Description: "GPAC 0.7.1 has a memory leak in dinf_Read in isomedia/box_code_base.c." Patch: https://github.com/gpac/gpac/commit/d2371b4b204f0a3c0af51ad4e9b491144dd1225c
2) CVE-2019-13618 Description: "In GPAC before 0.8.0, isomedia/isom_read.c in libgpac.a has a heap-based buffer over-read, as demonstrated by a crash in gf_m2ts_sync in media_tools/mpegts.c." Bug: https://github.com/gpac/gpac/issues/1250 Patch: https://github.com/gpac/gpac/commit/c23d54ed15a70b4543e3191e6ead5097cda0878b (Fixed in 0.8.0).
3) CVE-2019-20628 Description: "An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box. It contains a Use-After-Free vulnerability in gf_m2ts_process_pmt in media_tools/mpegts.c that can cause a denial of service via a crafted MP4 file." Bug: https://github.com/gpac/gpac/issues/1269 4) CVE-2019-20629 Description: "An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box. It contains a heap-based buffer over-read in gf_m2ts_process_pmt in media_tools/mpegts.c that can cause a denial of service via a crafted MP4 file." Bug: https://github.com/gpac/gpac/issues/1264 5) CVE-2019-20630 Description: "An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box. It contains a heap-based buffer over-read in BS_ReadByte (called from gf_bs_read_bit) in utils/bitstream.c that can cause a denial of service via a crafted MP4 file." Bug: https://github.com/gpac/gpac/issues/1268 6) CVE-2019-20631 Description: "An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box. It contains an invalid pointer dereference in gf_list_count in utils/list.c that can cause a denial of service via a crafted MP4 file." Bug: https://github.com/gpac/gpac/issues/1270 7) CVE-2019-20632 Description: "An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box. It contains an invalid pointer dereference in gf_odf_delete_descriptor in odf/desc_private.c that can cause a denial of service via a crafted MP4 file." Bug: https://github.com/gpac/gpac/issues/1271 --- CVE claims this was all fixed <0.8.0, but some of these commits may have landed after.
CVE-2020-6630 (ASSIGNED) CloseAn issue was discovered in GPAC version 0.8.0. There is a NULL pointer dereference in the function gf_isom_get_media_data_size() in isomedia/isom_read.c. CVE-2020-6631 (ASSIGNED) CloseAn issue was discovered in GPAC version 0.8.0. There is a NULL pointer dereference in the function gf_m2ts_stream_process_pmt() in media_tools/m2ts_mux.c.
CVE-2020-11558 (https://nvd.nist.gov/vuln/detail/CVE-2020-11558): An issue was discovered in libgpac.a in GPAC 0.8.0, as demonstrated by MP4Box. audio_sample_entry_Read in isomedia/box_code_base.c does not properly decide when to make gf_isom_box_del calls. This leads to various use-after-free outcomes involving mdia_Read, gf_isom_delete_movie, and gf_isom_parse_movie_boxes.
I guess I'll bump this.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4b34462e1b49b4b30ed014713f3011d5a246a91e commit 4b34462e1b49b4b30ed014713f3011d5a246a91e Author: Sam James <sam@gentoo.org> AuthorDate: 2020-08-20 12:12:54 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2020-08-20 12:30:44 +0000 media-video/gpac: security bump to 0.8.1 We're bumping to 0.8.1 before 1.0.0 because there was a substantial rewrite. The aim is to stabilise this release first, give 1.0.0 (later commit) a few days in ~arch, then do that. Bug: https://bugs.gentoo.org/711262 Closes: https://bugs.gentoo.org/701538 Closes: https://bugs.gentoo.org/654418 Closes: https://bugs.gentoo.org/658062 Package-Manager: Portage-3.0.3, Repoman-3.0.0 Signed-off-by: Sam James <sam@gentoo.org> media-video/gpac/Manifest | 1 + media-video/gpac/files/gpac-0.8.1-configure.patch | 100 +++++++++++++++ media-video/gpac/gpac-0.8.1.ebuild | 149 ++++++++++++++++++++++ 3 files changed, 250 insertions(+)
sparc done
x86 done
amd64 done
ppc done
ppc64 done all arches done
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a373cdf5df43887629aaf902bd080f6b7f46a10e commit a373cdf5df43887629aaf902bd080f6b7f46a10e Author: Sam James <sam@gentoo.org> AuthorDate: 2020-08-31 23:13:31 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2020-08-31 23:14:39 +0000 media-video/gpac: security cleanup Bug: https://bugs.gentoo.org/711262 Package-Manager: Portage-3.0.4, Repoman-3.0.1 Signed-off-by: Sam James <sam@gentoo.org> media-video/gpac/Manifest | 1 - media-video/gpac/files/ffmpeg4.patch | 44 ------ media-video/gpac/files/gpac-0.7.1-configure.patch | 94 ------------- .../gpac/files/gpac-0.7.1-openssl-1.1.patch | 126 ----------------- media-video/gpac/files/gpac-freetype.patch | 15 --- media-video/gpac/gpac-0.7.1-r1.ebuild | 150 --------------------- 6 files changed, 430 deletions(-)
Unable to check for sanity: > no match for package: media-video/gpac-0.8.1
