lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Fri, 4 May 2018 23:26:06 +0200
From: Moritz Muehlenhoff <jmm@...ian.org>
To: bugtraq@...urityfocus.com
Subject: [SECURITY] [DSA 4192-1] libmad security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4192-1                   security@...ian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
May 04, 2018                          https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : libmad
CVE ID         : CVE-2017-8372 CVE-2017-8373 CVE-2017-8374

Several vulnerabilities were discovered in MAD, an MPEG audio decoder
library, which could result in denial of service if a malformed audio
file is processed.

For the oldstable distribution (jessie), these problems have been fixed
in version 0.15.1b-8+deb8u1.

For the stable distribution (stretch), these problems have been fixed in
version 0.15.1b-8+deb9u1.

We recommend that you upgrade your libmad packages.

For the detailed security status of libmad please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/libmad

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@...ts.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlrsz5QACgkQEMKTtsN8
TjY93w/+KdbYUOMNZjBgtj9ajFC9fBHFbLkONp5zKeH/U3TPs4VeFNuvN6PAMiV4
j9qGHX4xYJLF4PJKZRxkzDi9Ktk+IcUb32DzCnIvV0R2WsuENxR230m2BLM4kuhC
EPqwWPj0dX6OJTpaIPVv/5J5r8fHvrgOoobRcYmIyxX3yejR6zrx790A4ywKVSXG
874F0eRN0Ji67Fzt4WMSb+rYhrnImHnR4CdwzQNTwl5vljexbjDx9vRkc2PgLOJm
xVm07j8LJw/RjocwNImWBGqK7AEuZZzvi4eHyXMUAwfb9wveEk6bm6JKiXiEljt0
wbTns9JInXR8T6/8+HjeYHD7qrxaZUuEwaba0uUHK8B5Snzchuv68ola2WY2dWEO
bHNBY3dfPlsg1NMnPUHM+KSl0+dZ9YudRK4NBtnU8kBKzVFnljzCqvA82L8rK3qT
T2YE3FwKpLKW9o+DvR+aqXUtXSHeqlcGCaPZC8ovSQ6M60WQiTmO+1/m3B9SGi1n
GyPoNFDOFJWwjErmccLx+BWFwGY1rfw+gJfA7vI4JcaSTcee2OG2Ki30gJX9vMc6
6Z0C7RybuBm/Zqs+eTUtPLNiO6nHCAEPaIcoI8egThOXGDwBbCS9kpL/Fgn+L+mM
9YKGgxe/6qYs/I0pnZqJwZlB5UkIxQkj8GihLe+p3IKVsyVL9p8=
=lVKM
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux - Powered by OpenVZ