Triage CVE-2022-36186, CVE-2022-36190 & CVE-2022-36191 in gpac for buster LTS.

author: Chris Lamb <lamby@debian.org> 2022-08-18 09:45:24 -0700
committer: Chris Lamb <lamby@debian.org> 2022-08-18 09:45:24 -0700
commit: 571928c05b4a177ab99e283fe3d9eb84bebf8716 (patch)
tree: dea8972b0df733e0491e911105f3b059847bcc9a /data
parent: 2b258fa8c06f21f9f9ee766fae32f5c7bbb813a4 (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/data/CVE/list b/data/CVE/list
index 873b04ea9e..c1d0c7ba5c 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -5692,10 +5692,12 @@ CVE-2022-36192
 	RESERVED
 CVE-2022-36191 (A heap-buffer-overflow had occurred in function gf_isom_dovi_config_ge ...)
 	- gpac <unfixed>
+	[buster] - gpac <end-of-life> (EOL in buster LTS)
 	NOTE: https://github.com/gpac/gpac/issues/2218
 	NOTE: https://github.com/gpac/gpac/commit/fef6242c69be4f7ba22b32578e4b62648a3d4ed3
 CVE-2022-36190 (GPAC mp4box 2.1-DEV-revUNKNOWN-master has a use-after-free vulnerabili ...)
 	- gpac <unfixed>
+	[buster] - gpac <end-of-life> (EOL in buster LTS)
 	NOTE: https://github.com/gpac/gpac/issues/2220
 	NOTE: Fixed along with: https://github.com/gpac/gpac/issues/2218
 	NOTE: https://github.com/gpac/gpac/commit/fef6242c69be4f7ba22b32578e4b62648a3d4ed3
@@ -5707,6 +5709,7 @@ CVE-2022-36187
 	RESERVED
 CVE-2022-36186 (A Null Pointer dereference vulnerability exists in GPAC 2.1-DEV-revUNK ...)
 	- gpac <unfixed>
+	[buster] - gpac <end-of-life> (EOL in buster LTS)
 	NOTE: https://github.com/gpac/gpac/issues/2223
 	NOTE: https://github.com/gpac/gpac/commit/b43f9d1a4b4e33d08edaef6d313e6ce4bdf554d3
 CVE-2022-36185
author	Chris Lamb <lamby@debian.org>	2022-08-18 09:45:24 -0700
committer	Chris Lamb <lamby@debian.org>	2022-08-18 09:45:24 -0700
commit	571928c05b4a177ab99e283fe3d9eb84bebf8716 (patch)
tree	dea8972b0df733e0491e911105f3b059847bcc9a /data
parent	2b258fa8c06f21f9f9ee766fae32f5c7bbb813a4 (diff)