[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20190915155546.lo46xyjbqq6pcggo@seger.debian.org>
Date: Sun, 15 Sep 2019 15:55:46 +0000
From: Moritz Muehlenhoff <jmm@...ian.org>
To: bugtraq@...urityfocus.com
Subject: [SECURITY] [DSA 4522-1] faad2 security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4522-1 security@...ian.org
https://www.debian.org/security/ Hugo Lefeuvre
September 15, 2019 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : faad2
CVE ID : CVE-2018-19502 CVE-2018-19503 CVE-2018-19504 CVE-2018-20194
CVE-2018-20195 CVE-2018-20197 CVE-2018-20198 CVE-2018-20357
CVE-2018-20358 CVE-2018-20359 CVE-2018-20361 CVE-2018-20362
CVE-2019-15296
Debian Bug : 914641
Multiple vulnerabilities have been discovered in faad2, the Freeware Advanced
Audio Coder. These vulnerabilities might allow remote attackers to cause
denial-of-service, or potentially execute arbitrary code if crafted MPEG AAC
files are processed.
For the oldstable distribution (stretch), these problems have been fixed
in version 2.8.0~cvs20161113-1+deb9u2.
We recommend that you upgrade your faad2 packages.
For the detailed security status of faad2 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/faad2
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@...ts.debian.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl1+XpoACgkQEMKTtsN8
Tja0xA//QlCrjIhBs6HZmnm+37XN6puyT6R5cCigpzAERhG5tXkCNHY/zE7R5sNi
uUkmi98xOT2YPWO8h8JbiOvdU2TCImPAT7zBXway6a8uMsTbmuprNIW9DZ/E4JUz
IeOJy1dNQeWX5ud4CA0eQQLuKevycG/G4LDPw3zMU0ofayQQiTtgKd5JSPXWN7X5
TaLPwQWHaaSTBNmHDi9nGEy+X3yXGxgC87OSScCdufvFmoV4Aqo7pXBOPJBFyeIQ
JYz6noUW6JzI4xQBngarthSCI2TQRGVn2AnH2n9yWP0Nf2nznymKDh2L5acpNYpY
cSZOUOMrjzX4OPQWmIZMsgbB7MpS0+xHUfb2ls3NJ2RbbLUSFrA/v2Xff4x6/eZM
jsYQ0sKY1Lqt3uj3tD8TqGs1H2q6marjGTlnLsAWyIBXa6MJIQHZdxehhVDx0U7u
Tom0A9NSQqWLa3AV6Dy/BSoWUCbNrXdt4ppoAXgy9k+x2kMNaJpJ3EbAzMA+xRnp
gi44t9E+HT5iNURkKovQt+/OZKPYlI00AVCpH31bjEUHCeTCw79BsX1v9kpuXWXg
jW6A/efW1hnmvC74yeDLNoE3iri54ZKsy+w4ELOLQFAtkmAq0bOW4I/03v7lH2h5
Q77PZEuA2XZVri9vO5z8m4VQE+HZB73LTrq7fJ/eHgTCqJRSmko=
=qHQO
-----END PGP SIGNATURE-----
Powered by blists - more mailing lists