{
  "schema_version": "1.6.2",
  "id": "MGASA-2020-0137",
  "published": "2020-03-10T19:04:50Z",
  "modified": "2020-03-10T18:39:03Z",
  "summary": "Updated gpac packages fix security vulnerabilities",
  "details": "The updated packages fix security vulnerabilities:\n\nAVC_DuplicateConfig() at isomedia/avc_ext.c in GPAC 0.7.1 allows remote\nattackers to cause a denial of service (NULL pointer dereference and\napplication crash) via a crafted file.\nThere is \"cfg_new->AVCLevelIndication = cfg->AVCLevelIndication;\" but\ncfg could be NULL. (CVE-2018-21015)\n\naudio_sample_entry_AddBox() at isomedia/box_code_base.c in GPAC 0.7.1\nallows remote attackers to cause a denial of service (heap-based buffer\nover-read and application crash) via a crafted file. (CVE-2018-21016)\n\nIn GPAC before 0.8.0, isomedia/isom_read.c in libgpac.a has a heap-based\nbuffer over-read, as demonstrated by a crash in gf_m2ts_sync in\nmedia_tools/mpegts.c. (CVE-2019-13618)\n\nAn issue was discovered in GPAC version 0.8.0 and 0.9.0-development-\n20191109. There is heap-based buffer overflow in the function\nReadGF_IPMPX_WatermarkingInit() in odf/ipmpx_code.c. (CVE-2019-20161)\n\nAn issue was discovered in GPAC version 0.8.0 and 0.9.0-development-\n20191109. There is heap-based buffer overflow in the function\ngf_isom_box_parse_ex() in isomedia/box_funcs.c. (CVE-2019-20162)\n\nAn issue was discovered in GPAC version 0.8.0 and 0.9.0-development-\n20191109. There is a NULL pointer dereference in the function\ngf_odf_avc_cfg_write_bs() in odf/descriptors.c. (CVE-2019-20163)\n\nAn issue was discovered in GPAC version 0.8.0 and 0.9.0-development-\n20191109. There is a NULL pointer dereference in the function\nilst_item_Read() in isomedia/box_code_apple.c. (CVE-2019-20165)\n\nAn issue was discovered in GPAC version 0.8.0 and 0.9.0-development-\n20191109. There is an invalid pointer dereference in the function\nGF_IPMPX_AUTH_Delete() in odf/ipmpx_code.c. (CVE-2019-20170)\n\nAn issue was discovered in GPAC version 0.8.0 and 0.9.0-development-\n20191109. There are memory leaks in metx_New in isomedia/box_code_base.c\nand abst_Read in isomedia/box_code_adobe.c. (CVE-2019-20171)\n\ndimC_Read in isomedia/box_code_3gpp.c in GPAC 0.8.0 has a stack-based\nbuffer overflow. (CVE-2019-20208)\n",
  "related": [
    "CVE-2018-21015",
    "CVE-2018-21016",
    "CVE-2019-13618",
    "CVE-2019-20161",
    "CVE-2019-20162",
    "CVE-2019-20163",
    "CVE-2019-20165",
    "CVE-2019-20170",
    "CVE-2019-20171",
    "CVE-2019-20208"
  ],
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://advisories.mageia.org/MGASA-2020-0137.html"
    },
    {
      "type": "REPORT",
      "url": "https://bugs.mageia.org/show_bug.cgi?id=26131"
    },
    {
      "type": "REPORT",
      "url": "https://www.debian.org/lts/security/2020/dla-2072"
    }
  ],
  "affected": [
    {
      "package": {
        "ecosystem": "Mageia:7",
        "name": "gpac",
        "purl": "pkg:rpm/mageia/gpac?arch=source&distro=mageia-7"
      },
      "ranges": [
        {
          "type": "ECOSYSTEM",
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.7.1-6.1.mga7.tainted"
            }
          ]
        }
      ],
      "ecosystem_specific": {
        "section": "tainted"
      }
    }
  ],
  "credits": [
    {
      "name": "Mageia",
      "type": "COORDINATOR",
      "contact": [
        "https://wiki.mageia.org/en/Packages_Security_Team"
      ]
    }
  ]
}