Bug#932242: gpac: CVE-2019-13618
Source: gpac
Version: 0.5.2-426-gc5ad4e4+dfsg5-5
Severity: important
Tags: security upstream
Forwarded: https://github.com/gpac/gpac/issues/1250
Control: found -1 0.5.2-426-gc5ad4e4+dfsg5-3+deb9u1
Control: found -1 0.5.2-426-gc5ad4e4+dfsg5-3
Hi,
The following vulnerability was published for gpac.
CVE-2019-13618[0]:
| In GPAC before 0.8.0, isomedia/isom_read.c in libgpac.a has a heap-
| based buffer over-read, as demonstrated by a crash in gf_m2ts_sync in
| media_tools/mpegts.c.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2019-13618
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13618
[1] https://github.com/gpac/gpac/issues/1250
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
Reply to: