Debian: DSA-4522-1: faad2 security update
Debian: DSA-4522-1: faad2 security update
Multiple vulnerabilities have been discovered in faad2, the Freeware Advanced Audio Coder. These vulnerabilities might allow remote attackers to cause denial-of-service, or potentially execute arbitrary code if crafted MPEG AAC files are processed.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4522-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Hugo Lefeuvre September 15, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : faad2 CVE ID : CVE-2018-19502 CVE-2018-19503 CVE-2018-19504 CVE-2018-20194 CVE-2018-20195 CVE-2018-20197 CVE-2018-20198 CVE-2018-20357 CVE-2018-20358 CVE-2018-20359 CVE-2018-20361 CVE-2018-20362 CVE-2019-15296 Debian Bug : 914641 Multiple vulnerabilities have been discovered in faad2, the Freeware Advanced Audio Coder. These vulnerabilities might allow remote attackers to cause denial-of-service, or potentially execute arbitrary code if crafted MPEG AAC files are processed. For the oldstable distribution (stretch), these problems have been fixed in version 2.8.0~cvs20161113-1+deb9u2. We recommend that you upgrade your faad2 packages. For the detailed security status of faad2 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/faad2 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.