Fw: [mpg123-devel] 1.26 and 13.1 backports (Re: Security update mpg123 1.32.8: Frankenstein's Monster)

To: debian-multimedia@lists.debian.org
Subject: Fw: [mpg123-devel] 1.26 and 13.1 backports (Re: Security update mpg123 1.32.8: Frankenstein's Monster)
From: Thomas Orgis <thomas-forum@orgis.org>
Date: Sat, 26 Oct 2024 20:31:00 +0200
Message-id: <[🔎] 20241026203100.6ae189d8@plasteblaster>

Hi,

I looked especially at the versions in Debian and ported the buffer
overflow fix to 1.26 and 1.31.

Weitergeleitete Nachricht:

Datum: Sat, 26 Oct 2024 18:42:05 +0200
Von: Thomas Orgis <thomas-forum@orgis.org>
An: mpg123-devel@lists.sourceforge.net, mpg123-users@lists.sourceforge.net
Betreff: [mpg123-devel] 1.26 and 13.1 backports (Re: Security update mpg123 1.32.8: Frankenstein's Monster)


Am Sat, 26 Oct 2024 17:38:40 +0200
schrieb Thomas Orgis <thomas-forum@orgis.org>: 

> I hereby announce mpg123 version 1.32.8. Get it at the usual places.
> Now.  

Observing that versions 1.26.x and 1.31.x are still in the wild
(meaning: Debian stable), I ported the recent security fix to those
release series. Please see recent commits to

	svn://scm.orgis.org/mpg123/branches/1.26-fixes and
	svn://scm.orgis.org/mpg123/branches/1.31-fixes

Current code is also visible under

	https://scm.orgis.org/mpg123/branches/1.26-fixes/ and
	https://scm.orgis.org/mpg123/branches/1.31-fixes/


Alrighty then,

Thomas


_______________________________________________
mpg123-devel mailing list
mpg123-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mpg123-devel

Reply to:

Prev by Date: Processing of a2jmidid_9-3.1_source.changes
Next by Date: ffmpeg_7.1-3_source.changes ACCEPTED into unstable
Previous by thread: Processing of a2jmidid_9-3.1_source.changes
Next by thread: ffmpeg_7.1-3_source.changes ACCEPTED into unstable
Index(es):
- Date
- Thread