[SECURITY] [DLA 1765-1] gpac security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 1765-1] gpac security update
From: Thorsten Alteholz <debian@alteholz.de>
Date: Thu, 25 Apr 2019 23:09:47 +0200 (CEST)
Message-id: <[🔎] alpine.DEB.2.20.1904252305400.27402@jupiter.server.alteholz.net>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : gpac
Version        : 0.5.0+svn5324~dfsg1-1+deb8u3
CVE ID         : CVE-2019-11221 CVE-2019-11222

Several issues have been found for gpac, an Open Source multimediaframework. Using crafted files one can trigger buffer overflow issuesthat could be used to crash the application.



For Debian 8 "Jessie", these problems have been fixed in version
0.5.0+svn5324~dfsg1-1+deb8u3.

We recommend that you upgrade your gpac packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAlzCIhtfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEcBQA/+KSofrKakW3Kt/oCTHi3j6pTSEiv/XeMIOqpqVB7JOBGsxaE8AaBBca2K
k1aKOqQLHdVkJVMO/lA4AaD7rKpEQghcyDHIDBoDvd4WOBlZXDQ5+qztUXNyBWNR
BaRRaUdVbridJsOgtFn2MVxVeLjWseAIp6bjNWopCRtM7qQ8UfSftOwlsgyzJScH
yuEnsPxZjNEPv6urD8j9+Nv/nqh6YCKz5WkeGIEcPVT+w7SLgNe2Y5HqBpwCcQKs
XjrL6o20TjYAIgZEPfJ7JhnD5kvo2xDSTCl0P8Zx3WV7Xw1ZNmnRJEuHo6eY3BsM
tZda8PilR412N4oDdb+onEzC2CisMM6XR0KFTweQvkxz2Si34KxU2bcFr4aJuxAl
IEfcKYhGmELm+iqUVC+LDQt023sUdbxgrykVAMm7Qc0ZPbDr2X0V6vQlTOZo/AoZ
/evm42+pWablcEcA2LV+WzgOt1Jxbp33d13wqWtQThLyEu4XPJDM1CUaYh8/bGEn
9GVAo0+xJr1nN2E8nHei/mXiga1OKFv+I/+mOU0sozy52GTC6asYrT8gq6xL1r7h
hBDXIZORLpVVl8bDqmkL/ilYWBUAZNNmUORpbczU7isvcauJLPSGtFJn+sLuBoeH
/WqDnx84FHdG5KvYMd1NTSs7YAOrasS3yAFZC+VdKqK5SWRbywA=
=1Knq
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 1764-1] mercurial security update
Next by Date: [SECURITY] [DLA 1762-2] systemd regression update
Previous by thread: [SECURITY] [DLA 1764-1] mercurial security update
Next by thread: [SECURITY] [DLA 1762-2] systemd regression update
Index(es):
- Date
- Thread