Debian Bug report logs -
#987280
CVE-2021-31254 CVE-2021-31255 CVE-2021-31256 CVE-2021-31257 CVE-2021-31258 CVE-2021-31259 CVE-2021-31260 CVE-2021-31261 CVE-2021-31262
Reply or subscribe to this bug.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, team@security.debian.org, Debian Multimedia Maintainers <debian-multimedia@lists.debian.org>:
Bug#987280; Package gpac.
(Tue, 20 Apr 2021 18:57:03 GMT) (full text, mbox, link).
Acknowledgement sent
to Moritz Muehlenhoff <jmm@debian.org>:
New Bug report received and forwarded. Copy sent to team@security.debian.org, Debian Multimedia Maintainers <debian-multimedia@lists.debian.org>.
(Tue, 20 Apr 2021 18:57:03 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: gpac
Version: 1.0.1+dfsg1-3
Severity: grave
Tags: security
X-Debbugs-Cc: Debian Security Team <team@security.debian.org>
CVE-2021-31262
https://github.com/gpac/gpac/commit/b2eab95e07cb5819375a50358d4806a8813b6e50
https://github.com/gpac/gpac/issues/1738
CVE-2021-31261
https://github.com/gpac/gpac/commit/cd3738dea038dbd12e603ad48cd7373ae0440f65
https://github.com/gpac/gpac/issues/1737
CVE-2021-31260
https://github.com/gpac/gpac/commit/df8fffd839fe5ae9acd82d26fd48280a397411d9
https://github.com/gpac/gpac/issues/1736
CVE-2021-31259
https://github.com/gpac/gpac/commit/3b84ffcbacf144ce35650df958432f472b6483f8
https://github.com/gpac/gpac/issues/1735
CVE-2021-31258
https://github.com/gpac/gpac/commit/ebfa346eff05049718f7b80041093b4c5581c24e
https://github.com/gpac/gpac/issues/1706
CVE-2021-31257
https://github.com/gpac/gpac/commit/87afe070cd6866df7fe80f11b26ef75161de85e0
https://github.com/gpac/gpac/issues/1734
CVE-2021-31256
https://github.com/gpac/gpac/commit/2da2f68bffd51d89b1d272d22aa8cc023c1c066e
https://github.com/gpac/gpac/issues/1705
CVE-2021-31255
https://github.com/gpac/gpac/commit/758135e91e623d7dfe7f6aaad7aeb3f791b7a4e5
https://github.com/gpac/gpac/issues/1733
CVE-2021-31254
https://github.com/gpac/gpac/commit/8986422c21fbd9a7bf6561cae65aae42077447e8
https://github.com/gpac/gpac/issues/1703
Cheers,
Moritz
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian Multimedia Maintainers <debian-multimedia@lists.debian.org>:
Bug#987280; Package gpac.
(Wed, 21 Apr 2021 04:57:02 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian Multimedia Maintainers <debian-multimedia@lists.debian.org>.
(Wed, 21 Apr 2021 04:57:02 GMT) (full text, mbox, link).
Message #10 received at 987280@bugs.debian.org (full text, mbox, reply):
Hi,
On Tue, Apr 20, 2021 at 08:55:13PM +0200, Moritz Muehlenhoff wrote:
> Package: gpac
> Version: 1.0.1+dfsg1-3
> Severity: grave
> Tags: security
> X-Debbugs-Cc: Debian Security Team <team@security.debian.org>
>
> CVE-2021-31262
> https://github.com/gpac/gpac/commit/b2eab95e07cb5819375a50358d4806a8813b6e50
> https://github.com/gpac/gpac/issues/1738
>
> CVE-2021-31261
> https://github.com/gpac/gpac/commit/cd3738dea038dbd12e603ad48cd7373ae0440f65
> https://github.com/gpac/gpac/issues/1737
>
> CVE-2021-31260
> https://github.com/gpac/gpac/commit/df8fffd839fe5ae9acd82d26fd48280a397411d9
> https://github.com/gpac/gpac/issues/1736
>
> CVE-2021-31259
> https://github.com/gpac/gpac/commit/3b84ffcbacf144ce35650df958432f472b6483f8
> https://github.com/gpac/gpac/issues/1735
>
> CVE-2021-31258
> https://github.com/gpac/gpac/commit/ebfa346eff05049718f7b80041093b4c5581c24e
> https://github.com/gpac/gpac/issues/1706
>
> CVE-2021-31257
> https://github.com/gpac/gpac/commit/87afe070cd6866df7fe80f11b26ef75161de85e0
> https://github.com/gpac/gpac/issues/1734
>
> CVE-2021-31256
> https://github.com/gpac/gpac/commit/2da2f68bffd51d89b1d272d22aa8cc023c1c066e
> https://github.com/gpac/gpac/issues/1705
>
> CVE-2021-31255
> https://github.com/gpac/gpac/commit/758135e91e623d7dfe7f6aaad7aeb3f791b7a4e5
> https://github.com/gpac/gpac/issues/1733
>
> CVE-2021-31254
> https://github.com/gpac/gpac/commit/8986422c21fbd9a7bf6561cae65aae42077447e8
> https://github.com/gpac/gpac/issues/1703
There appeared some more gpac CVEs yesterday, should we fill those as
a separate bug? See CVE-2021-29279, CVE-2021-30014, CVE-2021-30015,
CVE-2021-30019, CVE-2021-30020, CVE-2021-30022, CVE-2021-30199
additionally.
Regards,
Salvatore
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Apr 21 08:07:18 2021;
Machine Name:
bembo
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon