Bug#926739: marked as done (stretch-pu: package gpac/0.5.2-426-gc5ad4e4+dfsg5-3+deb9u1)

["Debian Bug Tracking System" <owner@bugs.debian.org>]

Your message dated Sat, 27 Apr 2019 11:14:32 +0100
with message-id <1556360072.2690.35.camel@adam-barratt.org.uk>
and subject line Closing bugs for updates included in 9.9
has caused the Debian Bug report #926739,
regarding stretch-pu: package gpac/0.5.2-426-gc5ad4e4+dfsg5-3+deb9u1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
926739: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926739
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: Debian Bug Tracking System <submit@bugs.debian.org>
• Subject: stretch-pu: package gpac/0.5.2-426-gc5ad4e4+dfsg5-3+deb9u1
• From: Moritz Muehlenhoff <jmm@debian.org>
• Date: Tue, 09 Apr 2019 21:39:41 +0200
• Message-id: <[🔎] 155483878125.7688.17188904280317426181.reportbug@hullmann.westfalen.local>

Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian.org@packages.debian.org
Usertags: pu

Fixes a number of minor issues, same patches are also in unstable for a week.

Cheers,
        Moritz

diff -Nru gpac-0.5.2-426-gc5ad4e4+dfsg5/debian/changelog gpac-0.5.2-426-gc5ad4e4+dfsg5/debian/changelog
--- gpac-0.5.2-426-gc5ad4e4+dfsg5/debian/changelog	2016-08-04 23:29:39.000000000 +0200
+++ gpac-0.5.2-426-gc5ad4e4+dfsg5/debian/changelog	2019-03-04 23:37:26.000000000 +0100
@@ -1,3 +1,12 @@
+gpac (0.5.2-426-gc5ad4e4+dfsg5-3+deb9u1) stretch; urgency=medium
+
+  * CVE-2018-7752 (Closes: #892526)
+  * CVE-2018-13005, CVE-2018-13006 (Closes: #902782)
+  * CVE-2018-20760, CVE-2018-20761, CVE-2018-20762, CVE-2018-20763
+    (Closes: #921969)
+
+ -- Moritz Mühlenhoff <jmm@debian.org>  Mon, 04 Mar 2019 23:37:26 +0100
+
 gpac (0.5.2-426-gc5ad4e4+dfsg5-3) unstable; urgency=medium
 
   * Team upload.
diff -Nru gpac-0.5.2-426-gc5ad4e4+dfsg5/debian/patches/CVE-2018-13005_CVE-2018-13006.patch gpac-0.5.2-426-gc5ad4e4+dfsg5/debian/patches/CVE-2018-13005_CVE-2018-13006.patch
--- gpac-0.5.2-426-gc5ad4e4+dfsg5/debian/patches/CVE-2018-13005_CVE-2018-13006.patch	1970-01-01 01:00:00.000000000 +0100
+++ gpac-0.5.2-426-gc5ad4e4+dfsg5/debian/patches/CVE-2018-13005_CVE-2018-13006.patch	2019-03-04 23:13:09.000000000 +0100
@@ -0,0 +1,38 @@
+From bceb03fd2be95097a7b409ea59914f332fb6bc86 Mon Sep 17 00:00:00 2001
+From: Aurelien David <aurelien.david@telecom-paristech.fr>
+Date: Thu, 28 Jun 2018 13:34:08 +0200
+Subject: [PATCH] fixed 2 possible heap overflows (inc. #1088)
+
+--- gpac-0.5.2-426-gc5ad4e4+dfsg5.orig/include/gpac/internal/isomedia_dev.h
++++ gpac-0.5.2-426-gc5ad4e4+dfsg5/include/gpac/internal/isomedia_dev.h
+@@ -2988,7 +2988,7 @@ GF_GenericSubtitleSample *gf_isom_parse_
+ 		char __ptype[5];\
+ 		strcpy(__ptype, gf_4cc_to_str(__parent->type) );\
+ 		GF_LOG(GF_LOG_WARNING, GF_LOG_CONTAINER, ("[iso file] extra box %s found in %s, deleting\n", gf_4cc_to_str(__abox->type), __ptype)); \
+-		gf_isom_box_del(a);\
++		gf_isom_box_del(__abox);\
+ 		return GF_OK;\
+ 	}
+ 
+--- gpac-0.5.2-426-gc5ad4e4+dfsg5.orig/src/isomedia/box_code_base.c
++++ gpac-0.5.2-426-gc5ad4e4+dfsg5/src/isomedia/box_code_base.c
+@@ -619,7 +619,7 @@ GF_Err urn_Read(GF_Box *s, GF_BitStream
+ 
+ 	//then get the break
+ 	i = 0;
+-	while ( (tmpName[i] != 0) && (i < to_read) ) {
++	while ( (i < to_read) && (tmpName[i] != 0) ) {
+ 		i++;
+ 	}
+ 	//check the data is consistent
+--- gpac-0.5.2-426-gc5ad4e4+dfsg5.orig/src/isomedia/box_dump.c
++++ gpac-0.5.2-426-gc5ad4e4+dfsg5/src/isomedia/box_dump.c
+@@ -988,7 +988,7 @@ GF_Err dpin_dump(GF_Box *a, FILE * trace
+ GF_Err hdlr_dump(GF_Box *a, FILE * trace)
+ {
+ 	GF_HandlerBox *p = (GF_HandlerBox *)a;
+-	if (p->nameUTF8 && (u32) p->nameUTF8[0] == strlen(p->nameUTF8+1)) {
++	if (p->nameUTF8 && (u32) p->nameUTF8[0] == strlen(p->nameUTF8)-1) {
+ 		fprintf(trace, "<HandlerBox Type=\"%s\" Name=\"%s\" ", gf_4cc_to_str(p->handlerType), p->nameUTF8+1);
+ 	} else {
+ 		fprintf(trace, "<HandlerBox Type=\"%s\" Name=\"%s\" ", gf_4cc_to_str(p->handlerType), p->nameUTF8);
diff -Nru gpac-0.5.2-426-gc5ad4e4+dfsg5/debian/patches/CVE-2018-20760.patch gpac-0.5.2-426-gc5ad4e4+dfsg5/debian/patches/CVE-2018-20760.patch
--- gpac-0.5.2-426-gc5ad4e4+dfsg5/debian/patches/CVE-2018-20760.patch	1970-01-01 01:00:00.000000000 +0100
+++ gpac-0.5.2-426-gc5ad4e4+dfsg5/debian/patches/CVE-2018-20760.patch	2019-03-04 23:13:47.000000000 +0100
@@ -0,0 +1,16 @@
+From 4c1360818fc8948e9307059fba4dc47ba8ad255d Mon Sep 17 00:00:00 2001
+From: Aurelien David <aurelien.david@telecom-paristech.fr>
+Date: Thu, 13 Dec 2018 14:39:21 +0100
+Subject: [PATCH] check error code on call to gf_utf8_wcstombs (#1177)
+
+--- gpac-0.5.2-426-gc5ad4e4+dfsg5.orig/src/media_tools/text_import.c
++++ gpac-0.5.2-426-gc5ad4e4+dfsg5/src/media_tools/text_import.c
+@@ -259,6 +259,8 @@ char *gf_text_get_utf8_line(char *szLine
+ 	}
+ 	sptr = (u16 *)szLine;
+ 	i = (u32) gf_utf8_wcstombs(szLineConv, 1024, (const unsigned short **) &sptr);
++	if (i >= (u32)ARRAY_LENGTH(szLineConv))
++		return NULL;
+ 	szLineConv[i] = 0;
+ 	strcpy(szLine, szLineConv);
+ 	/*this is ugly indeed: since input is UTF16-LE, there are many chances the fgets never reads the \0 after a \n*/
diff -Nru gpac-0.5.2-426-gc5ad4e4+dfsg5/debian/patches/CVE-2018-20761_CVE-2018-20762.patch gpac-0.5.2-426-gc5ad4e4+dfsg5/debian/patches/CVE-2018-20761_CVE-2018-20762.patch
--- gpac-0.5.2-426-gc5ad4e4+dfsg5/debian/patches/CVE-2018-20761_CVE-2018-20762.patch	1970-01-01 01:00:00.000000000 +0100
+++ gpac-0.5.2-426-gc5ad4e4+dfsg5/debian/patches/CVE-2018-20761_CVE-2018-20762.patch	2019-03-04 23:14:31.000000000 +0100
@@ -0,0 +1,147 @@
+From 35ab4475a7df9b2a4bcab235e379c0c3ec543658 Mon Sep 17 00:00:00 2001
+From: Aurelien David <aurelien.david@telecom-paristech.fr>
+Date: Fri, 11 Jan 2019 11:32:54 +0100
+Subject: [PATCH] fix some overflows due to strcpy
+
+fixes #1184, #1186, #1187 among other things
+
+--- gpac-0.5.2-426-gc5ad4e4+dfsg5.orig/applications/mp4box/fileimport.c
++++ gpac-0.5.2-426-gc5ad4e4+dfsg5/applications/mp4box/fileimport.c
+@@ -2119,17 +2119,33 @@ GF_Err cat_multiple_files(GF_ISOFile *de
+ 	cat_enum.align_timelines = align_timelines;
+ 	cat_enum.allow_add_in_command = allow_add_in_command;
+ 
++	if (strlen(fileName) >= sizeof(cat_enum.szPath)) {
++		GF_LOG(GF_LOG_ERROR, GF_LOG_CONTAINER, ("File name %s is too long.\n", fileName));
++		return GF_NOT_SUPPORTED;
++	}
+ 	strcpy(cat_enum.szPath, fileName);
+ 	sep = strrchr(cat_enum.szPath, GF_PATH_SEPARATOR);
+ 	if (!sep) sep = strrchr(cat_enum.szPath, '/');
+ 	if (!sep) {
+ 		strcpy(cat_enum.szPath, ".");
++		if (strlen(fileName) >= sizeof(cat_enum.szRad1)) {
++			GF_LOG(GF_LOG_ERROR, GF_LOG_CONTAINER, ("File name %s is too long.\n", fileName));
++			return GF_NOT_SUPPORTED;
++		}
+ 		strcpy(cat_enum.szRad1, fileName);
+ 	} else {
++		if (strlen(sep + 1) >= sizeof(cat_enum.szRad1)) {
++			GF_LOG(GF_LOG_ERROR, GF_LOG_CONTAINER, ("File name %s is too long.\n", (sep + 1)));
++			return GF_NOT_SUPPORTED;
++		}
+ 		strcpy(cat_enum.szRad1, sep+1);
+ 		sep[0] = 0;
+ 	}
+ 	sep = strchr(cat_enum.szRad1, '*');
++	if (strlen(sep + 1) >= sizeof(cat_enum.szRad2)) {
++		GF_LOG(GF_LOG_ERROR, GF_LOG_CONTAINER, ("File name %s is too long.\n", (sep + 1)));
++		return GF_NOT_SUPPORTED;
++	}
+ 	strcpy(cat_enum.szRad2, sep+1);
+ 	sep[0] = 0;
+ 	sep = strchr(cat_enum.szRad2, '%');
+@@ -2137,6 +2153,10 @@ GF_Err cat_multiple_files(GF_ISOFile *de
+ 	if (!sep) sep = strchr(cat_enum.szRad2, ':');
+ 	strcpy(cat_enum.szOpt, "");
+ 	if (sep) {
++		if (strlen(sep) >= sizeof(cat_enum.szOpt)) {
++			GF_LOG(GF_LOG_ERROR, GF_LOG_CONTAINER, ("Invalid option: %s.\n", sep));
++			return GF_NOT_SUPPORTED;
++		}
+ 		strcpy(cat_enum.szOpt, sep);
+ 		sep[0] = 0;
+ 	}
+--- gpac-0.5.2-426-gc5ad4e4+dfsg5.orig/applications/mp4client/main.c
++++ gpac-0.5.2-426-gc5ad4e4+dfsg5/applications/mp4client/main.c
+@@ -885,7 +885,8 @@ Bool GPAC_EventProc(void *ptr, GF_Event
+ 		break;
+ 	case GF_EVENT_NAVIGATE:
+ 		if (gf_term_is_supported_url(term, evt->navigate.to_url, 1, no_mime_check)) {
+-			strcpy(the_url, evt->navigate.to_url);
++			strncpy(the_url, evt->navigate.to_url, sizeof(the_url)-1);
++			the_url[sizeof(the_url) - 1] = 0;
+ 			fprintf(stderr, "Navigating to URL %s\n", the_url);
+ 			gf_term_navigate_to(term, evt->navigate.to_url);
+ 			return 1;
+@@ -1534,7 +1535,14 @@ int main (int argc, char **argv)
+ 	else if (!gui_mode && url_arg) {
+ 		char *ext;
+ 
+-		strcpy(the_url, url_arg);
++		if (strlen(url_arg) >= sizeof(the_url)) {
++			fprintf(stderr, "Input url %s is too long, truncating to %d chars.\n", url_arg, (int)(sizeof(the_url) - 1));
++			strncpy(the_url, url_arg, sizeof(the_url)-1);
++			the_url[sizeof(the_url) - 1] = 0;
++		}
++		else {
++			strcpy(the_url, url_arg);
++		}
+ 		ext = strrchr(the_url, '.');
+ 		if (ext && (!stricmp(ext, ".m3u") || !stricmp(ext, ".pls"))) {
+ 			GF_Err e = GF_OK;
+@@ -1546,7 +1554,10 @@ int main (int argc, char **argv)
+ 				GF_DownloadSession *sess = gf_dm_sess_new(term->downloader, the_url, GF_NETIO_SESSION_NOT_THREADED, NULL, NULL, &e);
+ 				if (sess) {
+ 					e = gf_dm_sess_process(sess);
+-					if (!e) strcpy(the_url, gf_dm_sess_get_cache_name(sess));
++					if (!e) {
++						strncpy(the_url, gf_dm_sess_get_cache_name(sess), sizeof(the_url) - 1);
++						the_url[sizeof(the_cfg) - 1] = 0;
++					}
+ 					gf_dm_sess_del(sess);
+ 				}
+ 			}
+@@ -1574,7 +1585,8 @@ int main (int argc, char **argv)
+ 		fprintf(stderr, "Hit 'h' for help\n\n");
+ 		str = gf_cfg_get_key(cfg_file, "General", "StartupFile");
+ 		if (str) {
+-			strcpy(the_url, "MP4Client "GPAC_FULL_VERSION);
++			strncpy(the_url, "MP4Client "GPAC_FULL_VERSION , sizeof(the_url)-1);
++			the_url[sizeof(the_url) - 1] = 0;
+ 			gf_term_connect(term, str);
+ 			startup_file = 1;
+ 			is_connected = 1;
+--- gpac-0.5.2-426-gc5ad4e4+dfsg5.orig/modules/ffmpeg_in/ffmpeg_demux.c
++++ gpac-0.5.2-426-gc5ad4e4+dfsg5/modules/ffmpeg_in/ffmpeg_demux.c
+@@ -227,7 +227,7 @@ static Bool FFD_CanHandleURL(GF_InputSer
+ 	AVFormatContext *ctx;
+ 	AVOutputFormat *fmt_out;
+ 	Bool ret = 0;
+-	char *ext, szName[1000], szExt[20];
++	char *ext, szName[1024], szExt[20];
+ 	const char *szExtList;
+ 	FFDemux *ffd;
+ 	if (!plug || !url)
+@@ -243,6 +243,9 @@ static Bool FFD_CanHandleURL(GF_InputSer
+ 
+ 	ffd = plug->priv;
+ 
++	if (strlen(url) >= sizeof(szName))
++		return GF_FALSE;
++
+ 	strcpy(szName, url);
+ 	ext = strrchr(szName, '#');
+ 	if (ext) ext[0] = 0;
+@@ -252,7 +255,7 @@ static Bool FFD_CanHandleURL(GF_InputSer
+ 	ext = strrchr(szName, '.');
+ 	if (ext && strlen(ext) > 19) ext = NULL;
+ 
+-	if (ext && strlen(ext) > 1) {
++	if (ext && strlen(ext) > 1 && strlen(ext) <= sizeof(szExt)) {
+ 		strcpy(szExt, &ext[1]);
+ 		strlwr(szExt);
+ #ifndef FFMPEG_DEMUX_ENABLE_MPEG2TS
+--- gpac-0.5.2-426-gc5ad4e4+dfsg5.orig/src/scene_manager/scene_manager.c
++++ gpac-0.5.2-426-gc5ad4e4+dfsg5/src/scene_manager/scene_manager.c
+@@ -642,6 +642,10 @@ GF_Err gf_sm_load_init(GF_SceneLoader *l
+ 				ext[0] = '.';
+ 				ext = anext;
+ 			}
++			if (strlen(ext) < 2 || strlen(ext) > sizeof(szExt)) {
++				GF_LOG(GF_LOG_ERROR, GF_LOG_SCENE, ("[Scene Manager] invalid extension in file name %s\n", load->fileName));
++				return GF_NOT_SUPPORTED;
++			}
+ 			strcpy(szExt, &ext[1]);
+ 			strlwr(szExt);
+ 			if (strstr(szExt, "bt")) load->type = GF_SM_LOAD_BT;
diff -Nru gpac-0.5.2-426-gc5ad4e4+dfsg5/debian/patches/CVE-2018-20763.patch gpac-0.5.2-426-gc5ad4e4+dfsg5/debian/patches/CVE-2018-20763.patch
--- gpac-0.5.2-426-gc5ad4e4+dfsg5/debian/patches/CVE-2018-20763.patch	1970-01-01 01:00:00.000000000 +0100
+++ gpac-0.5.2-426-gc5ad4e4+dfsg5/debian/patches/CVE-2018-20763.patch	2019-03-04 23:14:59.000000000 +0100
@@ -0,0 +1,109 @@
+From 1c449a34fe0b50aaffb881bfb9d7c5ab0bb18cdd Mon Sep 17 00:00:00 2001
+From: Aurelien David <aurelien.david@telecom-paristech.fr>
+Date: Fri, 11 Jan 2019 14:05:16 +0100
+Subject: [PATCH] add some boundary checks on gf_text_get_utf8_line (#1188)
+
+--- gpac-0.5.2-426-gc5ad4e4+dfsg5.orig/src/media_tools/text_import.c
++++ gpac-0.5.2-426-gc5ad4e4+dfsg5/src/media_tools/text_import.c
+@@ -195,49 +195,76 @@ char *gf_text_get_utf8_line(char *szLine
+ 	if (unicode_type<=1) {
+ 		j=0;
+ 		len = (u32) strlen(szLine);
+-		for (i=0; i<len; i++) {
++		for (i=0; i<len && j < sizeof(szLineConv) - 1; i++, j++) {
++
+ 			if (!unicode_type && (szLine[i] & 0x80)) {
+ 				/*non UTF8 (likely some win-CP)*/
+ 				if ((szLine[i+1] & 0xc0) != 0x80) {
+-					szLineConv[j] = 0xc0 | ( (szLine[i] >> 6) & 0x3 );
+-					j++;
+-					szLine[i] &= 0xbf;
++					if (j + 1 < sizeof(szLineConv) - 1) {
++						szLineConv[j] = 0xc0 | ((szLine[i] >> 6) & 0x3);
++						j++;
++						szLine[i] &= 0xbf;
++					}
++					else
++						break;
+ 				}
+ 				/*UTF8 2 bytes char*/
+ 				else if ( (szLine[i] & 0xe0) == 0xc0) {
+-					szLineConv[j] = szLine[i];
+-					i++;
+-					j++;
++
++					// don't cut multibyte in the middle in there is no more room in dest
++					if (j + 1 < sizeof(szLineConv) - 1 && i + 1 < len) {
++						szLineConv[j] = szLine[i];
++						i++;
++						j++;
++					}
++					else {
++						break;
++					}
+ 				}
+ 				/*UTF8 3 bytes char*/
+ 				else if ( (szLine[i] & 0xf0) == 0xe0) {
+-					szLineConv[j] = szLine[i];
+-					i++;
+-					j++;
+-					szLineConv[j] = szLine[i];
+-					i++;
+-					j++;
++					if (j + 2 < sizeof(szLineConv) - 1 && i + 2 < len) {
++						szLineConv[j] = szLine[i];
++						i++;
++						j++;
++						szLineConv[j] = szLine[i];
++						i++;
++						j++;
++					}
++					else {
++						break;
++					}
+ 				}
+ 				/*UTF8 4 bytes char*/
+ 				else if ( (szLine[i] & 0xf8) == 0xf0) {
