Back to gpac PTS page

Accepted gpac 0.5.0+svn5324~dfsg1-1+deb8u5 (source amd64) into oldoldstable

To: dispatch@tracker.debian.org, debian-lts-changes@lists.debian.org
Subject: Accepted gpac 0.5.0+svn5324~dfsg1-1+deb8u5 (source amd64) into oldoldstable
From: Sylvain Beucler <beuc@debian.org>
Date: Mon, 20 Jan 2020 13:10:20 +0000
Mail-followup-to: debian-lts@lists.debian.org
Message-id: <E1itWou-00053M-NC@seger.debian.org>
Reply-to: debian-lts@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 20 Jan 2020 13:17:16 +0100
Source: gpac
Binary: gpac gpac-dbg gpac-modules-base libgpac3 libgpac-dbg libgpac-dev
Architecture: source amd64
Version: 0.5.0+svn5324~dfsg1-1+deb8u5
Distribution: jessie-security
Urgency: high
Maintainer: Debian Multimedia Maintainers <pkg-multimedia-maintainers@lists.alioth.debian.org>
Changed-By: Sylvain Beucler <beuc@debian.org>
Description:
 gpac       - GPAC Project on Advanced Content - utilities
 gpac-dbg   - GPAC Project on Advanced Content - debugging symbols
 gpac-modules-base - GPAC Project on Advanced Content - modules
 libgpac-dbg - GPAC Project on Advanced Content - debugging symbols for libgpac3
 libgpac-dev - GPAC Project on Advanced Content - development files
 libgpac3   - GPAC Project on Advanced Content - shared libraries
Changes:
 gpac (0.5.0+svn5324~dfsg1-1+deb8u5) jessie-security; urgency=high
 .
   * Non-maintainer upload by the LTS Security Team.
   * CVE-2019-20161: heap-based buffer overflow in the function
     ReadGF_IPMPX_WatermarkingInit() in odf/ipmpx_code.c.
   * CVE-2019-20162: heap-based buffer overflow in the function
     gf_isom_box_parse_ex() in isomedia/box_funcs.c.
   * CVE-2019-20163: NULL pointer dereference in the function
     gf_odf_avc_cfg_write_bs() in odf/descriptors.c.
   * CVE-2019-20165: NULL pointer dereference in the function
     ilst_item_Read() in isomedia/box_code_apple.c.
   * CVE-2019-20170: invalid pointer dereference in the function
     GF_IPMPX_AUTH_Delete() in odf/ipmpx_code.c.
   * CVE-2019-20171: memory leaks in metx_New in
     isomedia/box_code_base.c and abst_Read in
     isomedia/box_code_adobe.c.
   * CVE-2019-20208: dimC_Read in isomedia/box_code_3gpp.c in GPAC
     0.8.0 has a stack-based buffer overflow.
   * CVE-2019-20168: use-after-free in the function
     gf_isom_box_dump_ex() in isomedia/box_funcs.c.
   * CVE-2019-20169: use-after-free in the function trak_Read() in
     isomedia/box_code_base.c.
Checksums-Sha1:
 39565addf58a6271511493ea63ee3411d3fdd841 2431 gpac_0.5.0+svn5324~dfsg1-1+deb8u5.dsc
 576ca9d9ad896639b0bf4b61ac58ca6ab9a84845 40184 gpac_0.5.0+svn5324~dfsg1-1+deb8u5.debian.tar.xz
 0f45ca543dedf827e9f4654d12789a4d78194276 245412 gpac_0.5.0+svn5324~dfsg1-1+deb8u5_amd64.deb
 36643dc5909eb0c3b4632777a8c4ee2db44bcf77 1284442 gpac-dbg_0.5.0+svn5324~dfsg1-1+deb8u5_amd64.deb
 620c4386e105be061172931f2e2a8fe6b0ee68ee 234192 gpac-modules-base_0.5.0+svn5324~dfsg1-1+deb8u5_amd64.deb
 a8a21d9d778711aa430a267435d8845457a98d9a 1486086 libgpac3_0.5.0+svn5324~dfsg1-1+deb8u5_amd64.deb
 fc226170877b332bba089c55a46e0e4cc5a357b2 4839074 libgpac-dbg_0.5.0+svn5324~dfsg1-1+deb8u5_amd64.deb
 2497b174e24aaeb44189e81834600b0013901d99 1985068 libgpac-dev_0.5.0+svn5324~dfsg1-1+deb8u5_amd64.deb
Checksums-Sha256:
 ed2165d9a9f9763d9bdce738456140d4d4e955214f857e4b8e98aaf4b06b0ed4 2431 gpac_0.5.0+svn5324~dfsg1-1+deb8u5.dsc
 73e6e7449307ecdf2fa6cba6158838c6503caf64145c4d99ce6d08b5ca32677e 40184 gpac_0.5.0+svn5324~dfsg1-1+deb8u5.debian.tar.xz
 5700a7434bcbfa7c73ea1edc8e103f63a444d054963b023e0179967da0c018a9 245412 gpac_0.5.0+svn5324~dfsg1-1+deb8u5_amd64.deb
 9230709ffca25755bbaa7914005a4fa1164fb515e209c2915e6ffc82d40fbb62 1284442 gpac-dbg_0.5.0+svn5324~dfsg1-1+deb8u5_amd64.deb
 5926503c597796133460046ebd8a011055a6eb6fbcd11a265d298c31810c79fa 234192 gpac-modules-base_0.5.0+svn5324~dfsg1-1+deb8u5_amd64.deb
 d9f130d93df539d70cb5e45599517cf7a474617db397465246c7a01da699b6a4 1486086 libgpac3_0.5.0+svn5324~dfsg1-1+deb8u5_amd64.deb
 6e96b480a6a080ffe0e49eb8bb1f64393b219515b65970cc1d132b82318c932e 4839074 libgpac-dbg_0.5.0+svn5324~dfsg1-1+deb8u5_amd64.deb
 f35c8ef06d9d33a8fd62d6401fa07e4787116070748d27e8245d55686f049f05 1985068 libgpac-dev_0.5.0+svn5324~dfsg1-1+deb8u5_amd64.deb
Files:
 27ab058c58b40fb23d6c6e2395ef636d 2431 graphics optional gpac_0.5.0+svn5324~dfsg1-1+deb8u5.dsc
 5090537d06128da952f95269acec2bd3 40184 graphics optional gpac_0.5.0+svn5324~dfsg1-1+deb8u5.debian.tar.xz
 4cfab1145d04a112bfdda76ae931bc80 245412 graphics optional gpac_0.5.0+svn5324~dfsg1-1+deb8u5_amd64.deb
 dc3ef98b49deb9ccefcbd252bdf02c3e 1284442 debug extra gpac-dbg_0.5.0+svn5324~dfsg1-1+deb8u5_amd64.deb
 d9604af72b61d146b7a29145d3b9e12a 234192 graphics optional gpac-modules-base_0.5.0+svn5324~dfsg1-1+deb8u5_amd64.deb
 727f4e1c08f081a61fc2de7ae5da066f 1486086 libs optional libgpac3_0.5.0+svn5324~dfsg1-1+deb8u5_amd64.deb
 8991f571e1c82639bd97a93df6b2ce6c 4839074 debug extra libgpac-dbg_0.5.0+svn5324~dfsg1-1+deb8u5_amd64.deb
 91f9dda08c34c3fed7ed435c6d3fe861 1985068 libdevel optional libgpac-dev_0.5.0+svn5324~dfsg1-1+deb8u5_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQEzBAEBCgAdFiEEQic8GuN/xDR88HkSj/HLbo2JBZ8FAl4lokQACgkQj/HLbo2J
BZ+DtwgAgJmGmuVWNu5MzSTnO8ywnWQvpnAf8MCgjWtamGreO37YZYdF/CvH+2lz
9sKYJAYHuFGJe8kYWBgZ1ofTBjZXSDzNwv4t2+CiIM8zO7zr1sSpO45Gp5nuH46J
Xlhqbl6PiziEOOiBr8AH1JoGcLpDZ1NoofV5/gZwxKsvRJK4HIQsg0XiOSmUzcBy
wz5/d2+2s4ER8d9duvsyUSemZZhxioDBuSN+132U2lD6/Mo3C/rxEclr6oYam/lI
GdueGW8S93Xtx/OqNVRvLstGPjnedO6Wlp4cdsLy+02G2kZRPHfqiFllbLSdEfyo
qiJIDSh+JHrDGSAOhKvBInKviw72Tw==
=yoAN
-----END PGP SIGNATURE-----