-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 30 Aug 2017 20:07:59 +0200 Source: faad2 Binary: libfaad-dev libfaad2 faad2-dbg faad Architecture: source amd64 Version: 2.7-8+deb7u1 Distribution: wheezy-security Urgency: high Maintainer: Debian Multimedia Maintainers <pkg-multimedia-maintainers@lists.alioth.debian.org> Changed-By: Markus Koschany <apo@debian.org> Description: faad - freeware Advanced Audio Decoder player faad2-dbg - freeware Advanced Audio Decoder - debugging symbols libfaad-dev - freeware Advanced Audio Decoder - development files libfaad2 - freeware Advanced Audio Decoder - runtime files Changes: faad2 (2.7-8+deb7u1) wheezy-security; urgency=high . * Non-maintainer upload by the LTS team. * Fix CVE-2017-9218, CVE-2017-9219, CVE-2017-9220, CVE-2017-9221, CVE-2017-9222, CVE-2017-9223, CVE-2017-9253, CVE-2017-9254, CVE-2017-9255, CVE-2017-9256, CVE-2017-9257. Various issues were discovered in faad2, a fast audio decoder, that could cause a denial of service (large loop and CPU consumption) via a crafted mp4 file. Checksums-Sha1: ee1f13484c2044d359584ce19a5c2062bbfd297a 2358 faad2_2.7-8+deb7u1.dsc 22118978d00988b6cc6898e7dc7f7849711016e9 1124523 faad2_2.7.orig.tar.gz 2be25ec8044015e8c83e6b3a082c48cb165e5172 22646 faad2_2.7-8+deb7u1.debian.tar.gz 6245da1d1414f053a54c87c44f77c8da84633590 201254 libfaad-dev_2.7-8+deb7u1_amd64.deb d9331b82a8a7a49dac6a3fa32ff147e66bd9006c 178554 libfaad2_2.7-8+deb7u1_amd64.deb 807d3f2a368ba1d1a8dc3b90b01f681d073c2287 286346 faad2-dbg_2.7-8+deb7u1_amd64.deb 8714badcce2331ea5bed688f9a34fc938b64d96d 41850 faad_2.7-8+deb7u1_amd64.deb Checksums-Sha256: 0c02e98af9fc414b6fc44ce17274bb496609f8acd7dc8464fa924d78da00e6f3 2358 faad2_2.7-8+deb7u1.dsc 9d5e35f104c531ef3ff7f4a514578bdfaff3df99ee35ccccb121b0a859295270 1124523 faad2_2.7.orig.tar.gz 330782e37a5e38362c3134cfedc4c25f619d9e29264f714c01d343d59859a20b 22646 faad2_2.7-8+deb7u1.debian.tar.gz d95f55cb25a7460c647df6a4c2a6f74e5682fb2b28cd599a93c8df5e45d9b376 201254 libfaad-dev_2.7-8+deb7u1_amd64.deb ab54fc39a160f91ccb442d31cac5793354333b018c4ef129b1792f73a9c803e8 178554 libfaad2_2.7-8+deb7u1_amd64.deb 29ba94fa01eddf0dc01eb74b0080c18c272d63e6337fc489a4b7d9f932274f01 286346 faad2-dbg_2.7-8+deb7u1_amd64.deb 53b506d77f43e98c8fad0216635546925c2d47e43d9adb6e2f7a10a7396244a6 41850 faad_2.7-8+deb7u1_amd64.deb Files: 5ff660a06c426412478d610fa50daca5 2358 libs optional faad2_2.7-8+deb7u1.dsc 1572090beee91d91efd088394da68214 1124523 libs optional faad2_2.7.orig.tar.gz 273ea3faeb09ded87f406df812918eb3 22646 libs optional faad2_2.7-8+deb7u1.debian.tar.gz e9c0330d77b48637091700aa91954a96 201254 libdevel optional libfaad-dev_2.7-8+deb7u1_amd64.deb a0665ac526bc1ad069d26808181d6cee 178554 libs optional libfaad2_2.7-8+deb7u1_amd64.deb be4cd184f049308fa3d0b5e8ce6d9eca 286346 debug extra faad2-dbg_2.7-8+deb7u1_amd64.deb 0161b04bda0a7e53354e2bf48b0bc6ec 41850 sound optional faad_2.7-8+deb7u1_amd64.deb -----BEGIN PGP SIGNATURE----- iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlmnAKpfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1HkjncP/33Q7hrGPlDdhpwwNWH9qyckPviG0l5DYvRV 9nNiJskKqP3OwaH+mq+a6xaQuoji71yyHa2idqNfjE2z/9J3OeX1a2I/ABUgeRUC V0PdTGSWoArrg0hCuxRrcn1zk7tc4zsyw/D+O+NN201fljn90H3uPE6XlgyRRxZs y7I2j3xsOxdTuAO2ciA6eL6YUoPAv6oVAL+JhqXq1sRGE2QFYoPGzuj8ifre2IDf F+0lur8hhbJ1J5lzd7s5dXS+zIDUPDyOGpBTOTE4HwJteHSIKu5bBOZLQuDh/Nbu SUaeBmLXf/I4r0tpQ/AmuwIiTAA9iatfGrRixx3CiVctpuJWILHB38P/H+g8CbIi cfBzbGA2MnSa2313eNHqEb8caHcXqvyBCsbq2nxQp/7tpr7v69z+M/sx+4GvjGNC j5DAalz4UtSgaV7YrDgsDj6N3NjZvbN0csOr2knwcm8W40KYaYFmIveH4iIiV5lZ AZKDNcRsF8F3ceIiNa6fGUphHVjCoC3czEKcu+BBYTndEXs2cdklifG7hwGN0cf7 joGBEm/vjqJQ76lio7U3rXZaHEAZ0FVY/4I1IgnXbCjVvmEpGl0q2XnZ7TTycQNG /x5yZ9wXcuJa2bMR+DO4CbELADPs5E6QoDi+R6R1zmOfTBauVXsfVYO7lB5gwZFf LnfDJHyx =c2bf -----END PGP SIGNATURE-----