+-					szLineConv[j] = szLine[i];
+-					i++;
+-					j++;
+-					szLineConv[j] = szLine[i];
+-					i++;
+-					j++;
+-					szLineConv[j] = szLine[i];
+-					i++;
+-					j++;
++					if (j + 3 < sizeof(szLineConv) - 1 && i + 3 < len) {
++						szLineConv[j] = szLine[i];
++						i++;
++						j++;
++						szLineConv[j] = szLine[i];
++						i++;
++						j++;
++						szLineConv[j] = szLine[i];
++						i++;
++						j++;
++					}
++					else {
++						break;
++					}
+ 				} else {
+ 					i+=1;
+ 					continue;
+ 				}
+ 			}
+-			szLineConv[j] = szLine[i];
+-			j++;
++			if (j < sizeof(szLineConv)-1 && i<len)
++				szLineConv[j] = szLine[i];
++
+ 		}
+-		szLineConv[j] = 0;
++		if (j >= sizeof(szLineConv))
++			szLineConv[sizeof(szLineConv) - 1] = 0;
++		else
++			szLineConv[j] = 0;
++
+ 		strcpy(szLine, szLineConv);
+ 		return sOK;
+ 	}
diff -Nru gpac-0.5.2-426-gc5ad4e4+dfsg5/debian/patches/CVE-2018-7752.patch gpac-0.5.2-426-gc5ad4e4+dfsg5/debian/patches/CVE-2018-7752.patch
--- gpac-0.5.2-426-gc5ad4e4+dfsg5/debian/patches/CVE-2018-7752.patch	1970-01-01 01:00:00.000000000 +0100
+++ gpac-0.5.2-426-gc5ad4e4+dfsg5/debian/patches/CVE-2018-7752.patch	2019-03-04 23:12:30.000000000 +0100
@@ -0,0 +1,28 @@
+From 90dc7f853d31b0a4e9441cba97feccf36d8b69a4 Mon Sep 17 00:00:00 2001
+From: Aurelien David <aurelien.david@telecom-paristech.fr>
+Date: Tue, 6 Mar 2018 11:23:31 +0100
+Subject: [PATCH] fix some exploitable overflows (#994, #997)
+
+--- gpac-0.5.2-426-gc5ad4e4+dfsg5.orig/include/gpac/tools.h
++++ gpac-0.5.2-426-gc5ad4e4+dfsg5/include/gpac/tools.h
+@@ -999,6 +999,7 @@ void gf_fm_request_call(u32 type, u32 pa
+ }
+ #endif
+ 
++#define ARRAY_LENGTH(a) (sizeof(a) / sizeof((a)[0]))
+ 
+ #endif		/*_GF_CORE_H_*/
+ 
+--- gpac-0.5.2-426-gc5ad4e4+dfsg5.orig/src/media_tools/av_parsers.c
++++ gpac-0.5.2-426-gc5ad4e4+dfsg5/src/media_tools/av_parsers.c
+@@ -2160,6 +2160,10 @@ s32 gf_media_avc_read_sps(const char *sp
+ 		sps->offset_for_non_ref_pic = bs_get_se(bs);
+ 		sps->offset_for_top_to_bottom_field = bs_get_se(bs);
+ 		sps->poc_cycle_length = bs_get_ue(bs);
++		if (sps->poc_cycle_length > ARRAY_LENGTH(sps->offset_for_ref_frame)) {
++			GF_LOG(GF_LOG_ERROR, GF_LOG_CODING, ("[avc-h264] offset_for_ref_frame overflow from poc_cycle_length\n"));
++			goto exit;
++		}
+ 		for(i=0; i<sps->poc_cycle_length; i++) sps->offset_for_ref_frame[i] = bs_get_se(bs);
+ 	}
+ 	if (sps->poc_type > 2) {
diff -Nru gpac-0.5.2-426-gc5ad4e4+dfsg5/debian/patches/series gpac-0.5.2-426-gc5ad4e4+dfsg5/debian/patches/series
--- gpac-0.5.2-426-gc5ad4e4+dfsg5/debian/patches/series	2016-08-04 21:51:54.000000000 +0200
+++ gpac-0.5.2-426-gc5ad4e4+dfsg5/debian/patches/series	2019-03-04 23:14:46.000000000 +0100
@@ -5,3 +5,8 @@
 dont-err-build-on-uknown-system.patch
 skip-swf-test.patch
 ffmpeg_2.9.patch
+CVE-2018-7752.patch
+CVE-2018-13005_CVE-2018-13006.patch
+CVE-2018-20760.patch
+CVE-2018-20761_CVE-2018-20762.patch
+CVE-2018-20763.patch

--- End Message ---

--- Begin Message ---

• To: 890889-done@bugs.debian.org, 892070-done@bugs.debian.org, 910805-done@bugs.debian.org, 914187-done@bugs.debian.org, 914591-done@bugs.debian.org, 919043-done@bugs.debian.org, 919576-done@bugs.debian.org, 921748-done@bugs.debian.org, 921977-done@bugs.debian.org, 921983-done@bugs.debian.org, 922918-done@bugs.debian.org, 922987-done@bugs.debian.org, 922996-done@bugs.debian.org, 923202-done@bugs.debian.org, 923323-done@bugs.debian.org, 923342-done@bugs.debian.org, 923556-done@bugs.debian.org, 923897-done@bugs.debian.org, 924145-done@bugs.debian.org, 924150-done@bugs.debian.org, 924255-done@bugs.debian.org, 924261-done@bugs.debian.org, 924282-done@bugs.debian.org, 924377-done@bugs.debian.org, 924433-done@bugs.debian.org, 924463-done@bugs.debian.org, 924493-done@bugs.debian.org, 924642-done@bugs.debian.org, 924939-done@bugs.debian.org, 924945-done@bugs.debian.org, 925154-done@bugs.debian.org, 925161-done@bugs.debian.org, 925214-done@bugs.debian.org, 925228-done@bugs.debian.org, 925351-done@bugs.debian.org, 925401-done@bugs.debian.org, 925482-done@bugs.debian.org, 925506-done@bugs.debian.org, 925548-done@bugs.debian.org, 925569-done@bugs.debian.org, 926003-done@bugs.debian.org, 926050-done@bugs.debian.org, 926136-done@bugs.debian.org, 926190-done@bugs.debian.org, 926199-done@bugs.debian.org, 926397-done@bugs.debian.org, 926438-done@bugs.debian.org, 926506-done@bugs.debian.org, 926739-done@bugs.debian.org, 926870-done@bugs.debian.org, 926892-done@bugs.debian.org, 926894-done@bugs.debian.org, 926897-done@bugs.debian.org, 927067-done@bugs.debian.org, 927068-done@bugs.debian.org, 927072-done@bugs.debian.org, 927160-done@bugs.debian.org, 927191-done@bugs.debian.org, 927223-done@bugs.debian.org, 927378-done@bugs.debian.org, 927422-done@bugs.debian.org, 927424-done@bugs.debian.org, 922484-done@bugs.debian.org
• Subject: Closing bugs for updates included in 9.9
• From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
• Date: Sat, 27 Apr 2019 11:14:32 +0100
• Message-id: <1556360072.2690.35.camel@adam-barratt.org.uk>

Version: 9.9

Hi,

The update referenced by each of these bugs was included in this
morning's stretch point release.

Regards,

Adam

--- End Message ---