Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-lts-changes@lists.debian.org> , <dispatch@tracker.debian.org>
Subject: Accepted faad2 2.8.0~cvs20161113-1+deb9u3 (source amd64) into oldoldstable
Date: Sun, 24 Oct 2021 11:50:13 +0000
Signed by: Thorsten Alteholz <alteholz@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 24 Oct 2021 13:03:02 +0200
Source: faad2
Binary: faad faad2-dbg libfaad-dev libfaad2
Architecture: source amd64
Version: 2.8.0~cvs20161113-1+deb9u3
Distribution: stretch-security
Urgency: high
Maintainer: Debian Multimedia Maintainers <pkg-multimedia-maintainers@lists.alioth.debian.org>
Changed-By: Thorsten Alteholz <debian@alteholz.de>
Description:
 faad       - freeware Advanced Audio Decoder player
 faad2-dbg  - freeware Advanced Audio Decoder - debugging symbols
 libfaad-dev - freeware Advanced Audio Decoder - development files
 libfaad2   - freeware Advanced Audio Decoder - runtime files
Changes:
 faad2 (2.8.0~cvs20161113-1+deb9u3) stretch-security; urgency=high
 .
   * Non-maintainer upload by the LTS Team.
   * CVE-2021-32274
     heap buffer overflow that might allow an attacker to execute code
   * CVE-2021-32276
     null pointer dereference that might allow an attacker to perform a DoS
   * CVE-2021-32277
     heap buffer overflow that might allow an attacker to execute code
   * CVE-2021-32278
     heap buffer overflow that might allow an attacker to execute code
   * CVE-2019-6956
     Buffer over read
   * CVE-2018-20360
     NULL pointer dereference
   * CVE-2018-20199
     NULL pointer dereference
Checksums-Sha1:
 8edef599eba854155bb9ce84dd7309b86d99d90f 2422 faad2_2.8.0~cvs20161113-1+deb9u3.dsc
 847e7ed97108e26e226943e7d0a6d3ea8e488134 514680 faad2_2.8.0~cvs20161113.orig.tar.xz
 96e59c0ebf37a23e60a122bade6ca170e8e82d2c 22364 faad2_2.8.0~cvs20161113-1+deb9u3.debian.tar.xz
 181327a65e4fc122943e6ddcb77a073a68f6c2e2 505390 faad2-dbg_2.8.0~cvs20161113-1+deb9u3_amd64.deb
 03a6b94bfec5c0482a9b69d242e71434c2361da0 7003 faad2_2.8.0~cvs20161113-1+deb9u3_amd64.buildinfo
 29a39d53bd8f38915fc48c3e045cc85b5e421b13 39006 faad_2.8.0~cvs20161113-1+deb9u3_amd64.deb
 2f867a91ece97ba4017edf52c8cd8d9c97577405 183336 libfaad-dev_2.8.0~cvs20161113-1+deb9u3_amd64.deb
 284d99e8419c68aecaa2bad02ee290f5653e65a8 168076 libfaad2_2.8.0~cvs20161113-1+deb9u3_amd64.deb
Checksums-Sha256:
 0598d2aa0e1322b7197806593dbcfea8a4982b1bf8af62a545360dc512722eed 2422 faad2_2.8.0~cvs20161113-1+deb9u3.dsc
 de34bce327eac8a89cd58b7d44dfb58988033de6fda0ab9582ed0585fc3fd07e 514680 faad2_2.8.0~cvs20161113.orig.tar.xz
 22e2ab18376eb440e41e23828d00f80267b5273a47ae5601166bd83e78c845b3 22364 faad2_2.8.0~cvs20161113-1+deb9u3.debian.tar.xz
 748e817477eaf9203b57b8bf7c1b6580caf70fc7d2cc429288e3065583d9a6c1 505390 faad2-dbg_2.8.0~cvs20161113-1+deb9u3_amd64.deb
 ee9da5db3b20f925e90593c79ae0bbd7d8662cfa79ca6342293585c7dff0d709 7003 faad2_2.8.0~cvs20161113-1+deb9u3_amd64.buildinfo
 7b031ce3a190e8718e0330721347a0f8f92061fb2eb694b1924a5dcd1bef5524 39006 faad_2.8.0~cvs20161113-1+deb9u3_amd64.deb
 a9135ea79255a1778c03ea3a31641f1c759683323467237708307bfc7de10dfe 183336 libfaad-dev_2.8.0~cvs20161113-1+deb9u3_amd64.deb
 5b15af9537c17b6b1c2eb98a767638c6e6c2c40662666db0cac58cd22fda003d 168076 libfaad2_2.8.0~cvs20161113-1+deb9u3_amd64.deb
Files:
 d316ca7a07871608b5ea5c256ac04c00 2422 libs optional faad2_2.8.0~cvs20161113-1+deb9u3.dsc
 bceecaced180cdeb9f73d7d04967ce46 514680 libs optional faad2_2.8.0~cvs20161113.orig.tar.xz
 a17608cabc8198e6a13b1366f8d4873c 22364 libs optional faad2_2.8.0~cvs20161113-1+deb9u3.debian.tar.xz
 7dae85b2825a54f42dd54018a9998433 505390 debug extra faad2-dbg_2.8.0~cvs20161113-1+deb9u3_amd64.deb
 2e555e4e4377a660c72d8b1aa962c7fa 7003 libs optional faad2_2.8.0~cvs20161113-1+deb9u3_amd64.buildinfo
 5d81e8c53055bfe472c60cc2e8e5ce16 39006 sound optional faad_2.8.0~cvs20161113-1+deb9u3_amd64.deb
 fb5e1d059c3b5847a5fe4893114da0df 183336 libdevel optional libfaad-dev_2.8.0~cvs20161113-1+deb9u3_amd64.deb
 f34396676011766deb4e77e520831d83 168076 libs optional libfaad2_2.8.0~cvs20161113-1+deb9u3_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQKnBAEBCgCRFiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmF1Q6RfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcTHGRlYmlhbkBh
bHRlaG9sei5kZQAKCRCW/KwNOHtYR4eIEACUZrV7IfgjesSb/OO+B35Ls+uvDgkE
CPGCm3UxFmmU8qK/jLVARdOxu/H0e7fdLL1CunGLZIGa0pW//AcXaPHTwp87BF+n
g1+YejIjZPuSOqpx6RG6eB+AqG3oIQOr0f3tmlSsEkz3kGga0ny+1zGN7hAUYfqP
K7KXfe89yOPcF8gCpHZ9aIhE0/VWvxr0MXtXXnY0IWgkcY6j0fAOYODU/mPDO503
gRIqtqRRIe03qW6c1ogHRHmW8rqWJ68YmRt3/Jyu9uOzcJ/hZGS4nmg63eqlfHEu
ht4J5x5YOIjRJ2WH1VRQIa9XE7VKOiKF7JNkMB4aXkTQU2rgusCJvETWN4ay3r6x
75FBfvXRDVuratKHSGaHdXoNJdVI/8RDQCNaj+TPf6qWObmGjQW7grkrmJKC+cId
lCPfALeBBdOQXQSnGTVHkljeOqox7hPS1a7axFGqMEPL1Tfi3GALkKw6vGS/5Ap8
+yecZlnbTrzQz7OkA9dzb6smosHbPbhRpbOk14rzZuh/nbTho9ubFtpq0UEO4ke8
z8/cdOgU7Dkv7mEDKrE+oem8cfWFNamFgYGmSy3NEeEWtUltpaOTRPtg2Z72SEHc
E1a4ZCySx1tEDJwKmvsxQ7axPe52Qo5z2mIF7u8xWj/qSzG47NXg/Ar+2hXt4+k8
8UEfIMXq0AFd/A==
=ObS1
-----END PGP SIGNATURE-----
News for package faad2
