[SECURITY] [DLA 799-1] ming security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Package : ming
Version : 1:0.4.4-1.1+deb7u1
CVE ID : CVE-2016-9264 CVE-2016-9265 CVE-2016-9266
CVE-2016-9827 CVE-2016-9828 CVE-2016-9829
CVE-2016-9831
Debian Bug : 843928
Multiple security issues have been found in Ming. They may lead
to the execution of arbitrary code or causing application crash.
CVE-2016-9264
global-buffer-overflow in printMP3Headers
CVE-2016-9265
divide-by-zero in printMP3Headers
CVE-2016-9266
left shift in listmp3.c
CVE-2016-9827
listswf: heap-based buffer overflow in _iprintf
CVE-2016-9828
listswf: heap-based buffer overflow in _iprintf
CVE-2016-9829
listswf: NULL pointer dereference in dumpBuffer
CVE-2016-9831
listswf: heap-based buffer overflow in parseSWF_RGBA
For Debian 7 "Wheezy", these problems have been fixed in version
0.4.4-1.1+deb7u1.
We recommend that you upgrade your ming packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCAAGBQJYifYlAAoJEPZk0la0aRp9fxoQAKTkzD2VzHuErMFjuATxej1X
j1cUCpPQTJ0aDNb4Ip3dFLHCGv4KGDUCrvapSJD5ssMGF5XqFLL9yzJze0SP0KPi
QYgp4arp7NymP1SzqmJu3CXyuVIiysKv1mbjbGCxtRN9bI7zdRHZLNZFejAoe3qD
VU/9INSER6s2TRLy+bOPBiMM9E4cRTiCiXflF+UmpMoPT4OCd9rvqOG/pBwYhoRn
6BFFkmmeqGmLF7i7U0hYgU1OhnyjhZfnBSrOMuEEYt2ilhq2fdQqj+uEfwnXXNuB
QjT9hKStfC/F9K+1QQqWwP5HwzE+QMw2HxHAAmrh35mWD3k8cmoPMZo9AtCUExoW
uza6e/8ZdtD/kM1zY01UcYXmcLbIS39ZA5FIXaIvo4gcaYV4V+7G4vusRUeiE1Lk
83fHvCFhOeZbbrJpHBkN1KYlbbi6UZasFXGFSpXkfAjYp6u9wAZEhWaM45ixYvA2
vjkmLP5vpkbcFzxA+56k62+mhL+5ZCUJ3Q6bWYDJa6e0ytiH5A8q8wnS0HFfowS/
x+oLaCvfjBBe3KvvRblp4UHbsVziPFdwvdl/HNli5UKfEQrGswDGbhWX+eU8exqJ
r+iiuOnpRhopuFW95bPOzQJDrhel6ekL7h+DT7sFvM0cOpkv/cR8HTfeVmA5vQCH
8WmbTBSkpn7Jop2yo1Vx
=Clp+
-----END PGP SIGNATURE-----
Reply to: