Bug#921969: marked as done (CVE-2018-20760 CVE-2018-20761 CVE-2018-20762 CVE-2018-20763)
Your message dated Wed, 10 Apr 2019 18:00:11 +0000
with message-id <E1hEHW7-0006vW-3R@fasolo.debian.org>
and subject line Bug#921969: fixed in gpac 0.7.1+dfsg1-2
has caused the Debian Bug report #921969,
regarding CVE-2018-20760 CVE-2018-20761 CVE-2018-20762 CVE-2018-20763
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)
--
921969: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921969
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: CVE-2018-20760 CVE-2018-20761 CVE-2018-20762 CVE-2018-20763
- From: Moritz Muehlenhoff <jmm@debian.org>
- Date: Sun, 10 Feb 2019 19:48:12 +0100
- Message-id: <154982449283.5258.6021517030474298604.reportbug@hullmann.westfalen.local>
Source: gpac
Severity: grave
Tags: security
CVE-2018-20760:
https://github.com/gpac/gpac/commit/4c1360818fc8948e9307059fba4dc47ba8ad255d
https://github.com/gpac/gpac/issues/1177
CVE-2018-20761:
https://github.com/gpac/gpac/commit/35ab4475a7df9b2a4bcab235e379c0c3ec543658
https://github.com/gpac/gpac/issues/1186
CVE-2018-20762:
https://github.com/gpac/gpac/commit/35ab4475a7df9b2a4bcab235e379c0c3ec543658
https://github.com/gpac/gpac/issues/1187
CVE-2018-20763:
https://github.com/gpac/gpac/commit/1c449a34fe0b50aaffb881bfb9d7c5ab0bb18cdd
https://github.com/gpac/gpac/issues/1188
Cheers,
Moritz
--- End Message ---
--- Begin Message ---
Source: gpac
Source-Version: 0.7.1+dfsg1-2
We believe that the bug you reported is fixed in the latest version of
gpac, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 921969@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Reinhard Tartler <siretart@tauware.de> (supplier of updated gpac package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sun, 07 Apr 2019 12:19:28 -0400
Binary: gpac gpac-dbgsym gpac-modules-base gpac-modules-base-dbgsym libgpac7 libgpac7-dbgsym libgpac-dev
Source: gpac
Architecture: amd64 source
Version: 0.7.1+dfsg1-2
Distribution: experimental
Urgency: medium
Maintainer: Debian Multimedia Maintainers <debian-multimedia@lists.debian.org>
Changed-By: Reinhard Tartler <siretart@tauware.de>
Closes: 817194 892526 902782 921969
Description:
gpac - GPAC Project on Advanced Content - utilities
gpac-modules-base - GPAC Project on Advanced Content - modules
libgpac7 - GPAC Project on Advanced Content - shared libraries
libgpac-dev - GPAC Project on Advanced Content - development files
Changes:
gpac (0.7.1+dfsg1-2) experimental; urgency=medium
.
* Upload to experimental and mark the previous upload as
UNRELEASED. It was deemed unappropriate for this stage of the
Debian Release cycle.
.
gpac (0.7.1+dfsg1-1) UNRELEASED; urgency=medium
.
[ Balint Reczey ]
* Remove myself from Uploaders
.
[ Reinhard Tartler ]
* Update exclude lists
* New upstream version 0.7.1+dfsg1 (Closes: #817194)
* Add bugfix for CVE-2018-7752 (Closes: #892526)
* Add patch for CVE-2018-20760, CVE-2018-20762, CVE-2018-20763
(CVE-2018-20761 does not need addressing) (Closes: #921969)
* add patch for CVE-2018-13005, CVE-2018-13006 (Closes: #902782)
Checksums-Sha1:
e65e96e8e2426ba46cb2851726c207435f87dc93 2691 gpac_0.7.1+dfsg1-2.dsc
ca581b816ea4025db5e3ed9e75580ac540ab794b 43900 gpac_0.7.1+dfsg1-2.debian.tar.xz
f49e6bfbb57a297cdb24202d0185382d6d16b542 498936 gpac-dbgsym_0.7.1+dfsg1-2_amd64.deb
31ec99eb1a589c4414e55a8ed93edb229a6ac705 1248996 gpac-modules-base-dbgsym_0.7.1+dfsg1-2_amd64.deb
13d6340ce139e151a543f72ba77c37527cf449de 253524 gpac-modules-base_0.7.1+dfsg1-2_amd64.deb
ca81efea5c2861f69e87d56e5791f8e989f2a4d4 15759 gpac_0.7.1+dfsg1-2_amd64.buildinfo
6c6467a9bb85180daa8b4b20ed7f498a3a60ef9d 240136 gpac_0.7.1+dfsg1-2_amd64.deb
a102df1ab3e9367dfcae31c89fba22bc3e480141 2185596 libgpac-dev_0.7.1+dfsg1-2_amd64.deb
6e5f81e26802c6c00dcf914d7844a5879ac301a6 7027680 libgpac7-dbgsym_0.7.1+dfsg1-2_amd64.deb
010c35400b83b449c3af99dc17e0c7f7436815b0 1677884 libgpac7_0.7.1+dfsg1-2_amd64.deb
Checksums-Sha256:
14bbd5732b45338544301b280ae81afdae0572cdfae9ef2ec673d8af4b6e19c4 2691 gpac_0.7.1+dfsg1-2.dsc
e22b8157646aee1c33fcfaa0aeca653c38d216f78535c700a0012c842d358f56 43900 gpac_0.7.1+dfsg1-2.debian.tar.xz
46fa2a4e80b61ad615e34923973aa97238960b80f2164597faf9ea271a07df2a 498936 gpac-dbgsym_0.7.1+dfsg1-2_amd64.deb
4aa494796500030aba065cbee1631eae5a8362f11a25328f28d0027eb19209d7 1248996 gpac-modules-base-dbgsym_0.7.1+dfsg1-2_amd64.deb
4209097136859edf0a9bc5ee749cc01d52f6a0f8e8e730a447810c3d88845fdf 253524 gpac-modules-base_0.7.1+dfsg1-2_amd64.deb
689755d8faeb14b342cd30e70d755cfc17d873863776e4d589e0b7a51c3ac676 15759 gpac_0.7.1+dfsg1-2_amd64.buildinfo
c3eb44dd84635721fbf9efb533b6586efe8ed08e05674f8823869e5d4d8ec330 240136 gpac_0.7.1+dfsg1-2_amd64.deb
633d414edd066d6334ef5fd315815c6f6026a358b35fcc3a4cb793ccb94a134e 2185596 libgpac-dev_0.7.1+dfsg1-2_amd64.deb
d28b9859c020c188b8b9abb640bb3429d0aaec57524e2e4e089c82340c17f397 7027680 libgpac7-dbgsym_0.7.1+dfsg1-2_amd64.deb
cce872e72bbd99961d3c5381ff8cf0ecdd63c147e0407535283ffc77a95b1d02 1677884 libgpac7_0.7.1+dfsg1-2_amd64.deb
Files:
2c6d902a528a5a4021bed068cacefe6a 2691 graphics optional gpac_0.7.1+dfsg1-2.dsc
71f8ce2998bfc9fa4ee2bb87b0a6e117 43900 graphics optional gpac_0.7.1+dfsg1-2.debian.tar.xz
e01a91af3122744c44dd07179c9be0e7 498936 debug optional gpac-dbgsym_0.7.1+dfsg1-2_amd64.deb
ef33ee2fbf4386275db02b316afed93e 1248996 debug optional gpac-modules-base-dbgsym_0.7.1+dfsg1-2_amd64.deb
6d124dc8bb3aab81830db61819e58679 253524 graphics optional gpac-modules-base_0.7.1+dfsg1-2_amd64.deb
db5949d662ecc8c2bab25733ec1ea295 15759 graphics optional gpac_0.7.1+dfsg1-2_amd64.buildinfo
11116908e19c506decb1845482585338 240136 graphics optional gpac_0.7.1+dfsg1-2_amd64.deb
7d0876610d426193d3a61814febdab7e 2185596 libdevel optional libgpac-dev_0.7.1+dfsg1-2_amd64.deb
a122a3e4407f5677fb11691164082e3b 7027680 debug optional libgpac7-dbgsym_0.7.1+dfsg1-2_amd64.deb
7dd36341e6a2e5c8ccc630d399ff8bce 1677884 libs optional libgpac7_0.7.1+dfsg1-2_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQJIBAEBCAAyFiEE6n5rckvJ+/LRcetya3IL6cXPbZ4FAlyqNLsUHHNpcmV0YXJ0
QHRhdXdhcmUuZGUACgkQa3IL6cXPbZ6j5BAAiwpjxQrpidwlVfSOcg47BMwQQloy
8RksT93kJgroY3IyPL0zJlc19U32o7sD6+n7XJ04Z0gT4RqRXhBUnTP4OF33c3Cz
XVf+jSbUm69ax8/03izb2c54ceGlxDj6qe15gPZzVptFl0ZCP+O5oCj3XCBwu9OB
UigY6ZM1YX28c0dW5H2qAxDVJEPjWDXlo8LykzdvTmFDrGbtkAeSRD5/u+FGpAgJ
MXkfHh9WxPrqkk1pE6UsrEZ5zd4qbQP7KjlH+YygGFL4vnc+an6F2NjCET3UTSWj
uDM7AQNkiKf87MBj16vJbc88hPYEiLoROgtfP1RugsN2RZsBsKysjFn8D/FSPqBx
gtaCTEqLvoahPAM5a+/IpTTcODysI6D0GweqTeIX2+FqutsICmZJ6hHQlFVTlZM2
IvsEkMZyRO4n6KMAgTsiI4ddIGCCIFWcrBrII0BTDtjbqkWrgCXEFNGmIBDilqRK
uBY0OFgSMXpfII1uf64qO0UyTvnwplmqs2t08e5lj16RElSsY333z8tzhxIyKaw/
8du2JXtbiLWUxejMVw9lQCPRqdILbUskngvIGjlJSHVSfEYCCtVgxkCQZ42U8RXz
/AA1JK10qEleW81Vv2bnt6dc6jZMOLYrWEy5fdF5fIjpbhmjW0CHUDlO8Mly15Wd
tEamzGerONfKWHM=
=jDby
-----END PGP SIGNATURE-----
--- End Message ---
Reply to: