-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 05 May 2016 12:03:02 +0200 Source: mplayer2 Binary: mplayer2 mplayer2-dbg Architecture: source i386 Version: 2.0-554-gf63dbad-1+deb7u1 Distribution: wheezy-security Urgency: high Maintainer: Debian Multimedia Maintainers <pkg-multimedia-maintainers@lists.alioth.debian.org> Changed-By: Thorsten Alteholz <debian@alteholz.de> Description: mplayer2 - next generation movie player for Unix-like systems mplayer2-dbg - Debugging symbols for mplayer2 Changes: mplayer2 (2.0-554-gf63dbad-1+deb7u1) wheezy-security; urgency=high . * Non-maintainer upload by the Wheezy LTS Team. * CVE-2016-4352 Mplayer is crashing when playing a fuzzed gif file. The gif demuxes assumes in many places that width*height is <= INT_MAX; this might not be true. Fixed by validating the picture size. Checksums-Sha1: 2639f99142e083f9e28f056841b686bb1b6870ea 3290 mplayer2_2.0-554-gf63dbad-1+deb7u1.dsc f59630b93c8c9a9d39201b950d47722c69d7c606 3704080 mplayer2_2.0-554-gf63dbad.orig.tar.bz2 707890ab09ebd4e17fffdc02e80cff363298c7a0 9865 mplayer2_2.0-554-gf63dbad-1+deb7u1.debian.tar.gz 67a9e2f85315ccdb7f421361739e90b3fe372f01 1248746 mplayer2_2.0-554-gf63dbad-1+deb7u1_i386.deb 5f76dc84e7481627acc4ab17db6c1d1b0b797a93 3519622 mplayer2-dbg_2.0-554-gf63dbad-1+deb7u1_i386.deb Checksums-Sha256: 2eaa937c3f27f6f5caddebfd21c1e2e1533b9b1db8cf44d0c6fb855a5367ec7f 3290 mplayer2_2.0-554-gf63dbad-1+deb7u1.dsc 6718e27c71234b05cfe6e879d2b1bab3c27a5e7fca969667d68064ef5077b1ec 3704080 mplayer2_2.0-554-gf63dbad.orig.tar.bz2 02ab2b1d90ce3308522d04c72a75f7f687b1947fc7e7786a5874306ac90315dc 9865 mplayer2_2.0-554-gf63dbad-1+deb7u1.debian.tar.gz 919d13f3a34c0cc973f10825caa892d8fd55879b206a7d5e5881363e178e161b 1248746 mplayer2_2.0-554-gf63dbad-1+deb7u1_i386.deb 555fabbc5181775de8b18a60477783df83eaa660049b825ec6c1c82b5bd77a16 3519622 mplayer2-dbg_2.0-554-gf63dbad-1+deb7u1_i386.deb Files: 966280bbd08a1d74bb9f656b532d012e 3290 video extra mplayer2_2.0-554-gf63dbad-1+deb7u1.dsc 9f4277103451e2ac8e1658a50d83ec99 3704080 video extra mplayer2_2.0-554-gf63dbad.orig.tar.bz2 9587c4814c1f942f2b0e0f380678d252 9865 video extra mplayer2_2.0-554-gf63dbad-1+deb7u1.debian.tar.gz 1ba2c6f1b85a6f870dfce90ed2fefd31 1248746 video extra mplayer2_2.0-554-gf63dbad-1+deb7u1_i386.deb dfe9ce98e4a71055f8dc62c72d5e8e96 3519622 debug extra mplayer2-dbg_2.0-554-gf63dbad-1+deb7u1_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQJ8BAEBCgBmBQJXKyxHXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5 NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHGEIQAMKX66XN/yQRtWjKZR1tREw6 rYh32SGGRVx/RwDmbyuE6HVT2DUW363dat2dEyoCNZlCkEkwfGcypwhKjkk2suzt 6UBV0rkiUN5fgnSBivjrVnIdOCAuhIqltmA1pGC19nv2RFDa+AEtx065qtJ38vof NGFlsx/LhI8x6GAclve0KLT1i9+PXUsyz2RbjND78+t7CuSOraf9OMS6A4zFi/UP GlG2oiZqj5eYzrG1/VmvzAOXSSjfhbU1w8/7rYhe20OBNLOOkHdwpcJhJP62eEZn kkZpskr/i0iarlW9ca+n93NpmPcUhiabdeO0zCRZz3ntG5tqBYvKg26VIheK+CL6 QOM1PqdsJoZNa5Htoe9LPMXbq2TM7BO72K/9zsVs+hHZFRWVYccC09tnakL/jSNk LIitokU11Y/C404wx47rUZc8LjITYfVKonLtbEM2QTXA0q5oHWvUXV5ca8cJDXvP v6yNlSb+A6yKvCUppScFVf374FnIfGYO5sMpctVWPJb6IKxKhZ99b0kefT4198Ex 03RfgQT+Fhp5KwWeVssmKwdjN40IfmZBcdzq/RKBCCQTqOal6XwFSGHZPvqHRoe/ lWwC2sVv95zFL8zYroEy6tchZxCBh2FxkfmUIHX8r31ETEyVexDXV25heU6qUE+J Ph5WQ3P70Eeh9OT158gn =ijJ8 -----END PGP SIGNATURE-----
