R Dne 8. 7. 2017 10:58 dop. napsal uživatel "Chris Lamb" <[email protected]>:
> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > Package : mpg123 > Version : 1.14.4-1+deb7u2 > CVE ID : CVE-2017-10683 > Debian Bug : #866860 > > It was discovered that there was a remote denial of service vulnerability > in > the mpg123 audio library/player. This was caused by a heap-based buffer > over-read in the "convert_latin1" function. > > For Debian 7 "Wheezy", this issue has been fixed in mpg123 version > 1.14.4-1+deb7u2. > > We recommend that you upgrade your mpg123 packages. > > > Regards, > > - -- > ,''`. > : :' : Chris Lamb > `. `'` [email protected] / chris-lamb.co.uk > `- > > -----BEGIN PGP SIGNATURE----- > > iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAllgnoUACgkQHpU+J9Qx > Hlg+kw//aMiin1HrRIAHaXgL0sj/JYMxIG9s9aDqC5nu6EHQqrymLqr/6UTWdi2H > q/Tcz86oG5nEkshA7k6pg9iMoVBqfE6fKU+3D3uchzOjcoNBRgRXM6RbD+jnKEp/ > MGqXbPuGXJ9AzULH0b4ihuQbwwiZpQBqQulUpJW7UGHDjgZc9+cEK4zIXbo0OSfZ > mcbsFV7p4cbmzWPwgQplcOsB6vg5/kHoaj4u6jMBuZoehDuG4r2Ts0/rCnKMTTFM > FyYC7EuJPCTjcBZ169rRQwdUEdb4TETrhuMlhXezTYZK+hbRC2Gxc9myWQ3Mcz1B > 1w7CSvIcrntHq9yZ2k1zXJgHDNwyv37RYlkQ/wpBu1M1kTE/mEAYDiYKX5ESo2qi > klqc03mV0dAcjhecqpZjRetGw3Vi+YcHk7Ag1dmTx9xISdBqUAF2J6DK9hizP1aR > kay/560OkQCBUW8huYiZqTX7s3lXYLo02NevjB3ayZDNARusBxvXNQ66X/AvchbL > DPSV9PyBLgXRWZ9AOHcb0wZWo29OMnete09NO1tH+6JpeXlFfsmixxKuzoCXquam > Yqu0NWciqcYh4bStbdT1f5sdxmnnIgBc7mUjUlN2WsCLNGAl0KRMyg4R4Z3Bn59R > qQNJZcEK8+ME2Tcj3V+QlheVedtVARCdex/Z/tw6zn0AXcIMRQU= > =vDxk > -----END PGP SIGNATURE----- > >
