633788 debug extra libgpac4-dbgsym_0.5.2-426-gc5ad4e4+dfsg5-4.1_amd64.deb
ce8932645d41d623246ded664efd4227 1558852 libs optional libgpac4_0.5.2-426-gc5ad4e4+dfsg5-4.1_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlyiggEACgkQEMKTtsN8
TjbeYRAAqaoWhlkvEQpu0RA2/aBi5xzSAo9EpcnHF970giGQJ5B/lpdaFAgo8dsG
pk6d3lOu6lpFWPzvogcyx8u5vR435PTUKDFK6t9qu73pi63kGB0Tp+0rrncQBJ2U
73vs5d12pZCHEfELQtbZthUpJMiw085zbix0tvMM9o49RFqmoeoQlYXxAg5hrpf+
0KGkx03rWwzo/2JqRsaCqTFRIqBYbvsfM5UC8SgyxbH3JVyLkjmT93nkdlugY1Cm
JSDVedn3vN0i4TTjGRh/ogE+SfSrfvPStx9lK6RzthhOKZ17LNzg6GhzQwRiaRte
3djRiaLDSo6EMVL0eMpjK4rmMvPO+Ul5kHGina0iHHZhfwbKkUPRknq5GwmfDrJM
Id2gkEYZbu8wo7M6yQzBUxj5pZJeZ74lrNGdzJTZSzJSCzXB5c8o9GlV7NwbJw5d
zdIvqOIEOQFijJfH/Rp6nPk5UanWqURkXEhFM7eJqt2gdNe3Z4ayZ9vuoULza2mx
9WBBowRINsXo3deYClapGE+tO9p7+tAMTVxU8z/j199ec+YSGC6kgTjPRtWrKuC7
OPN6DQYgHLMNsktXkzgM+yWWlpr4jgn9AToSn2tVNb12hBtqRMpt8jptn6uiAWVk
+igPcHnRXv1+rIizETnb2X+wnQ4RyNePcqXKqb8tw7tlFw/YC5E=
=do0x
-----END PGP SIGNATURE-----
Reply sent
to Reinhard Tartler <siretart@tauware.de>:
You have taken responsibility.
(Wed, 10 Apr 2019 18:03:15 GMT) (full text, mbox, link).
Notification sent
to Moritz Muehlenhoff <jmm@debian.org>:
Bug acknowledged by developer.
(Wed, 10 Apr 2019 18:03:15 GMT) (full text, mbox, link).
Message #25 received at 921969-close@bugs.debian.org (full text, mbox, reply):
Source: gpac
Source-Version: 0.7.1+dfsg1-2
We believe that the bug you reported is fixed in the latest version of
gpac, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 921969@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Reinhard Tartler <siretart@tauware.de> (supplier of updated gpac package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sun, 07 Apr 2019 12:19:28 -0400
Binary: gpac gpac-dbgsym gpac-modules-base gpac-modules-base-dbgsym libgpac7 libgpac7-dbgsym libgpac-dev
Source: gpac
Architecture: amd64 source
Version: 0.7.1+dfsg1-2
Distribution: experimental
Urgency: medium
Maintainer: Debian Multimedia Maintainers <debian-multimedia@lists.debian.org>
Changed-By: Reinhard Tartler <siretart@tauware.de>
Closes: 817194 892526 902782 921969
Description:
gpac - GPAC Project on Advanced Content - utilities
gpac-modules-base - GPAC Project on Advanced Content - modules
libgpac7 - GPAC Project on Advanced Content - shared libraries
libgpac-dev - GPAC Project on Advanced Content - development files
Changes:
gpac (0.7.1+dfsg1-2) experimental; urgency=medium
.
* Upload to experimental and mark the previous upload as
UNRELEASED. It was deemed unappropriate for this stage of the
Debian Release cycle.
.
gpac (0.7.1+dfsg1-1) UNRELEASED; urgency=medium
.
[ Balint Reczey ]
* Remove myself from Uploaders
.
[ Reinhard Tartler ]
* Update exclude lists
* New upstream version 0.7.1+dfsg1 (Closes: #817194)
* Add bugfix for CVE-2018-7752 (Closes: #892526)
* Add patch for CVE-2018-20760, CVE-2018-20762, CVE-2018-20763
(CVE-2018-20761 does not need addressing) (Closes: #921969)
* add patch for CVE-2018-13005, CVE-2018-13006 (Closes: #902782)
Checksums-Sha1:
e65e96e8e2426ba46cb2851726c207435f87dc93 2691 gpac_0.7.1+dfsg1-2.dsc
ca581b816ea4025db5e3ed9e75580ac540ab794b 43900 gpac_0.7.1+dfsg1-2.debian.tar.xz
f49e6bfbb57a297cdb24202d0185382d6d16b542 498936 gpac-dbgsym_0.7.1+dfsg1-2_amd64.deb
31ec99eb1a589c4414e55a8ed93edb229a6ac705 1248996 gpac-modules-base-dbgsym_0.7.1+dfsg1-2_amd64.deb
13d6340ce139e151a543f72ba77c37527cf449de 253524 gpac-modules-base_0.7.1+dfsg1-2_amd64.deb
ca81efea5c2861f69e87d56e5791f8e989f2a4d4 15759 gpac_0.7.1+dfsg1-2_amd64.buildinfo
6c6467a9bb85180daa8b4b20ed7f498a3a60ef9d 240136 gpac_0.7.1+dfsg1-2_amd64.deb
a102df1ab3e9367dfcae31c89fba22bc3e480141 2185596 libgpac-dev_0.7.1+dfsg1-2_amd64.deb
6e5f81e26802c6c00dcf914d7844a5879ac301a6 7027680 libgpac7-dbgsym_0.7.1+dfsg1-2_amd64.deb
010c35400b83b449c3af99dc17e0c7f7436815b0 1677884 libgpac7_0.7.1+dfsg1-2_amd64.deb
Checksums-Sha256:
14bbd5732b45338544301b280ae81afdae0572cdfae9ef2ec673d8af4b6e19c4 2691 gpac_0.7.1+dfsg1-2.dsc
e22b8157646aee1c33fcfaa0aeca653c38d216f78535c700a0012c842d358f56 43900 gpac_0.7.1+dfsg1-2.debian.tar.xz
46fa2a4e80b61ad615e34923973aa97238960b80f2164597faf9ea271a07df2a 498936 gpac-dbgsym_0.7.1+dfsg1-2_amd64.deb
4aa494796500030aba065cbee1631eae5a8362f11a25328f28d0027eb19209d7 1248996 gpac-modules-base-dbgsym_0.7.1+dfsg1-2_amd64.deb
4209097136859edf0a9bc5ee749cc01d52f6a0f8e8e730a447810c3d88845fdf 253524 gpac-modules-base_0.7.1+dfsg1-2_amd64.deb
689755d8faeb14b342cd30e70d755cfc17d873863776e4d589e0b7a51c3ac676 15759 gpac_0.7.1+dfsg1-2_amd64.buildinfo
c3eb44dd84635721fbf9efb533b6586efe8ed08e05674f8823869e5d4d8ec330 240136 gpac_0.7.1+dfsg1-2_amd64.deb
633d414edd066d6334ef5fd315815c6f6026a358b35fcc3a4cb793ccb94a134e 2185596 libgpac-dev_0.7.1+dfsg1-2_amd64.deb
d28b9859c020c188b8b9abb640bb3429d0aaec57524e2e4e089c82340c17f397 7027680 libgpac7-dbgsym_0.7.1+dfsg1-2_amd64.deb
cce872e72bbd99961d3c5381ff8cf0ecdd63c147e0407535283ffc77a95b1d02 1677884 libgpac7_0.7.1+dfsg1-2_amd64.deb
Files:
2c6d902a528a5a4021bed068cacefe6a 2691 graphics optional gpac_0.7.1+dfsg1-2.dsc
71f8ce2998bfc9fa4ee2bb87b0a6e117 43900 graphics optional gpac_0.7.1+dfsg1-2.debian.tar.xz
e01a91af3122744c44dd07179c9be0e7 498936 debug optional gpac-dbgsym_0.7.1+dfsg1-2_amd64.deb
ef33ee2fbf4386275db02b316afed93e 1248996 debug optional gpac-modules-base-dbgsym_0.7.1+dfsg1-2_amd64.deb
6d124dc8bb3aab81830db61819e58679 253524 graphics optional gpac-modules-base_0.7.1+dfsg1-2_amd64.deb
db5949d662ecc8c2bab25733ec1ea295 15759 graphics optional gpac_0.7.1+dfsg1-2_amd64.buildinfo
11116908e19c506decb1845482585338 240136 graphics optional gpac_0.7.1+dfsg1-2_amd64.deb
7d0876610d426193d3a61814febdab7e 2185596 libdevel optional libgpac-dev_0.7.1+dfsg1-2_amd64.deb
a122a3e4407f5677fb11691164082e3b 7027680 debug optional libgpac7-dbgsym_0.7.1+dfsg1-2_amd64.deb
7dd36341e6a2e5c8ccc630d399ff8bce 1677884 libs optional libgpac7_0.7.1+dfsg1-2_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQJIBAEBCAAyFiEE6n5rckvJ+/LRcetya3IL6cXPbZ4FAlyqNLsUHHNpcmV0YXJ0
QHRhdXdhcmUuZGUACgkQa3IL6cXPbZ6j5BAAiwpjxQrpidwlVfSOcg47BMwQQloy
8RksT93kJgroY3IyPL0zJlc19U32o7sD6+n7XJ04Z0gT4RqRXhBUnTP4OF33c3Cz
XVf+jSbUm69ax8/03izb2c54ceGlxDj6qe15gPZzVptFl0ZCP+O5oCj3XCBwu9OB
UigY6ZM1YX28c0dW5H2qAxDVJEPjWDXlo8LykzdvTmFDrGbtkAeSRD5/u+FGpAgJ
MXkfHh9WxPrqkk1pE6UsrEZ5zd4qbQP7KjlH+YygGFL4vnc+an6F2NjCET3UTSWj
uDM7AQNkiKf87MBj16vJbc88hPYEiLoROgtfP1RugsN2RZsBsKysjFn8D/FSPqBx
gtaCTEqLvoahPAM5a+/IpTTcODysI6D0GweqTeIX2+FqutsICmZJ6hHQlFVTlZM2
IvsEkMZyRO4n6KMAgTsiI4ddIGCCIFWcrBrII0BTDtjbqkWrgCXEFNGmIBDilqRK
uBY0OFgSMXpfII1uf64qO0UyTvnwplmqs2t08e5lj16RElSsY333z8tzhxIyKaw/
8du2JXtbiLWUxejMVw9lQCPRqdILbUskngvIGjlJSHVSfEYCCtVgxkCQZ42U8RXz
/AA1JK10qEleW81Vv2bnt6dc6jZMOLYrWEy5fdF5fIjpbhmjW0CHUDlO8Mly15Wd
tEamzGerONfKWHM=
=jDby
-----END PGP SIGNATURE-----
Reply sent
to Moritz Mühlenhoff <jmm@debian.org>:
You have taken responsibility.
(Sun, 14 Apr 2019 10:33:17 GMT) (full text, mbox, link).
Notification sent
to Moritz Muehlenhoff <jmm@debian.org>:
Bug acknowledged by developer.
(Sun, 14 Apr 2019 10:33:17 GMT) (full text, mbox, link).
Message #30 received at 921969-close@bugs.debian.org (full text, mbox, reply):
Source: gpac
Source-Version: 0.5.2-426-gc5ad4e4+dfsg5-3+deb9u1
We believe that the bug you reported is fixed in the latest version of
gpac, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 921969@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Moritz Mühlenhoff <jmm@debian.org> (supplier of updated gpac package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 04 Mar 2019 23:37:26 +0100
Source: gpac
Binary: gpac gpac-modules-base libgpac4 libgpac-dev
Architecture: source amd64
Version: 0.5.2-426-gc5ad4e4+dfsg5-3+deb9u1
Distribution: stretch
Urgency: medium
Maintainer: Debian Multimedia Maintainers <pkg-multimedia-maintainers@lists.alioth.debian.org>
Changed-By: Moritz Mühlenhoff <jmm@debian.org>
Description:
gpac - GPAC Project on Advanced Content - utilities
gpac-modules-base - GPAC Project on Advanced Content - modules
libgpac-dev - GPAC Project on Advanced Content - development files
libgpac4 - GPAC Project on Advanced Content - shared libraries
Closes: 892526 902782 921969
Changes:
gpac (0.5.2-426-gc5ad4e4+dfsg5-3+deb9u1) stretch; urgency=medium
.
* CVE-2018-7752 (Closes: #892526)
* CVE-2018-13005, CVE-2018-13006 (Closes: #902782)
* CVE-2018-20760, CVE-2018-20761, CVE-2018-20762, CVE-2018-20763
(Closes: #921969)
Checksums-Sha1:
d9ad2a1188e8a0869382bb7258ebf7ac2d390e1f 2737 gpac_0.5.2-426-gc5ad4e4+dfsg5-3+deb9u1.dsc
b371bdae4e28a6aeb6e447b01bda6d8f36cf8524 41400 gpac_0.5.2-426-gc5ad4e4+dfsg5-3+deb9u1.debian.tar.xz
8f349472681f342322dfa091895454ee90bac7d7 639722 gpac-dbgsym_0.5.2-426-gc5ad4e4+dfsg5-3+deb9u1_amd64.deb
7de20395ac3fc384f03d25eb4a3ac0d28a69a321 984984 gpac-modules-base-dbgsym_0.5.2-426-gc5ad4e4+dfsg5-3+deb9u1_amd64.deb
f97981dc0d6105e446876d2f7a99e29e67a219ed 237932 gpac-modules-base_0.5.2-426-gc5ad4e4+dfsg5-3+deb9u1_amd64.deb
95b9daa52cb15806aba4c52608d53987deaef4eb 16020 gpac_0.5.2-426-gc5ad4e4+dfsg5-3+deb9u1_amd64.buildinfo
f4d445e515c719c6f67e6b9dbc5e4c52763d1b32 273846 gpac_0.5.2-426-gc5ad4e4+dfsg5-3+deb9u1_amd64.deb
c92b1171cfb7e6064d3fdb5e96b55277e5c39234 2047964 libgpac-dev_0.5.2-426-gc5ad4e4+dfsg5-3+deb9u1_amd64.deb
7eb430329a8700adc1bb5ca0370da55c181adc3a 5634398 libgpac4-dbgsym_0.5.2-426-gc5ad4e4+dfsg5-3+deb9u1_amd64.deb
977b9c04622dc150233d200045bd1b36311e0793 1558558 libgpac4_0.5.2-426-gc5ad4e4+dfsg5-3+deb9u1_amd64.deb
Checksums-Sha256:
fbe4e36d3f551b475806bf91c2a9a12aa4c7038e5b1694fd29fc156887824e09 2737 gpac_0.5.2-426-gc5ad4e4+dfsg5-3+deb9u1.dsc
b4fb5a1fdfa5f35b4ce1936d7fdc8c1f253cfebf72103303daef5f48b68b5fe4 41400 gpac_0.5.2-426-gc5ad4e4+dfsg5-3+deb9u1.debian.tar.xz
17aec7178680f81c6ebab12d3386cb9f61305220a141bf794e6b7e5fd6e20850 639722 gpac-dbgsym_0.5.2-426-gc5ad4e4+dfsg5-3+deb9u1_amd64.deb
350d1eb3e9f8d579e35294fd217f6480dfb1d4e56ec245d7cff62d87a0c5d0f6 984984 gpac-modules-base-dbgsym_0.5.2-426-gc5ad4e4+dfsg5-3+deb9u1_amd64.deb
46166b0ee751c80ab4e5bc58eda4ecee0fc1cf0a41f4a0fa40f3b5232c161659 237932 gpac-modules-base_0.5.2-426-gc5ad4e4+dfsg5-3+deb9u1_amd64.deb
46ed0ab9b40d608fb6f3d63dcddc6807f323be3b1aa9d603c0d31bef8cb738bd 16020 gpac_0.5.2-426-gc5ad4e4+dfsg5-3+deb9u1_amd64.buildinfo
2174cf9d2f1f038f3337dcf8ce1d5ffd15dc1e3b86bf1802a785ada9c1cda7c1 273846 gpac_0.5.2-426-gc5ad4e4+dfsg5-3+deb9u1_amd64.deb
42121bc0a15c7795a61de5c7115eca3d316f419442eb663d1b2c1e8f33d8f228 2047964 libgpac-dev_0.5.2-426-gc5ad4e4+dfsg5-3+deb9u1_amd64.deb
43ceb7c704b511309e7e72a8bda35b57ed331ed5d378eb140eff2c7006b06b76 5634398 libgpac4-dbgsym_0.5.2-426-gc5ad4e4+dfsg5-3+deb9u1_amd64.deb
17dd7972b7c12613489ec5cafe7130223bfc7a6f8d3668e44712041488158d59 1558558 libgpac4_0.5.2-426-gc5ad4e4+dfsg5-3+deb9u1_amd64.deb
Files:
e0289d223063150f5d9633530424c734 2737 graphics optional gpac_0.5.2-426-gc5ad4e4+dfsg5-3+deb9u1.dsc
f0dbc7e0c602d580a97465323aa5b5f9 41400 graphics optional gpac_0.5.2-426-gc5ad4e4+dfsg5-3+deb9u1.debian.tar.xz
af7c64bf3c6b60f8c0f0ac01f246a573 639722 debug extra gpac-dbgsym_0.5.2-426-gc5ad4e4+dfsg5-3+deb9u1_amd64.deb
1b0b23a281d276552ca90a6f6dbbf870 984984 debug extra gpac-modules-base-dbgsym_0.5.2-426-gc5ad4e4+dfsg5-3+deb9u1_amd64.deb
30a440af96e331f7bcc08ab5921c90bf 237932 graphics optional gpac-modules-base_0.5.2-426-gc5ad4e4+dfsg5-3+deb9u1_amd64.deb
0ff5bad2fab3818b6792fcd2abfd6b60 16020 graphics optional gpac_0.5.2-426-gc5ad4e4+dfsg5-3+deb9u1_amd64.buildinfo
9e08f1282433d2b7a5e986c2cafeca86 273846 graphics optional gpac_0.5.2-426-gc5ad4e4+dfsg5-3+deb9u1_amd64.deb
9f23bb52c6470e6822d5dc4270f68c15 2047964 libdevel optional libgpac-dev_0.5.2-426-gc5ad4e4+dfsg5-3+deb9u1_amd64.deb
e0570c868f6b0bb92a0a4b62407e4e8e 5634398 debug extra libgpac4-dbgsym_0.5.2-426-gc5ad4e4+dfsg5-3+deb9u1_amd64.deb
1e64579cf3dddb0082fdda9059a08280 1558558 libs optional libgpac4_0.5.2-426-gc5ad4e4+dfsg5-3+deb9u1_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlys9HcACgkQEMKTtsN8
TjYTFRAAnPWuDf17a4DnrUREkldYuxxqysPc0jwMWKr4v59GReEd2nU2Cc/P+Y++
o89ujrY70CMeIW9izD1xFupmPvxhiiCNRkk6fuXI6Ur+ng2h40SsdQvAasJkyaMr
lD8MNnUE2niJK42N4QSTzupc+t6nj7P9QalkaUmHQN7AWeUTFj9pb0wv92GGAPME
kWNL9OYxUUmlC1tvwx1BZbS7Xmqqcamnaj9gO6DxFsXKugwLbUB824wC3veytFqq
g97DefTj98oia54j+WuL6IfuQQmU1Qo6uOIgrl5MvaJSGCVtOCX6+/l7svNCFK7x
P2gA7y6XRoBcd2j5zq3wuUqD/umejGT9YE9tH9gw7zhYUOyNqUuLvCNjz14khZWC
mfBy1EzZZ+OEMGbFIdHacuEwQ7lKaxRWyVIun+TgHmaFT4hfzoh4vupfRBu0x7dM
rqdXSl9SMaFS7nCl9qDS1mbz3n87cyLklaJSE85pJxHHyPauyuRrnMU4KYr/vgT2
zMvDG/R0iRkT2nTku2l8fpQpDEjpG7/ra7ap/KXO3tPGB0qGwgqUKtdspSAgXxOo
cIdZZc6yIjITWF1v1ISef+VnCz0ueKVUV/fKNtwb5HufyhdcSxI0teRCfIuHEjaL
lFqWCzcWgSPFiCoZLPRMSLM1wfNln5orkl3yn1KMcoozawgyezE=
=RPZO
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Mon, 13 May 2019 07:27:57 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 15:15:49 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon