Version in base suite: 1.0.1+dfsg1-4+deb11u1
Version in overlay suite: 1.0.1+dfsg1-4+deb11u2

Base version: gpac_1.0.1+dfsg1-4+deb11u2
Target version: gpac_1.0.1+dfsg1-4+deb11u3
Base file: /srv/ftp-master.debian.org/ftp/pool/main/g/gpac/gpac_1.0.1+dfsg1-4+deb11u2.dsc
Target file: /srv/ftp-master.debian.org/policy/pool/main/g/gpac/gpac_1.0.1+dfsg1-4+deb11u3.dsc

 changelog                   |    6 ++++++
 patches/CVE-2023-0760.patch |   23 +++++++++++++++++++++++
 patches/CVE-2023-3012.patch |   20 ++++++++++++++++++++
 patches/CVE-2023-3291.patch |   20 ++++++++++++++++++++
 patches/series              |    3 +++
 5 files changed, 72 insertions(+)

diff -Nru gpac-1.0.1+dfsg1/debian/changelog gpac-1.0.1+dfsg1/debian/changelog
--- gpac-1.0.1+dfsg1/debian/changelog	2023-05-23 11:53:25.000000000 +0000
+++ gpac-1.0.1+dfsg1/debian/changelog	2023-06-19 21:46:06.000000000 +0000
@@ -1,3 +1,9 @@
+gpac (1.0.1+dfsg1-4+deb11u3) bullseye-security; urgency=medium
+
+  * CVE-2023-3291 / CVE-2023-3012 / CVE-2023-0760
+
+ -- Moritz Mühlenhoff <jmm@debian.org>  Mon, 19 Jun 2023 23:46:06 +0200
+
 gpac (1.0.1+dfsg1-4+deb11u2) bullseye-security; urgency=medium
 
   * Fix multiple security issues
diff -Nru gpac-1.0.1+dfsg1/debian/patches/CVE-2023-0760.patch gpac-1.0.1+dfsg1/debian/patches/CVE-2023-0760.patch
--- gpac-1.0.1+dfsg1/debian/patches/CVE-2023-0760.patch	1970-01-01 00:00:00.000000000 +0000
+++ gpac-1.0.1+dfsg1/debian/patches/CVE-2023-0760.patch	2023-06-19 21:32:07.000000000 +0000
@@ -0,0 +1,23 @@
+From ea7395f39f601a7750d48d606e9d10ea0b7beefe Mon Sep 17 00:00:00 2001
+From: Aurelien David <aurelien.david@telecom-paristech.fr>
+Date: Wed, 8 Feb 2023 16:52:00 +0100
+Subject: [PATCH] sgpd box entry: disallow null grouping_type (#2389)
+
+---
+ src/isomedia/box_code_base.c | 7 +++++--
+ src/isomedia/box_funcs.c     | 8 ++++----
+ src/isomedia/isom_read.c     | 6 +++---
+ 3 files changed, 12 insertions(+), 9 deletions(-)
+
+--- gpac-1.0.1+dfsg1.orig/src/isomedia/box_code_base.c
++++ gpac-1.0.1+dfsg1/src/isomedia/box_code_base.c
+@@ -9593,6 +9593,9 @@ static void *sgpd_parse_entry(u32 groupi
+ 	case GF_ISOM_SAMPLE_GROUP_LBLI:
+ 		entry_size = 2;
+ 		break;
++	case 0:
++		GF_LOG(GF_LOG_WARNING, GF_LOG_CONTAINER, ("[iso file] sgpd entry null grouping_type is invalid\n") );
++		return NULL;
+ 	default:
+ 		break;
+ 	}
diff -Nru gpac-1.0.1+dfsg1/debian/patches/CVE-2023-3012.patch gpac-1.0.1+dfsg1/debian/patches/CVE-2023-3012.patch
--- gpac-1.0.1+dfsg1/debian/patches/CVE-2023-3012.patch	1970-01-01 00:00:00.000000000 +0000
+++ gpac-1.0.1+dfsg1/debian/patches/CVE-2023-3012.patch	2023-06-19 21:23:45.000000000 +0000
@@ -0,0 +1,20 @@
+From 53387aa86c1af1228d0fa57c67f9c7330716d5a7 Mon Sep 17 00:00:00 2001
+From: jeanlf <jeanlf@gpac.io>
+Date: Wed, 31 May 2023 14:09:48 +0200
+Subject: [PATCH] fixed #2480
+
+---
+ src/utils/xml_parser.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+--- gpac-1.0.1+dfsg1.orig/src/utils/xml_parser.c
++++ gpac-1.0.1+dfsg1/src/utils/xml_parser.c
+@@ -948,7 +948,7 @@ exit:
+ static GF_Err xml_sax_append_string(GF_SAXParser *parser, char *string)
+ {
+ 	u32 size = parser->line_size;
+-	u32 nl_size = (u32) strlen(string);
++	u32 nl_size = string ? (u32) strlen(string) : 0;
+ 
+ 	if (!nl_size) return GF_OK;
+ 
diff -Nru gpac-1.0.1+dfsg1/debian/patches/CVE-2023-3291.patch gpac-1.0.1+dfsg1/debian/patches/CVE-2023-3291.patch
--- gpac-1.0.1+dfsg1/debian/patches/CVE-2023-3291.patch	1970-01-01 00:00:00.000000000 +0000
+++ gpac-1.0.1+dfsg1/debian/patches/CVE-2023-3291.patch	2023-06-19 21:21:08.000000000 +0000
@@ -0,0 +1,20 @@
+From 6a748ccc3f76ff10e3ae43014967ea4b0c088aaf Mon Sep 17 00:00:00 2001
+From: jeanlf <jeanlf@gpac.io>
+Date: Thu, 15 Jun 2023 11:28:10 +0200
+Subject: [PATCH] fixed #2493
+
+---
+ src/filters/reframe_mp3.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- gpac-1.0.1+dfsg1.orig/src/filters/reframe_mp3.c
++++ gpac-1.0.1+dfsg1/src/filters/reframe_mp3.c
+@@ -250,7 +250,7 @@ void id3dmx_flush(GF_Filter *filter, u8
+ 			break;
+ 		}
+ 
+-		if (buf_alloc<=fsize) {
++		if (buf_alloc <= fsize+2) {
+ 			buf = gf_realloc(buf, fsize+2);
+ 			buf_alloc = fsize+2;
+ 		}
diff -Nru gpac-1.0.1+dfsg1/debian/patches/series gpac-1.0.1+dfsg1/debian/patches/series
--- gpac-1.0.1+dfsg1/debian/patches/series	2023-05-23 11:46:45.000000000 +0000
+++ gpac-1.0.1+dfsg1/debian/patches/series	2023-06-19 21:31:56.000000000 +0000
@@ -112,3 +112,6 @@
 CVE-2023-23143.patch
 CVE-2023-23144.patch
 CVE-2023-23145.patch
+CVE-2023-3291.patch
+CVE-2023-3012.patch
+CVE-2023-0760.patch