Accepted gpac 0.5.0+svn5324~dfsg1-1+deb8u5 (source amd64) into oldoldstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 20 Jan 2020 13:17:16 +0100
Source: gpac
Binary: gpac gpac-dbg gpac-modules-base libgpac3 libgpac-dbg libgpac-dev
Architecture: source amd64
Version: 0.5.0+svn5324~dfsg1-1+deb8u5
Distribution: jessie-security
Urgency: high
Maintainer: Debian Multimedia Maintainers <pkg-multimedia-maintainers@lists.alioth.debian.org>
Changed-By: Sylvain Beucler <beuc@debian.org>
Description:
gpac - GPAC Project on Advanced Content - utilities
gpac-dbg - GPAC Project on Advanced Content - debugging symbols
gpac-modules-base - GPAC Project on Advanced Content - modules
libgpac-dbg - GPAC Project on Advanced Content - debugging symbols for libgpac3
libgpac-dev - GPAC Project on Advanced Content - development files
libgpac3 - GPAC Project on Advanced Content - shared libraries
Changes:
gpac (0.5.0+svn5324~dfsg1-1+deb8u5) jessie-security; urgency=high
.
* Non-maintainer upload by the LTS Security Team.
* CVE-2019-20161: heap-based buffer overflow in the function
ReadGF_IPMPX_WatermarkingInit() in odf/ipmpx_code.c.
* CVE-2019-20162: heap-based buffer overflow in the function
gf_isom_box_parse_ex() in isomedia/box_funcs.c.
* CVE-2019-20163: NULL pointer dereference in the function
gf_odf_avc_cfg_write_bs() in odf/descriptors.c.
* CVE-2019-20165: NULL pointer dereference in the function
ilst_item_Read() in isomedia/box_code_apple.c.
* CVE-2019-20170: invalid pointer dereference in the function
GF_IPMPX_AUTH_Delete() in odf/ipmpx_code.c.
* CVE-2019-20171: memory leaks in metx_New in
isomedia/box_code_base.c and abst_Read in
isomedia/box_code_adobe.c.
* CVE-2019-20208: dimC_Read in isomedia/box_code_3gpp.c in GPAC
0.8.0 has a stack-based buffer overflow.
* CVE-2019-20168: use-after-free in the function
gf_isom_box_dump_ex() in isomedia/box_funcs.c.
* CVE-2019-20169: use-after-free in the function trak_Read() in
isomedia/box_code_base.c.
Checksums-Sha1:
39565addf58a6271511493ea63ee3411d3fdd841 2431 gpac_0.5.0+svn5324~dfsg1-1+deb8u5.dsc
576ca9d9ad896639b0bf4b61ac58ca6ab9a84845 40184 gpac_0.5.0+svn5324~dfsg1-1+deb8u5.debian.tar.xz
0f45ca543dedf827e9f4654d12789a4d78194276 245412 gpac_0.5.0+svn5324~dfsg1-1+deb8u5_amd64.deb
36643dc5909eb0c3b4632777a8c4ee2db44bcf77 1284442 gpac-dbg_0.5.0+svn5324~dfsg1-1+deb8u5_amd64.deb
620c4386e105be061172931f2e2a8fe6b0ee68ee 234192 gpac-modules-base_0.5.0+svn5324~dfsg1-1+deb8u5_amd64.deb
a8a21d9d778711aa430a267435d8845457a98d9a 1486086 libgpac3_0.5.0+svn5324~dfsg1-1+deb8u5_amd64.deb
fc226170877b332bba089c55a46e0e4cc5a357b2 4839074 libgpac-dbg_0.5.0+svn5324~dfsg1-1+deb8u5_amd64.deb
2497b174e24aaeb44189e81834600b0013901d99 1985068 libgpac-dev_0.5.0+svn5324~dfsg1-1+deb8u5_amd64.deb
Checksums-Sha256:
ed2165d9a9f9763d9bdce738456140d4d4e955214f857e4b8e98aaf4b06b0ed4 2431 gpac_0.5.0+svn5324~dfsg1-1+deb8u5.dsc
73e6e7449307ecdf2fa6cba6158838c6503caf64145c4d99ce6d08b5ca32677e 40184 gpac_0.5.0+svn5324~dfsg1-1+deb8u5.debian.tar.xz
5700a7434bcbfa7c73ea1edc8e103f63a444d054963b023e0179967da0c018a9 245412 gpac_0.5.0+svn5324~dfsg1-1+deb8u5_amd64.deb
9230709ffca25755bbaa7914005a4fa1164fb515e209c2915e6ffc82d40fbb62 1284442 gpac-dbg_0.5.0+svn5324~dfsg1-1+deb8u5_amd64.deb
5926503c597796133460046ebd8a011055a6eb6fbcd11a265d298c31810c79fa 234192 gpac-modules-base_0.5.0+svn5324~dfsg1-1+deb8u5_amd64.deb
d9f130d93df539d70cb5e45599517cf7a474617db397465246c7a01da699b6a4 1486086 libgpac3_0.5.0+svn5324~dfsg1-1+deb8u5_amd64.deb
6e96b480a6a080ffe0e49eb8bb1f64393b219515b65970cc1d132b82318c932e 4839074 libgpac-dbg_0.5.0+svn5324~dfsg1-1+deb8u5_amd64.deb
f35c8ef06d9d33a8fd62d6401fa07e4787116070748d27e8245d55686f049f05 1985068 libgpac-dev_0.5.0+svn5324~dfsg1-1+deb8u5_amd64.deb
Files:
27ab058c58b40fb23d6c6e2395ef636d 2431 graphics optional gpac_0.5.0+svn5324~dfsg1-1+deb8u5.dsc
5090537d06128da952f95269acec2bd3 40184 graphics optional gpac_0.5.0+svn5324~dfsg1-1+deb8u5.debian.tar.xz
4cfab1145d04a112bfdda76ae931bc80 245412 graphics optional gpac_0.5.0+svn5324~dfsg1-1+deb8u5_amd64.deb
dc3ef98b49deb9ccefcbd252bdf02c3e 1284442 debug extra gpac-dbg_0.5.0+svn5324~dfsg1-1+deb8u5_amd64.deb
d9604af72b61d146b7a29145d3b9e12a 234192 graphics optional gpac-modules-base_0.5.0+svn5324~dfsg1-1+deb8u5_amd64.deb
727f4e1c08f081a61fc2de7ae5da066f 1486086 libs optional libgpac3_0.5.0+svn5324~dfsg1-1+deb8u5_amd64.deb
8991f571e1c82639bd97a93df6b2ce6c 4839074 debug extra libgpac-dbg_0.5.0+svn5324~dfsg1-1+deb8u5_amd64.deb
91f9dda08c34c3fed7ed435c6d3fe861 1985068 libdevel optional libgpac-dev_0.5.0+svn5324~dfsg1-1+deb8u5_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCgAdFiEEQic8GuN/xDR88HkSj/HLbo2JBZ8FAl4lokQACgkQj/HLbo2J
BZ+DtwgAgJmGmuVWNu5MzSTnO8ywnWQvpnAf8MCgjWtamGreO37YZYdF/CvH+2lz
9sKYJAYHuFGJe8kYWBgZ1ofTBjZXSDzNwv4t2+CiIM8zO7zr1sSpO45Gp5nuH46J
Xlhqbl6PiziEOOiBr8AH1JoGcLpDZ1NoofV5/gZwxKsvRJK4HIQsg0XiOSmUzcBy
wz5/d2+2s4ER8d9duvsyUSemZZhxioDBuSN+132U2lD6/Mo3C/rxEclr6oYam/lI
GdueGW8S93Xtx/OqNVRvLstGPjnedO6Wlp4cdsLy+02G2kZRPHfqiFllbLSdEfyo
qiJIDSh+JHrDGSAOhKvBInKviw72Tw==
=yoAN
-----END PGP SIGNATURE-----