-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sat, 15 Oct 2016 12:14:36 +0200 Source: mpg123 Binary: mpg123 libmpg123-0 libmpg123-dev Architecture: source amd64 Version: 1.14.4-1+deb7u1 Distribution: wheezy-security Urgency: high Maintainer: Debian Multimedia Maintainers <pkg-multimedia-maintainers@lists.alioth.debian.org> Changed-By: Jonas Meurer <mejo@debian.org> Description: libmpg123-0 - MPEG layer 1/2/3 audio decoder (shared library) libmpg123-dev - MPEG layer 1/2/3 audio decoder (development files) mpg123 - MPEG layer 1/2/3 audio player Closes: 838960 Changes: mpg123 (1.14.4-1+deb7u1) wheezy-security; urgency=high . * Non-maintainer upload by the LTS Team. * Backport fix for CVE-2014-9497: - Regression fix: Ensure decoder reinitialization on combination of seek and resync (buffer overflow) - Add check for bad bit allocation value in layer I decoder * Backport fix for CVE-2016-1000247: DoS with crafted ID3v2 tags. (Closes: #838960) Checksums-Sha1: 04066b822c2010788404888ec2c1afed066dc53c 2227 mpg123_1.14.4-1+deb7u1.dsc 9f53e27bb40b8df3d3b6df25f5f9a8a83b1fccfe 797694 mpg123_1.14.4.orig.tar.bz2 10970c9a60343cefebd032377c1fc50f4dd27c02 21969 mpg123_1.14.4-1+deb7u1.debian.tar.gz f7a597672078d507dae0ba269b317a9777ee3b26 158644 mpg123_1.14.4-1+deb7u1_amd64.deb 4f317069b1c4f83d804b5279432fa3a649118686 158472 libmpg123-0_1.14.4-1+deb7u1_amd64.deb 7b5a157c0968b2b48ac6bf50d00393395a709d68 44430 libmpg123-dev_1.14.4-1+deb7u1_amd64.deb Checksums-Sha256: 969ebb03e4f095ec79a3d1da287ef4525960ba4d6f72894b46af630cd4ef6435 2227 mpg123_1.14.4-1+deb7u1.dsc 9ca189f24eb4ec6b5046b64d72c3c8439fd9ea300ce1b8b91a05cd6a9d3e5c12 797694 mpg123_1.14.4.orig.tar.bz2 3cd80c49e3549bcfc71475d530c30adec2ccc971da5150a29b81852b20cf6340 21969 mpg123_1.14.4-1+deb7u1.debian.tar.gz a36a14efd29334e37c67c3a9edf8d3e2623fbf61b78a78aaf4a3e0f4a334c9ce 158644 mpg123_1.14.4-1+deb7u1_amd64.deb 05e7d818a7e289f3c1c4d20b80fd17ae93be0c72d6f8977c9946cba0927b4aa0 158472 libmpg123-0_1.14.4-1+deb7u1_amd64.deb baf8cdd83f6d4a6bcde8aaf611bbf814b4d1c9d64ca71680ebc592a256e4b165 44430 libmpg123-dev_1.14.4-1+deb7u1_amd64.deb Files: 698e2e73a30fa2a394869317097eb9fa 2227 sound optional mpg123_1.14.4-1+deb7u1.dsc a72d0c60a1d7dbec7cfe966bc11672bf 797694 sound optional mpg123_1.14.4.orig.tar.bz2 51b98f8b5999ae08e059958baf9e0b2d 21969 sound optional mpg123_1.14.4-1+deb7u1.debian.tar.gz f1b6bca922da5074dd50bfd606f10fb4 158644 sound optional mpg123_1.14.4-1+deb7u1_amd64.deb 6e26a2fcce15796997dc8c46c70aa752 158472 libs optional libmpg123-0_1.14.4-1+deb7u1_amd64.deb 1fd8601d821f35e6f0c413f626a1a524 44430 libdevel optional libmpg123-dev_1.14.4-1+deb7u1_amd64.deb -----BEGIN PGP SIGNATURE----- iQIcBAEBCAAGBQJYAgJmAAoJEFJi5/9JEEn+C9wP/3MjkAMIE4BDsiJ9WLtjW7kE b0TiTm+sJkjYUcnXn8kcaVnaQGl5z2JI/MgdrBBeklscP0+NwE9PQSLHy+hWQQ3D KMVIidtiZEjWy3s6pbtgioQfuzQo8VqQfxu8AuV8e8AvENt2i1NGzA2yWyDelH00 0LbfuBxCCPrVkbGxOzfY7f/mq/KY83uNa3GZhSjutRCq2sTzW4CCP1oymVREu9Ez iSOrn4w0XsvbRm/haBEEghAKrvty3Dt1oS1A+EQAOahwFgn8bezSjZAvn47wNklE 0gHc4HNAFgApmedOdEHSGPPfYP1NbprKTxqwBO0kPWiRYVXMES3P3Mzf6l9uXbky ZLfAeX8u36pkYSGpfp0K1p/T8HRfwhddBkAtll+VjGBxjkw+E/XJ5cqpudgJvwHC DgLZR4XFKCh382HEx7rvJ0qgGOdnGy8W2Jqsk04kQtOujutAEnZEwc+4/6h40Mat 3+DDEVLP5X1EMElu/7ygY28rZY2Rx/GZdTOiYd8iLWopfYG8Yq7AzP3YfkBlgxky WU0XBwvqsIydW+wwchQySafQl6eFiFSHPgvx8IrAjqPpIT4XYih3TKaOE/P94B0/ dXerIu532gmHHlWxskma9SqzCtN++7dO2ESi5iT7DgJBj3Clwm7mWmz5LQNkRtmt cGXjewiY9r6Fak/bIEqM =h0T3 -----END PGP SIGNATURE-----
