Register | Log in

mpg123

MPEG layer 1/2/3 audio player

Choose email to subscribe with

general

source: mpg123 (main)
version: 1.25.10-2
maintainer: Debian Multimedia Maintainers (archive) [DMD]
uploaders: Miguel A. Colón Vélez [DMD] [dm] – Reinhard Tartler [DMD]
arch: any
std-ver: 4.1.4
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.14.4-1
o-o-sec: 1.14.4-1+deb7u2
oldstable: 1.20.1-2+deb8u1
stable: 1.23.8-1
testing: 1.25.10-2
unstable: 1.25.10-2

versioned links

1.14.4-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.14.4-1+deb7u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.20.1-2+deb8u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.23.8-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.25.10-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libmpg123-0
libmpg123-dev
libout123-0
mpg123

action needed

lintian reports 4 warnings normal

Lintian reports 4 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2018-04-12 Last update: 2018-04-12 07:55

3 ignored security issues in stretch low

There are 3 open security issues in stretch.

3 issues skipped by the security teams:

CVE-2017-9545: The next_text function in src/libmpg123/id3.c in mpg123 1.24.0 allows remote attackers to cause a denial of service (buffer over-read) via a crafted mp3 file.
CVE-2017-12797: Integer overflow in the INT123_parse_new_id3 function in the ID3 parser in mpg123 before 1.25.5 on 32-bit platforms allows remote attackers to cause a denial of service via a crafted file, which triggers a heap-based buffer overflow.
CVE-2017-10683: In mpg123 1.25.0, there is a heap-based buffer over-read in the convert_latin1 function in libmpg123/id3.c. A crafted input will lead to a remote denial of service attack.

Please fix them.

Created: 2017-07-02 Last update: 2018-06-02 08:03

3 ignored security issues in jessie low

There are 3 open security issues in jessie.

3 issues skipped by the security teams:

CVE-2017-9545: The next_text function in src/libmpg123/id3.c in mpg123 1.24.0 allows remote attackers to cause a denial of service (buffer over-read) via a crafted mp3 file.
CVE-2017-12797: Integer overflow in the INT123_parse_new_id3 function in the ID3 parser in mpg123 before 1.25.5 on 32-bit platforms allows remote attackers to cause a denial of service via a crafted file, which triggers a heap-based buffer overflow.
CVE-2017-10683: In mpg123 1.25.0, there is a heap-based buffer over-read in the convert_latin1 function in libmpg123/id3.c. A crafted input will lead to a remote denial of service attack.

Please fix them.

Created: 2017-07-02 Last update: 2018-06-02 08:03

news

[2018-04-25] mpg123 1.25.10-2 MIGRATED to testing (Debian testing watch)
[2018-04-20] Accepted mpg123 1.25.10-2 (source) into unstable (James Cowgill)
[2018-03-16] mpg123 1.25.10-1 MIGRATED to testing (Debian testing watch)
[2018-03-10] Accepted mpg123 1.25.10-1 (source) into unstable (Sebastian Ramacher)
[2017-12-09] mpg123 1.25.8-1 MIGRATED to testing (Debian testing watch)
[2017-12-03] Accepted mpg123 1.25.8-1 (source) into unstable (Sebastian Ramacher)
[2017-10-02] mpg123 1.25.7-1 MIGRATED to testing (Debian testing watch)
[2017-09-26] Accepted mpg123 1.25.7-1 (source) into unstable (Sebastian Ramacher)
[2017-08-17] mpg123 1.25.6-1 MIGRATED to testing (Debian testing watch)
[2017-08-12] Accepted mpg123 1.25.6-1 (source) into unstable (Sebastian Ramacher)
[2017-08-12] mpg123 1.25.4-1 MIGRATED to testing (Debian testing watch)
[2017-08-06] Accepted mpg123 1.25.4-1 (source) into unstable (Sebastian Ramacher)
[2017-07-29] mpg123 1.25.3-1 MIGRATED to testing (Debian testing watch)
[2017-07-23] Accepted mpg123 1.25.3-1 (source) into unstable (Sebastian Ramacher)
[2017-07-09] mpg123 1.25.1-1 MIGRATED to testing (Debian testing watch)
[2017-07-08] Accepted mpg123 1.14.4-1+deb7u2 (source amd64) into oldoldstable (Chris Lamb)
[2017-07-03] Accepted mpg123 1.25.1-1 (source) into unstable (Sebastian Ramacher)
[2017-06-23] mpg123 1.25.0-1 MIGRATED to testing (Debian testing watch)
[2017-06-18] Accepted mpg123 1.25.0-1 (source) into unstable (Sebastian Ramacher)
[2017-04-25] Accepted mpg123 1.24.0-1 (source) into experimental (Sebastian Ramacher)
[2016-10-15] Accepted mpg123 1.14.4-1+deb7u1 (source amd64) into oldstable (Jonas Meurer)
[2016-10-12] Accepted mpg123 1.20.1-2+deb8u1 (source) into proposed-updates->stable-new, proposed-updates (James Cowgill)
[2016-10-07] mpg123 1.23.8-1 MIGRATED to testing (Debian testing watch)
[2016-10-04] Accepted mpg123 1.23.8-1 (source amd64) into unstable, unstable (Sebastian Ramacher)
[2015-09-24] mpg123 1.22.4-1 MIGRATED to testing (Britney)
[2015-09-18] Accepted mpg123 1.22.4-1 (source) into unstable (Miguel A. Colón Vélez)
[2015-09-14] Accepted mpg123 1.22.3-1 (source) into unstable (Miguel A. Colón Vélez)
[2015-07-17] mpg123 1.22.2-1 MIGRATED to testing (Britney)
[2015-07-11] Accepted mpg123 1.22.2-1 (source) into unstable (Miguel A. Colón Vélez) (signed by: Sebastian Ramacher)
[2014-09-06] mpg123 1.20.1-2 MIGRATED to testing (Britney)

1
2

bugs [bug history graph]

all: 3
RC: 0
I&N: 1
M&W: 2
F&P: 0

links

homepage
lintian (0, 4)
buildd: logs, clang, reproducibility
popcon
browse source code
edit tags
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.25.10-2
3 bugs

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing