<p>Upgrade <code>Debian:11</code> <code>gpac</code> to version 0.5.2-426-gc5ad4e4+dfsg5-5 or higher.</p>

Out-of-Bounds Affecting gpac package, versions <0.5.2-426-gc5ad4e4+dfsg5-5

Threat Intelligence

0.09% (39^th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk ID SNYK-DEBIAN11-GPAC-524964
published 13 Apr 2019
disclosed 15 Apr 2019

Report a new vulnerability Found a mistake?

Introduced: 13 Apr 2019

CVE-2019-11221 Open this link in a new tab CWE-119 Open this link in a new tab

How to fix?

Upgrade Debian:11 gpac to version 0.5.2-426-gc5ad4e4+dfsg5-5 or higher.

NVD Description

Note: Versions mentioned in the description apply only to the upstream gpac package and not the gpac package as distributed by Debian. See How to fix? for Debian:11 relevant fixed versions and status.

GPAC 0.7.1 has a buffer overflow issue in gf_import_message() in media_import.c.

References

https://security-tracker.debian.org/tracker/CVE-2019-11221
https://lists.debian.org/debian-lts-announce/2019/04/msg00025.html
https://github.com/gpac/gpac/issues/1203
http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-11221