Package "gpac"
Name: |
gpac
|
Description: |
GPAC Project on Advanced Content - utilities
|
Latest version: |
0.5.2-426-gc5ad4e4+dfsg5-3ubuntu0.1 |
Release: |
bionic (18.04) |
Level: |
security |
Repository: |
universe |
Homepage: |
http://gpac.wp.mines-telecom.fr/ |
Links
Download "gpac"
Other versions of "gpac" in Bionic
Packages in group
Deleted packages are displayed in grey.
Changelog
gpac (0.5.2-426-gc5ad4e4+dfsg5-3ubuntu0.1) bionic-security; urgency=medium
* SECURITY UPDATE: Fix multiple buffer overflow issues
- debian/patches/CVE-2018-7752-CVE-2018-1000100.patch: fix buffer overflow
in the gf_media_avc_read_sps
- debian/patches/CVE-2018-13005-CVE-2018-13006.patch: fixed 2 possible
heap overflows
- debian/patches/CVE-2018-20760.patch: check error code on call to
gf_utf8_wcstombs
- debian/patches/CVE-2018-20761-CVE-2018-20762.patch: fix some overflows
due to strcpy
- debian/patches/CVE-2018-20763.patch: add some boundary checks on
gf_text_get_utf8_line
- CVE-2018-7752
- CVE-2018-13005
- CVE-2018-13006
- CVE-2018-20760
- CVE-2018-20761
- CVE-2018-20762
- CVE-2018-20763
- CVE-2018-1000100
-- Paulo Flabiano Smorigo <email address hidden> Tue, 19 Mar 2019 17:18:01 -0300
|
CVE-2018-7752 |
GPAC through 0.7.1 has a Buffer Overflow in the gf_media_avc_read_sps function in media_tools/av_parsers.c, a different vulnerability than CVE-2018-1 |
CVE-2018-1000100 |
GPAC MP4Box version 0.7.1 and earlier contains a Buffer Overflow vulnerability in src/isomedia/avc_ext.c lines 2417 to 2420 that can result in Heap c |
CVE-2018-13005 |
An issue was discovered in MP4Box in GPAC 0.7.1. The function urn_Read in isomedia/box_code_base.c has a heap-based buffer over-read. |
CVE-2018-13006 |
An issue was discovered in MP4Box in GPAC 0.7.1. There is a heap-based buffer over-read in the isomedia/box_dump.c function hdlr_dump. |
CVE-2018-20760 |
In GPAC 0.7.2, gf_text_get_utf8_line in media_tools/text_import.c in libgpac_static.a allows an out-of-bounds write because a certain -1 return value |
CVE-2018-20761 |
GPAC version 0.7.2 and earlier has a Buffer Overflow vulnerability in the gf_sm_load_init function in scene_manager.c in libgpac_static.a. |
CVE-2018-20762 |
GPAC version 0.7.2 and earlier has a buffer overflow vulnerability in the cat_multiple_files function in applications/mp4box/fileimport.c when MP4Box |
CVE-2018-20763 |
In GPAC through 0.7.2, gf_text_get_utf8_line in media_tools/text_import.c in libgpac_static.a allows an out-of-bounds write because of missing szLine |
|
About
-
Send Feedback to @ubuntu_updates