Bug#934613: New mpg123 1.25.11 version available fixing potential security issues

To: submit@bugs.debian.org
Subject: Bug#934613: New mpg123 1.25.11 version available fixing potential security issues
From: Sebastien Bacher <seb128@debian.org>
Date: Mon, 12 Aug 2019 15:09:56 +0200
Message-id: <[🔎] 296cf378-d7f8-2133-629b-8adbf8029c55@debian.org>
Reply-to: Sebastien Bacher <seb128@debian.org>, 934613@bugs.debian.org

Package: mpg123
Version: 1.25.10-2

Hey there,

There is a new upstream version available (http://mpg123.org/cgi-bin/news.cgi) that fixes some potential security issue

'

Fix out-of-bounds reads in ID3 parser for unsynced frames. (oss-fuzz-bug 15852)
Fix out-of-bounds read for RVA2 frames with non-delimited identifier. (oss-fuzz-bug 15852)
Fix implementation-defined parsing of RVA2 values. (oss-fuzz-bug 15862)'

Would be nice to have the updated verison uploaded to Debian

Thanks,

Reply to:

Follow-Ups:
- Bug#934613: marked as done (New mpg123 1.25.11 version available fixing potential security issues)
  - From: "Debian Bug Tracking System" <owner@bugs.debian.org>

Prev by Date: Bug#934604: aom: FTBFS on kfreebsd-any
Next by Date: Bug#900705: closed by Ross Gammon <rossgammon@debian.org> (Bug#900705: fixed in x42-plugins 20190714-1)
Previous by thread: Bug#934604: marked as done (aom: FTBFS on kfreebsd-any)
Next by thread: Bug#934613: marked as done (New mpg123 1.25.11 version available fixing potential security issues)
Index(es):
- Date
- Thread