it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 4522-1] faad2 security update

From: Moritz Muehlenhoff <jmm AT debian.org>
To: debian-security-announce AT lists.debian.org
Subject: [IT-SecNots] [SECURITY] [DSA 4522-1] faad2 security update
Date: Sun, 15 Sep 2019 15:55:46 +0000
List-archive: https://lists.debian.org/msgid-search/20190915155546.lo46xyjbqq6pcggo AT seger.debian.org
List-id: <debian-security-announce.lists.debian.org>
List-url: <http://lists.debian.org/debian-security-announce/>
Old-return-path: <jmm AT seger.debian.org>
Priority: urgent
Resent-date: Sun, 15 Sep 2019 15:56:04 +0000 (UTC)
Resent-from: debian-security-announce AT lists.debian.org
Resent-message-id: <ekca_RpRIEM.A.I7.U8lfdB@bendel>
Resent-sender: debian-security-announce-request AT lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4522-1 security AT debian.org
https://www.debian.org/security/ Hugo Lefeuvre
September 15, 2019 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : faad2
CVE ID : CVE-2018-19502 CVE-2018-19503 CVE-2018-19504 CVE-2018-20194
CVE-2018-20195 CVE-2018-20197 CVE-2018-20198 CVE-2018-20357
CVE-2018-20358 CVE-2018-20359 CVE-2018-20361 CVE-2018-20362
CVE-2019-15296
Debian Bug : 914641

Multiple vulnerabilities have been discovered in faad2, the Freeware Advanced
Audio Coder. These vulnerabilities might allow remote attackers to cause
denial-of-service, or potentially execute arbitrary code if crafted MPEG AAC
files are processed.

For the oldstable distribution (stretch), these problems have been fixed
in version 2.8.0~cvs20161113-1+deb9u2.

We recommend that you upgrade your faad2 packages.

For the detailed security status of faad2 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/faad2

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl1+XpoACgkQEMKTtsN8
Tja0xA//QlCrjIhBs6HZmnm+37XN6puyT6R5cCigpzAERhG5tXkCNHY/zE7R5sNi
uUkmi98xOT2YPWO8h8JbiOvdU2TCImPAT7zBXway6a8uMsTbmuprNIW9DZ/E4JUz
IeOJy1dNQeWX5ud4CA0eQQLuKevycG/G4LDPw3zMU0ofayQQiTtgKd5JSPXWN7X5
TaLPwQWHaaSTBNmHDi9nGEy+X3yXGxgC87OSScCdufvFmoV4Aqo7pXBOPJBFyeIQ
JYz6noUW6JzI4xQBngarthSCI2TQRGVn2AnH2n9yWP0Nf2nznymKDh2L5acpNYpY
cSZOUOMrjzX4OPQWmIZMsgbB7MpS0+xHUfb2ls3NJ2RbbLUSFrA/v2Xff4x6/eZM
jsYQ0sKY1Lqt3uj3tD8TqGs1H2q6marjGTlnLsAWyIBXa6MJIQHZdxehhVDx0U7u
Tom0A9NSQqWLa3AV6Dy/BSoWUCbNrXdt4ppoAXgy9k+x2kMNaJpJ3EbAzMA+xRnp
gi44t9E+HT5iNURkKovQt+/OZKPYlI00AVCpH31bjEUHCeTCw79BsX1v9kpuXWXg
jW6A/efW1hnmvC74yeDLNoE3iri54ZKsy+w4ELOLQFAtkmAq0bOW4I/03v7lH2h5
Q77PZEuA2XZVri9vO5z8m4VQE+HZB73LTrq7fJ/eHgTCqJRSmko=
=qHQO
-----END PGP SIGNATURE-----

[IT-SecNots] [SECURITY] [DSA 4522-1] faad2 security update, Moritz Muehlenhoff, 15.09.2019

Archiv bereitgestellt durch MHonArc 2.6.19.