Register | Log in

mpg123

MPEG layer 1/2/3 audio player

Choose email to subscribe with

general

source: mpg123 (source, sound)
version: 1.25.7-1
maintainer: Debian Multimedia Maintainers (archive) [DMD]
uploaders: Miguel A. Colón Vélez [DMD] [dm] – Reinhard Tartler [DMD]
arch: any
std-ver: 4.1.0
VCS: Git (Browse)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.14.4-1
o-o-sec: 1.14.4-1+deb7u2
oldstable: 1.20.1-2+deb8u1
stable: 1.23.8-1
testing: 1.25.7-1
unstable: 1.25.7-1

versioned links

1.14.4-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.14.4-1+deb7u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.20.1-2+deb8u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.23.8-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.25.7-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libmpg123-0
libmpg123-dev
libout123-0
mpg123

action needed

lintian reports 4 warnings

normal

Lintian reports 4 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2017-09-28 Last update: 2017-09-28 01:11

2 ignored security issues in wheezy

low

There are 2 open security issues in wheezy.

2 issues skipped by the security teams:

CVE-2017-12797: Integer overflow in the INT123_parse_new_id3 function in the ID3 parser in mpg123 before 1.25.5 on 32-bit platforms allows remote attackers to cause a denial of service via a crafted file, which triggers a heap-based buffer overflow.
CVE-2017-9545: The next_text function in src/libmpg123/id3.c in mpg123 1.24.0 allows remote attackers to cause a denial of service (buffer over-read) via a crafted mp3 file.

Please fix them.

Created: 2017-07-27 Last update: 2017-10-02 07:14

3 ignored security issues in jessie

low

There are 3 open security issues in jessie.

3 issues skipped by the security teams:

CVE-2017-12797: Integer overflow in the INT123_parse_new_id3 function in the ID3 parser in mpg123 before 1.25.5 on 32-bit platforms allows remote attackers to cause a denial of service via a crafted file, which triggers a heap-based buffer overflow.
CVE-2017-10683: In mpg123 1.25.0, there is a heap-based buffer over-read in the convert_latin1 function in libmpg123/id3.c. A crafted input will lead to a remote denial of service attack.
CVE-2017-9545: The next_text function in src/libmpg123/id3.c in mpg123 1.24.0 allows remote attackers to cause a denial of service (buffer over-read) via a crafted mp3 file.

Please fix them.

Created: 2017-07-02 Last update: 2017-10-02 07:14

3 ignored security issues in stretch

low

There are 3 open security issues in stretch.

3 issues skipped by the security teams:

CVE-2017-12797: Integer overflow in the INT123_parse_new_id3 function in the ID3 parser in mpg123 before 1.25.5 on 32-bit platforms allows remote attackers to cause a denial of service via a crafted file, which triggers a heap-based buffer overflow.
CVE-2017-10683: In mpg123 1.25.0, there is a heap-based buffer over-read in the convert_latin1 function in libmpg123/id3.c. A crafted input will lead to a remote denial of service attack.
CVE-2017-9545: The next_text function in src/libmpg123/id3.c in mpg123 1.24.0 allows remote attackers to cause a denial of service (buffer over-read) via a crafted mp3 file.

Please fix them.

Created: 2017-07-02 Last update: 2017-10-02 07:14

news

[2017-10-02] mpg123 1.25.7-1 MIGRATED to testing (Debian testing watch)
[2017-09-26] Accepted mpg123 1.25.7-1 (source) into unstable (Sebastian Ramacher)
[2017-08-17] mpg123 1.25.6-1 MIGRATED to testing (Debian testing watch)
[2017-08-12] Accepted mpg123 1.25.6-1 (source) into unstable (Sebastian Ramacher)
[2017-08-12] mpg123 1.25.4-1 MIGRATED to testing (Debian testing watch)
[2017-08-06] Accepted mpg123 1.25.4-1 (source) into unstable (Sebastian Ramacher)
[2017-07-29] mpg123 1.25.3-1 MIGRATED to testing (Debian testing watch)
[2017-07-23] Accepted mpg123 1.25.3-1 (source) into unstable (Sebastian Ramacher)
[2017-07-09] mpg123 1.25.1-1 MIGRATED to testing (Debian testing watch)
[2017-07-08] Accepted mpg123 1.14.4-1+deb7u2 (source amd64) into oldoldstable (Chris Lamb)
[2017-07-03] Accepted mpg123 1.25.1-1 (source) into unstable (Sebastian Ramacher)
[2017-06-23] mpg123 1.25.0-1 MIGRATED to testing (Debian testing watch)
[2017-06-18] Accepted mpg123 1.25.0-1 (source) into unstable (Sebastian Ramacher)
[2017-04-25] Accepted mpg123 1.24.0-1 (source) into experimental (Sebastian Ramacher)
[2016-10-15] Accepted mpg123 1.14.4-1+deb7u1 (source amd64) into oldstable (Jonas Meurer)
[2016-10-12] Accepted mpg123 1.20.1-2+deb8u1 (source) into proposed-updates->stable-new, proposed-updates (James Cowgill)
[2016-10-07] mpg123 1.23.8-1 MIGRATED to testing (Debian testing watch)
[2016-10-04] Accepted mpg123 1.23.8-1 (source amd64) into unstable, unstable (Sebastian Ramacher)
[2015-09-24] mpg123 1.22.4-1 MIGRATED to testing (Britney)
[2015-09-18] Accepted mpg123 1.22.4-1 (source) into unstable (=?utf-8?b?TWlndWVsIEEuIENvbMOzbiBWw6lsZXo=?=) (signed by: Miguel A. Colón Vélez)
[2015-09-14] Accepted mpg123 1.22.3-1 (source) into unstable (=?utf-8?b?TWlndWVsIEEuIENvbMOzbiBWw6lsZXo=?=) (signed by: Miguel A. Colón Vélez)
[2015-07-17] mpg123 1.22.2-1 MIGRATED to testing (Britney)
[2015-07-11] Accepted mpg123 1.22.2-1 (source) into unstable (=?utf-8?b?TWlndWVsIEEuIENvbMOzbiBWw6lsZXo=?=) (signed by: Sebastian Ramacher)
[2014-09-06] mpg123 1.20.1-2 MIGRATED to testing (Britney)
[2014-08-31] Accepted mpg123 1.20.1-2 (source amd64) into unstable (Sebastian Ramacher)
[2014-08-12] mpg123 1.20.1-1 MIGRATED to testing (Britney)
[2014-08-06] Accepted mpg123 1.20.1-1 (source amd64) into unstable (Alessio Treglia)
[2014-07-18] mpg123 1.20.0-1 MIGRATED to testing (Britney)
[2014-07-07] Accepted mpg123 1.20.0-1 (source amd64) (Alessio Treglia)
[2014-02-26] mpg123 1.18.0-1 MIGRATED to testing (Debian testing watch)

1
2

bugs [bug history graph]

all: 3
RC: 0
I&N: 1
M&W: 2
F&P: 0

links

homepage
lintian (0, 4)
buildd: logs, clang, reproducibility
popcon
browse source code
edit tags
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.25.6-1
3 bugs

Debian Package Tracker — Copyright 2013-2016 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Git Repository — How to contribute