Package: mpg123 This is mpg123 upstream formally informing you of a vulnerability (crash on illegal memory read) in all mpg123 versions since 0.60, so very likely all debian versions of mpg123 and libmpg123 are affected.
See more detail at http://mpg123.org/bugs/240 . A one-line fix for any version is this: perl -pi -e 's:(while\()(tagpos < length-10\)):${1}length >= 10 && $2:' $(find src -name id3.c) Alrighty then, Thomas
pgpVu0bSOeA2b.pgp
Description: Digitale Signatur von OpenPGP