Bug#1016142: gpac: CVE-2022-2549

To: submit@bugs.debian.org
Subject: Bug#1016142: gpac: CVE-2022-2549
From: Moritz Mühlenhoff <jmm@inutil.org>
Date: Wed, 27 Jul 2022 23:11:12 +0200
Message-id: <[🔎] YuGp8KnFJJU8dYzg@pisco.westfalen.local>
Reply-to: Moritz Mühlenhoff <jmm@inutil.org>, 1016142@bugs.debian.org

Source: gpac
X-Debbugs-CC: team@security.debian.org
Severity: important
Tags: security

Hi,

The following vulnerability was published for gpac.

CVE-2022-2549[0]:
| NULL Pointer Dereference in GitHub repository gpac/gpac prior to
| v2.1.0-DEV.

https://huntr.dev/bounties/c93083dc-177c-4ba0-ba83-9d7fb29a5537
https://github.com/gpac/gpac/commit/0102c5d4db7fdbf08b5b591b2a6264de33867a07

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2022-2549
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2549

Please adjust the affected versions in the BTS as needed.

Reply to:

Prev by Date: libbluray: FTBFS in bullseye: error: BDFileSystemImpl is not abstract and does not override abstract method isInvalid(File) in FileSystem
Next by Date: Processing of libgav1_0.18.0-1_source.changes
Previous by thread: Processed: Fwd: libbluray: FTBFS in bullseye: error: BDFileSystemImpl is not abstract and does not override abstract method isInvalid(File) in FileSystem
Next by thread: Processing of libgav1_0.18.0-1_source.changes
Index(es):
- Date
- Thread