Bug#931088: marked as done (CVE-2019-12481 CVE-2019-12482 CVE-2019-12483)

["Debian Bug Tracking System" <owner@bugs.debian.org>]

Your message dated Sat, 21 Nov 2020 22:34:07 +0000
with message-id <E1kgbSJ-00076F-Nb@fasolo.debian.org>
and subject line Bug#931088: fixed in gpac 1.0.1+dfsg1-2
has caused the Debian Bug report #931088,
regarding CVE-2019-12481 CVE-2019-12482 CVE-2019-12483
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
931088: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931088
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: Debian Bug Tracking System <submit@bugs.debian.org>
• Subject: CVE-2019-12481 CVE-2019-12482 CVE-2019-12483
• From: Moritz Muehlenhoff <jmm@debian.org>
• Date: Tue, 25 Jun 2019 22:30:52 +0200
• Message-id: <156149465200.4013.11926545345201180203.reportbug@hullmann.westfalen.local>

Package: gpac
Version: 0.5.2-426-gc5ad4e4+dfsg5-5
Severity: important
Tags: security

Please see
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12481    
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12482
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12483

For all three of them:
https://github.com/gpac/gpac/issues/1249
https://github.com/gpac/gpac/commit/f40aaaf959d4d1f7fa0dcd04c0666592e615c8f1

Cheers,
        Moritz

--- End Message ---

--- Begin Message ---

• To: 931088-close@bugs.debian.org
• Subject: Bug#931088: fixed in gpac 1.0.1+dfsg1-2
• From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
• Date: Sat, 21 Nov 2020 22:34:07 +0000
• Message-id: <E1kgbSJ-00076F-Nb@fasolo.debian.org>
• Reply-to: Reinhard Tartler <siretart@tauware.de>

Source: gpac
Source-Version: 1.0.1+dfsg1-2
Done: Reinhard Tartler <siretart@tauware.de>

We believe that the bug you reported is fixed in the latest version of
gpac, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 931088@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Reinhard Tartler <siretart@tauware.de> (supplier of updated gpac package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 21 Nov 2020 17:13:44 -0500
Source: gpac
Architecture: source
Version: 1.0.1+dfsg1-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Multimedia Maintainers <debian-multimedia@lists.debian.org>
Changed-By: Reinhard Tartler <siretart@tauware.de>
Closes: 782093 931088 932242 940882 972053
Changes:
 gpac (1.0.1+dfsg1-2) unstable; urgency=medium
 .
   * Upload to unstable
 .
 gpac (1.0.1+dfsg1-1) experimental; urgency=medium
 .
   * New upstream version
     - soname bump to libgpac10
     - Fixes lots of security issues, closes: #972053
        CVE-2019-20161 CVE-2019-20162 CVE-2019-20163 CVE-2019-20165
        CVE-2019-20170 CVE-2019-20208 CVE-2019-20628 CVE-2019-20629
        CVE-2019-20630 CVE-2019-20631 CVE-2019-20632 CVE-2020-11558
        CVE-2020-6630 CVE-2020-6631
     - Fixes CVE-2018-21015 CVE-2018-21016, closes: #940882
     - Fixes CVE-2019-13618, closes: #932242
     - Fixes CVE-2019-12481 CVE-2019-12482 CVE-2019-12483, closes: #931088
     - Fix in manpage, closes: #782093
   * Rewritten debian/copyright with help of 'cme update dpkg-copyright'
Checksums-Sha1:
 c5da7d266afdd05271119b416badf34abb2e5bea 2701 gpac_1.0.1+dfsg1-2.dsc
 2f67a74f0450d84820254d0554ad597dac4c8920 35888 gpac_1.0.1+dfsg1-2.debian.tar.xz
Checksums-Sha256:
 6e303a19bfb9209341426b8b5b163e4836b821dc3d1f99a96bcfc601e0c65178 2701 gpac_1.0.1+dfsg1-2.dsc
 6c52b8551b27b3cec3685699b2076d903340d41606c601210bde7678e4e958f6 35888 gpac_1.0.1+dfsg1-2.debian.tar.xz
Files:
 d39a8904daa918ce3f831e88deffd307 2701 graphics optional gpac_1.0.1+dfsg1-2.dsc
 5a8b6049222a28932c52b19780953d2e 35888 graphics optional gpac_1.0.1+dfsg1-2.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQJIBAEBCgAyFiEEMN59F2OrlFLH4IJQSadpd5QoJssFAl+5kWsUHHNpcmV0YXJ0
QHRhdXdhcmUuZGUACgkQSadpd5QoJsvhGg/+M0Qz4G/XglfYAcqV36/OW2SmNhMa
2IJ8hvhwUTz7TeI4cbyGIyKjzykKilafXGL2ttP4n4wpRgQcL/uYLxmgqusavbdl
zzKiToe5uXK3/lVB2FHtXvLTPBgyT8cLVKBcKbQj863SDm+pZ3Ab26ibZ0bI3qBJ
F74WF/9wvW1/W7ZyLMFPfaoxhDgiFgyzj4t9hX/FX1uzo7y8bitm5qrZEnTSeh0+
BX0OKgt3n3nWah0fXvilSEifUsVmBaTRH+oEG6vAWII7z+fB7B8t2UEWjEfjTi6O
wB4eYpEKiywO5fCH0sqKqBe7yKPGvcpvXNuXx0FWzX9BdyN8hPcrlyhhxKQ9gCoJ
ahbmslr5GYL9/7wVhDUxW62CM9ga+7/N78geKgH819ZJs83g8CqLaOjx+HLQ3vfN
CiWwESqAMubSJuXdPE1eJoRNhoCj7EGlAFmGWbC6c14ado1KmCL9A367JfbMXanf
NVQIMkMJxg4+DNoRlHYnCQVX9rdQVF6HLRt+zD1bkSFaP4mCIkb0ZqtxT2OoX1Fc
C/02nOgnl1RvBkYAgiU5O4nUfgM2tWWq5XCz22Qnakvh3vRrtqvlC9ut1UMN9z+V
qmvwcvUFFT2VKCuM8XmBCwCfpk0/RI20Rwh5VLBVuvDjHiWil4bSgBx+6W5ihB3a
GfyAHuIHpfUOgq0=
=1yAo
-----END PGP SIGNATURE-----

--- End Message ---