| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 4 May 2018 23:26:06 +0200 From: Moritz Muehlenhoff <jmm@...ian.org> To: bugtraq@...urityfocus.com Subject: [SECURITY] [DSA 4192-1] libmad security update -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4192-1 security@...ian.org https://www.debian.org/security/ Moritz Muehlenhoff May 04, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libmad CVE ID : CVE-2017-8372 CVE-2017-8373 CVE-2017-8374 Several vulnerabilities were discovered in MAD, an MPEG audio decoder library, which could result in denial of service if a malformed audio file is processed. For the oldstable distribution (jessie), these problems have been fixed in version 0.15.1b-8+deb8u1. For the stable distribution (stretch), these problems have been fixed in version 0.15.1b-8+deb9u1. We recommend that you upgrade your libmad packages. For the detailed security status of libmad please refer to its security tracker page at: https://security-tracker.debian.org/tracker/libmad Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@...ts.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlrsz5QACgkQEMKTtsN8 TjY93w/+KdbYUOMNZjBgtj9ajFC9fBHFbLkONp5zKeH/U3TPs4VeFNuvN6PAMiV4 j9qGHX4xYJLF4PJKZRxkzDi9Ktk+IcUb32DzCnIvV0R2WsuENxR230m2BLM4kuhC EPqwWPj0dX6OJTpaIPVv/5J5r8fHvrgOoobRcYmIyxX3yejR6zrx790A4ywKVSXG 874F0eRN0Ji67Fzt4WMSb+rYhrnImHnR4CdwzQNTwl5vljexbjDx9vRkc2PgLOJm xVm07j8LJw/RjocwNImWBGqK7AEuZZzvi4eHyXMUAwfb9wveEk6bm6JKiXiEljt0 wbTns9JInXR8T6/8+HjeYHD7qrxaZUuEwaba0uUHK8B5Snzchuv68ola2WY2dWEO bHNBY3dfPlsg1NMnPUHM+KSl0+dZ9YudRK4NBtnU8kBKzVFnljzCqvA82L8rK3qT T2YE3FwKpLKW9o+DvR+aqXUtXSHeqlcGCaPZC8ovSQ6M60WQiTmO+1/m3B9SGi1n GyPoNFDOFJWwjErmccLx+BWFwGY1rfw+gJfA7vI4JcaSTcee2OG2Ki30gJX9vMc6 6Z0C7RybuBm/Zqs+eTUtPLNiO6nHCAEPaIcoI8egThOXGDwBbCS9kpL/Fgn+L+mM 9YKGgxe/6qYs/I0pnZqJwZlB5UkIxQkj8GihLe+p3IKVsyVL9p8= =lVKM -----END PGP SIGNATURE-----
Powered by blists - more mailing lists