-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 01 May 2018 17:36:53 +0200 Source: faad2 Binary: libfaad-dev libfaad2 faad2-dbg faad Architecture: source amd64 Version: 2.7-8+deb8u1 Distribution: jessie Urgency: high Maintainer: Debian Multimedia Maintainers <pkg-multimedia-maintainers@lists.alioth.debian.org> Changed-By: Markus Koschany <apo@debian.org> Description: faad - freeware Advanced Audio Decoder player faad2-dbg - freeware Advanced Audio Decoder - debugging symbols libfaad-dev - freeware Advanced Audio Decoder - development files libfaad2 - freeware Advanced Audio Decoder - runtime files Closes: 889915 Changes: faad2 (2.7-8+deb8u1) jessie; urgency=high . * Non-maintainer upload. * Fix CVE-2017-9218, CVE-2017-9219, CVE-2017-9220, CVE-2017-9221, CVE-2017-9222, CVE-2017-9223, CVE-2017-9253, CVE-2017-9254, CVE-2017-9255, CVE-2017-9256, CVE-2017-9257. Various issues were discovered in faad2, a fast audio decoder, that could cause a denial of service (large loop and CPU consumption) via a crafted mp4 file. (Closes: #889915) Checksums-Sha1: 0b1fd8e93ed71237c9c4584581c3f26ce0437fd5 2367 faad2_2.7-8+deb8u1.dsc 4b5ec73005521388c1005472a2484a6452996de7 20356 faad2_2.7-8+deb8u1.debian.tar.xz 033c684215d6f2fd190af365da83405716b9f805 158716 libfaad-dev_2.7-8+deb8u1_amd64.deb f3baebd2501262e8aec002291cc61eb2b9165699 146230 libfaad2_2.7-8+deb8u1_amd64.deb 5b2bb2fda99795372558097a58683427c7d42213 274240 faad2-dbg_2.7-8+deb8u1_amd64.deb a44b2463e4a7084bbfa30c7f4d2568fb123000a5 36600 faad_2.7-8+deb8u1_amd64.deb Checksums-Sha256: 45040c8779397c6775abf063cbad9f82cb4a884241d3c9cd415288a6de445f96 2367 faad2_2.7-8+deb8u1.dsc dbc3b9f16e1e446ea59d5e3bfd5996fbb05911edcaed0f3caa0120f35e741365 20356 faad2_2.7-8+deb8u1.debian.tar.xz 8de3a84b6c9ebf6d32887b125c0ca640a88ff7495239fb429f3129ab047e0f60 158716 libfaad-dev_2.7-8+deb8u1_amd64.deb 33ab540ddbdcc0ec1b77cf14502994297fadffeabd346eb2574351f2e1e65f85 146230 libfaad2_2.7-8+deb8u1_amd64.deb b3ec5096e940449e1ba3fe4d205f132a2ad8a483d4d3b067e9fbde2410804a96 274240 faad2-dbg_2.7-8+deb8u1_amd64.deb da9b51e54f96ab3ecd6497ca2edd086706ce237ddec3e90ee1aea1074b847b4d 36600 faad_2.7-8+deb8u1_amd64.deb Files: e8ed677b2ac463b23b5034b25fd1b643 2367 libs optional faad2_2.7-8+deb8u1.dsc bd0975fe83c4a9dd133e4abcea9cfae5 20356 libs optional faad2_2.7-8+deb8u1.debian.tar.xz d714461876e2f0cecd58866c71364832 158716 libdevel optional libfaad-dev_2.7-8+deb8u1_amd64.deb 739e7b903dc7a2459e90bce4406cae6a 146230 libs optional libfaad2_2.7-8+deb8u1_amd64.deb 0b52e4523196cb3fec1688afcd26c5af 274240 debug extra faad2-dbg_2.7-8+deb8u1_amd64.deb c9268b4c827ea4ce67214bf80b02ed9a 36600 sound optional faad_2.7-8+deb8u1_amd64.deb -----BEGIN PGP SIGNATURE----- iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlrokXJfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1Hkjw8P/RJlSeFIk0jbgD3NKUaaOFe56Q+nUpudv1po KdZMRoV5f/JHTdLMOupQIp614zvnFdxzA55fR3a2r0HeyhoZj5hgdF8OgI3tlSnH +rodozayMBOpOp7IOF1Pc1q+ku5qA6j6au2ZcvsiAnW95rcWhhrer0kFuRnF72sX +NiSWVHsu7l+erc/omMEVn7Z6EB+B0fNY/Gy9LSet8D6/Ypx0/rubE2L62gynVED MCR/ORkpE73K3IFdj+u/4g3X1nPhTIXliQb8MG8/+DbGSGbUZ+RmePn40+SG3MWn 8E0cr7MWGHoHFup5S9rSLajU1BB2eakUXFxzZn3XjAddj9r7WVC7NwG2/eRrw0LR 8pHG/2sfzLwhU06j13XP2Zv+ymMOSL3+QA+9QuaKWTifaFNgmoKpt3UKqGqfXNy5 o6T9pGcbZJfN+/yGL3J+DLDFk+zmVknpquxHLuzi/udcB27EEgiw3vR1voekJQ5p zHbkcPp2DW7TiaNeLrgeMfNhtngZ+8mmJwmDsU37H6EoMu7Jtm7KSSU4wMnTjKuR pAJB9DIJ9XXi05kZwaQZyfeeuH1Un80wTUG3/Q0Ga70qk2FTmx1gzYDNqdpHlXf6 fzciSX5K/sUolxaKqYH3yZ/gPUfjGxCZtYEtPWBSz9k3n2w1+4VkV1PYnRjtLlJq IvJyYvEx =yDvI -----END PGP SIGNATURE-----
