1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 4522-1] faad2 security update

    From Moritz Muehlenhoff@1:229/2 to All on Sun Sep 15 18:00:01 2019
    From: [email protected]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-4522-1 [email protected] https://www.debian.org/security/ Hugo Lefeuvre September 15, 2019 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : faad2
    CVE ID : CVE-2018-19502 CVE-2018-19503 CVE-2018-19504 CVE-2018-20194
    CVE-2018-20195 CVE-2018-20197 CVE-2018-20198 CVE-2018-20357
    CVE-2018-20358 CVE-2018-20359 CVE-2018-20361 CVE-2018-20362
    CVE-2019-15296
    Debian Bug : 914641

    Multiple vulnerabilities have been discovered in faad2, the Freeware Advanced Audio Coder. These vulnerabilities might allow remote attackers to cause denial-of-service, or potentially execute arbitrary code if crafted MPEG AAC files are processed.

    For the oldstable distribution (stretch), these problems have been fixed
    in version 2.8.0~cvs20161113-1+deb9u2.

    We recommend that you upgrade your faad2 packages.

    For the detailed security status of faad2 please refer to
    its security tracker page at:
    https://security-tracker.debian.org/tracker/faad2

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl1+XpoACgkQEMKTtsN8 Tja0xA//QlCrjIhBs6HZmnm+37XN6puyT6R5cCigpzAERhG5tXkCNHY/zE7R5sNi uUkmi98xOT2YPWO8h8JbiOvdU2TCImPAT7zBXway6a8uMsTbmuprNIW9DZ/E4JUz IeOJy1dNQeWX5ud4CA0eQQLuKevycG/G4LDPw3zMU0ofayQQiTtgKd5JSPXWN7X5 TaLPwQWHaaSTBNmHDi9nGEy+X3yXGxgC87OSScCdufvFmoV4Aqo7pXBOPJBFyeIQ JYz6noUW6JzI4xQBngarthSCI2TQRGVn2AnH2n9yWP0Nf2nznymKDh2L5acpNYpY cSZOUOMrjzX4OPQWmIZMsgbB7MpS0+xHUfb2ls3NJ2RbbLUSFrA/v2Xff4x6/eZM jsYQ0sKY1Lqt3uj3tD8TqGs1H2q6marjGTlnLsAWyIBXa6MJIQHZdxehhVDx0U7u Tom0A9NSQqWLa3AV6Dy/BSoWUCbNrXdt4ppoAXgy9k+x2kMNaJpJ3EbAzMA+xRnp gi44t9E+HT5iNURkKovQt+/OZKPYlI00AVCpH31bjEUHCeTCw79BsX1v9kpuXWXg jW6A/efW1hnmvC74yeDLNoE3iri54ZKsy+w4ELOLQFAtkmAq0bOW4I/03v7lH2h5 Q77PZEuA2XZVri9vO5z8m4VQE+HZB73LTrq7fJ/eHgTCqJRSmko=
    =qHQO
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)