Bug#1083029: mplayer: security issue: Unchecked Return Value to NULL Pointer Dereference
Package: mplayer
Version: 2:1.5+svn38542-1
Severity: important
Tags: security upstream patch
X-Debbugs-Cc: team@security.debian.org, plorenzo@disroot.org, Debian Security Team <team@security.debian.org>
Hi,
A new security issue for mplayer was reported upstream:
https://trac.mplayerhq.hu/ticket/2426
a patch is available (see the link above), I don't think a CVE is
assigned yet.
Regards,
Lorenzo
-- System Information:
Debian Release: trixie/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 6.8.12-amd64 (SMP w/4 CPU threads; PREEMPT)
Kernel taint flags: TAINT_FIRMWARE_WORKAROUND, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: runit (via /run/runit.stopit)
LSM: AppArmor: enabled
Versions of packages mplayer depends on:
ii liba52-0.7.4 0.7.4-20+b1
ii libaa1 1.4p5-51.1
ii libasound2t64 1.2.12-1
ii libass9 1:0.17.3-1
ii libaudio2 1.9.4-9
ii libavcodec61 7:7.0.2-3
ii libavformat61 7:7.0.2-3
ii libavutil59 7:7.0.2-3
ii libbluray2 1:1.3.4-1+b1
ii libbs2b0 3.1.0+dfsg-8
ii libc6 2.40-2
ii libcaca0 0.99.beta20-5
ii libcdio-cdda2t64 10.2+2.0.2-1
ii libcdio-paranoia2t64 10.2+2.0.2-1
ii libcdio19t64 2.1.0-4.2
ii libdca0 0.0.7-2+b1
ii libdv4t64 1.0.0-17.1
ii libdvdnav4 6.1.1-3
ii libdvdread8t64 6.1.3-1.1
ii libegl1 1.7.0-1+b1
ii libenca0 1.19-1.1+b2
ii libfaad2 2.11.1-1+b1
ii libfontconfig1 2.15.0-1.1
ii libfreetype6 2.13.3+dfsg-1
ii libfribidi0 1.0.15-1
ii libgif7 5.2.2-1
ii libgl1 1.7.0-1+b1
ii libjack-jackd2-0 [libjack-0.125] 1.9.22~dfsg-3
ii libjpeg62-turbo 1:2.1.5-3
ii liblirc-client0t64 0.10.2-0.9
ii libmad0 0.15.1b-10.2
ii libmng1 1.0.10+dfsg-3.1+b5
ii libmpeg2-4 0.5.1-9+b1
ii libmpg123-0t64 1.32.7-1
ii libogg0 1.3.5-3+b1
ii libopenal1 1:1.23.1-4+b1
ii libpng16-16t64 1.6.43-5
ii libpostproc58 7:7.0.2-3
ii libpulse0 16.1+dfsg1-5.1
ii libsdl1.2debian 1.2.68-2
ii libsmbclient0 2:4.21.0+dfsg-1
ii libsndio7.0 1.10.0-0.1
ii libspeex1 1.2.1-2+b1
ii libswresample5 7:7.0.2-3
ii libswscale8 7:7.0.2-3
ii libtheora0 1.1.1+dfsg.1-17
ii libtinfo6 6.5-2
ii libvdpau1 1.5-3
ii libvorbisidec1 1.2.1+git20180316-7+b1
ii libx11-6 2:1.8.7-1+b1
ii libxext6 2:1.3.4-1+b1
ii libxinerama1 2:1.1.4-3+b1
ii libxss1 1:1.2.3-1+b1
ii libxv1 2:1.0.11-1.1+b1
ii libxvidcore4 2:1.3.7-1+b1
ii libxxf86dga1 2:1.1.5-1+b1
ii libxxf86vm1 1:1.1.4-1+b2
ii zlib1g 1:1.3.dfsg+really1.3.1-1
mplayer recommends no packages.
Versions of packages mplayer suggests:
ii bzip2 1.0.8-6
ii fontconfig 2.15.0-1.1
ii fonts-freefont-ttf 20211204+svn4273-2
pn mplayer-doc <none>
pn netselect | fping <none>
-- Configuration Files:
/etc/mplayer/mplayer.conf changed [not included]
-- no debconf information
Reply to: