Register | Log in

mpg123

MPEG layer 1/2/3 audio player

Choose email to subscribe with

general

source: mpg123 (main)
version: 1.32.9-1
maintainer: Debian Multimedia Maintainers (archive) (DMD)
uploaders: Reinhard Tartler [DMD] – Miguel A. Colón Vélez [DMD] – Sebastian Ramacher [DMD]
arch: any
std-ver: 4.7.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.25.10-2
oldstable: 1.26.4-1
stable: 1.31.2-1
stable-sec: 1.31.2-1+deb12u1
stable-p-u: 1.31.2-1+deb12u1
testing: 1.32.9-1
unstable: 1.32.9-1

versioned links

1.25.10-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.26.4-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.31.2-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.31.2-1+deb12u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.32.9-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libmpg123-0t64
libmpg123-dev
libout123-0t64
libsyn123-0t64
mpg123 (5 bugs: 0, 2, 3, 0)

action needed

1 security issue in bullseye high

There is 1 open security issue in bullseye.

1 important issue:

CVE-2024-10573: An out-of-bounds write flaw was found in mpg123 when handling crafted streams. When decoding PCM, the libmpg123 may write past the end of a heap-located buffer. Consequently, heap corruption may happen, and arbitrary code execution is not discarded. The complexity required to exploit this flaw is considered high as the payload must be validated by the MPEG decoder and the PCM synth before execution. Additionally, to successfully execute the attack, the user must scan through the stream, making web live stream content (such as web radios) a very unlikely attack vector.

Created: 2024-10-30 Last update: 2024-11-16 06:35

Depends on packages which need a new maintainer normal

The packages that mpg123 depends on which need a new maintainer are:

nas (#354174)
- Depends: libaudio2
- Suggests: nas
- Build-Depends: libaudio-dev

Created: 2022-06-24 Last update: 2024-11-21 10:28

lintian reports 4 warnings normal

Lintian reports 4 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2024-08-12 Last update: 2024-11-11 23:03

debian/patches: 1 patch to forward upstream low

Among the 1 debian patch available in version 1.32.9-1 of the package, we noticed the following issues:

1 patch where the metadata indicates that the patch has not yet been forwarded upstream. You should either forward the patch upstream or update the metadata to document its real status.

Created: 2023-02-26 Last update: 2024-11-11 20:31

news

[2024-11-16] mpg123 1.32.9-1 MIGRATED to testing (Debian testing watch)
[2024-11-15] Accepted mpg123 1.31.2-1+deb12u1 (source) into proposed-updates (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
[2024-11-11] Accepted mpg123 1.31.2-1+deb12u1 (source) into stable-security (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
[2024-11-11] Accepted mpg123 1.32.9-1 (source) into unstable (Reinhard Tartler)
[2024-11-02] mpg123 1.32.8-1 MIGRATED to testing (Debian testing watch)
[2024-10-27] Accepted mpg123 1.32.8-1 (source) into unstable (Sebastian Ramacher)
[2024-08-16] mpg123 1.32.7-1 MIGRATED to testing (Debian testing watch)
[2024-08-11] Accepted mpg123 1.32.7-1 (source) into unstable (Sebastian Ramacher)
[2024-04-30] mpg123 1.32.6-3 MIGRATED to testing (Debian testing watch)
[2024-04-08] Accepted mpg123 1.32.6-3 (source) into unstable (Sebastian Ramacher)
[2024-04-05] Accepted mpg123 1.32.6-2 (source) into unstable (Sebastian Ramacher)
[2024-04-05] Accepted mpg123 1.32.6-1 (amd64 source) into unstable (Debian FTP Masters) (signed by: Sebastian Ramacher)
[2024-03-01] mpg123 1.32.5-1 MIGRATED to testing (Debian testing watch)
[2024-02-24] Accepted mpg123 1.32.5-1 (source) into unstable (Sebastian Ramacher)
[2024-02-05] Accepted mpg123 1.32.4-1.1~exp1 (source) into experimental (Steve Langasek)
[2024-01-27] mpg123 1.32.4-1 MIGRATED to testing (Debian testing watch)
[2024-01-21] Accepted mpg123 1.32.4-1 (source) into unstable (Sebastian Ramacher)
[2023-10-08] mpg123 1.32.3-1 MIGRATED to testing (Debian testing watch)
[2023-10-02] Accepted mpg123 1.32.3-1 (source) into unstable (Sebastian Ramacher)
[2023-06-18] mpg123 1.31.3-2 MIGRATED to testing (Debian testing watch)
[2023-06-11] Accepted mpg123 1.31.3-2 (source) into unstable (Sebastian Ramacher)
[2023-04-02] Accepted mpg123 1.31.3-1 (source) into experimental (Sebastian Ramacher)
[2023-01-26] mpg123 1.31.2-1 MIGRATED to testing (Debian testing watch)
[2023-01-20] Accepted mpg123 1.31.2-1 (source) into unstable (Sebastian Ramacher)
[2022-11-11] mpg123 1.31.1-1 MIGRATED to testing (Debian testing watch)
[2022-11-05] Accepted mpg123 1.31.1-1 (source) into unstable (Sebastian Ramacher)
[2022-11-05] mpg123 1.31.0-1 MIGRATED to testing (Debian testing watch)
[2022-10-30] Accepted mpg123 1.31.0-1 (source) into unstable (Sebastian Ramacher)
[2022-08-16] mpg123 1.30.2-1 MIGRATED to testing (Debian testing watch)
[2022-08-09] Accepted mpg123 1.30.2-1 (source) into unstable (Sebastian Ramacher)

1
2

bugs [bug history graph]

all: 5
RC: 0
I&N: 2
M&W: 3
F&P: 0
patch: 0

links

homepage
lintian (0, 4)
buildd: logs, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
screenshots
debian patches

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.32.7-1
1 bug

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing