-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sat, 08 Jul 2017 09:52:07 +0100 Source: mpg123 Binary: mpg123 libmpg123-0 libmpg123-dev Architecture: source amd64 Version: 1.14.4-1+deb7u2 Distribution: wheezy-security Urgency: high Maintainer: Debian Multimedia Maintainers <pkg-multimedia-maintainers@lists.alioth.debian.org> Changed-By: Chris Lamb <lamby@debian.org> Description: libmpg123-0 - MPEG layer 1/2/3 audio decoder (shared library) libmpg123-dev - MPEG layer 1/2/3 audio decoder (development files) mpg123 - MPEG layer 1/2/3 audio player Closes: 866860 Changes: mpg123 (1.14.4-1+deb7u2) wheezy-security; urgency=high . * CVE-2017-10683: Prevent a remote denial of service attack casued by a heap-based buffer over-read in the "convert_latin1" function. (Closes: #866860) Checksums-Sha1: 26b224db4f5b0540a04563430e7736854d964d6b 2259 mpg123_1.14.4-1+deb7u2.dsc 9f53e27bb40b8df3d3b6df25f5f9a8a83b1fccfe 797694 mpg123_1.14.4.orig.tar.bz2 8ea28661a81a7c562fe89d19a3ab7783ae755a6a 22741 mpg123_1.14.4-1+deb7u2.debian.tar.gz 264dcb0cdb75ddc0a2694e17088b85674746c332 158494 mpg123_1.14.4-1+deb7u2_amd64.deb 0f994cfe847be237b2418792f0349b6452ab589f 158776 libmpg123-0_1.14.4-1+deb7u2_amd64.deb c1fec6f3924ac8573842c6360a1bb9f7315942f3 45466 libmpg123-dev_1.14.4-1+deb7u2_amd64.deb Checksums-Sha256: 815685a3b0729c911353de087c984a6296cdb42cf7107cb07a76c244276abb92 2259 mpg123_1.14.4-1+deb7u2.dsc 9ca189f24eb4ec6b5046b64d72c3c8439fd9ea300ce1b8b91a05cd6a9d3e5c12 797694 mpg123_1.14.4.orig.tar.bz2 0eac80e49ded157222ff1fbdcd204f2656a9810927587ada409aa8fdfc64286b 22741 mpg123_1.14.4-1+deb7u2.debian.tar.gz 6026e2d3512c4a16d3f6b5abf5e4b7495bbee0a187de48d72091ef1942052413 158494 mpg123_1.14.4-1+deb7u2_amd64.deb 270a8a1daaad193677614cc50db404ab3c4574d575c610e909024ba560e40660 158776 libmpg123-0_1.14.4-1+deb7u2_amd64.deb 3d90d93dbdbb85ab1b509775bf25ccbf4dc6d3146801573ebff606c91bff1744 45466 libmpg123-dev_1.14.4-1+deb7u2_amd64.deb Files: 8b9e8919f548f37b82958e6102469fa0 2259 sound optional mpg123_1.14.4-1+deb7u2.dsc a72d0c60a1d7dbec7cfe966bc11672bf 797694 sound optional mpg123_1.14.4.orig.tar.bz2 b29f5d2b67cc903f6c86114241c76a88 22741 sound optional mpg123_1.14.4-1+deb7u2.debian.tar.gz ec38a124e6d65625dd4edf0736f6f7da 158494 sound optional mpg123_1.14.4-1+deb7u2_amd64.deb 422e5f8177f4fbfba22150f1c2b348b0 158776 libs optional libmpg123-0_1.14.4-1+deb7u2_amd64.deb 8cf46a4431597311d5b892a7b769ceb1 45466 libdevel optional libmpg123-dev_1.14.4-1+deb7u2_amd64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAllgnpUACgkQHpU+J9Qx Hlg1jg/+IOyRbZZwh4Uw3Cx2cMgFMcbS8elGhYcFx4ilebltf/rgqDUvE5cdyF9z DJx2mto17m3D1Jg0D8iGP8Bu4cJH7MtLkszPC5DU7xFgDeCVM2nlZR9yPsnNpx2M /1PoTAnoZH+KbkUtMp1DYQMh7QeAKGNY3eMqzhOjjh81Gsgg/9oVDwiTmu3HHGmC 01O25h33OEuIERAs9BL3RhZT4uHbZubTxnPqtxWP7WTKYkdB7wochG7cQYYskLhu FBK/XnA5UL+H3qLYTcDyseoARDc+ZldzBpntL+x4bs+G/3bmiRblGmavbK7plgRh CiKOMN757O+QqYlTnXgwiENle92btCwp7Ra+b8+OODnP3vUY3d85PZmiA0q4MG/i 7vjdb8Qy4fFT/oPyFigMD0066c9aTxDrJQVeCR9PYfdLNH4fY0iAqJQUxWhwSkwF ARkE9r9BnmlIsDtb6MJYXil8VBMCCShj/UrH0TT/C6BMuKpp3AzzbYYXhnjZ93pH S2W+ti/UEWVF8wHYsbum58Q29T0wug2jL4HDg54vfvfqsfb9PYzmWx9mndXZPCLM wFh3epx4/AQA9pBFgZLDUQYRSgekzvuWEBDDcFt3S65OyfpRna+PCiV+tyWjiWpb iCUBXzh2ThUg8DbSWspaJqR2xqK8kxCg0a1Y5kOhh9FTRpyHkLA= =q1nl -----END PGP SIGNATURE-----