Package: mpg123
Version: 1.25.10-2
Hey there,
There is a new upstream version available
(http://mpg123.org/cgi-bin/news.cgi) that fixes some potential
security issue
'
- Fix out-of-bounds reads in ID3 parser for unsynced frames.
(oss-fuzz-bug 15852)
- Fix out-of-bounds read for RVA2 frames with non-delimited
identifier. (oss-fuzz-bug 15852)
- Fix implementation-defined parsing of RVA2 values.
(oss-fuzz-bug 15862)'
Would be nice to have the updated verison uploaded to Debian
Thanks,