Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] [SECURITY] [DSA 5109-1] faad2 security update

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 5109-1] faad2 security update


Chronologisch Thread 
    < Chronologisch >      < Thread >
  • From: Moritz Muehlenhoff <jmm AT debian.org>
  • To: debian-security-announce AT lists.debian.org
  • Subject: [IT-SecNots] [SECURITY] [DSA 5109-1] faad2 security update
  • Date: Sun, 27 Mar 2022 20:28:11 +0000
  • List-archive: https://lists.debian.org/msgid-search/20220327202811.GA22455 AT seger.debian.org
  • List-id: <debian-security-announce.lists.debian.org>
  • List-url: <http://lists.debian.org/debian-security-announce/>
  • Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From: Date:Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=DM7cK0cTEawoNSAewVoQmfdp95GJQapufUP+qqLHXao=; b=k2 W+1MrzY3++itvYa6wTRGGmmQjZui12mv0Y8fEqyGkhn65mGkCO/M0Wp5MZt0zBkp0WC2h9+46K4Id lcUeFzAHdtKQKEx3JA83SHds5cwBywNmQzODWSu2jbFFPs+VH/Ejg0WjW9rwJUbLZUNUcrAmyTrXK pgBKcRFCa54jOKVUlv5EorFoauIXgxs8NJHjY2jzCAlnoE0SKLt4ZEzFsPJMDB3O/RvbB3jEgu6zl iPj+sa7SW5dLZTuBKA9JZ1awP1lMxOsvn32A+XhIhVRPmiq3kCz36UKNow7fGy+LQa++4KlBR5hJ4 4tUUvjFt/jOSp7sWD6I+mREj8FyYarUA==;
  • Old-return-path: <jmm AT seger.debian.org>
  • Priority: urgent
  • Resent-date: Sun, 27 Mar 2022 20:28:28 +0000 (UTC)
  • Resent-from: debian-security-announce AT lists.debian.org
  • Resent-message-id: <fALywYuinUI.A.MVF.sjMQiB@bendel>
  • Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5109-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
March 27, 2022 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : faad2
CVE ID : CVE-2018-20196 CVE-2018-20199 CVE-2018-20360 CVE-2019-6956
CVE-2021-32272 CVE-2021-32273 CVE-2021-32274 CVE-2021-32276
CVE-2021-32277 CVE-2021-32278

Multiple vulnerabilities have been discovered in the freeware Advanced
Audio Decoder, which may result in denial of service or potentially the
execution of arbitrary code if malformed media files are processed.

For the oldstable distribution (buster), these problems have been fixed
in version 2.10.0-1~deb10u1.

We recommend that you upgrade your faad2 packages.

For the detailed security status of faad2 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/faad2

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmJAxogACgkQEMKTtsN8
TjbZLhAAjfnN7ggdnISUsOWtQAuOC4lyn/xjDjyHsiw793ENhs11iuVRjma35SOD
4uBL8W3+3vzotXp4wlYa6xFiFZM5fuWQCpTnbrEEw3nV7LPsZ4/4MlMUDvwOTGDS
LHAdhJzD/bro/E2s822AG3GoSsBB/APRn3hdvY4KYpgMU9KKK76LKxvUDL8GbEtu
Uj6yLa/5lSvqvnr/84L9bKW2QjOsV3bABkOq8u5O5cZJ49Eh0fMT88u6eaTPTbc5
nU9TnbWUUntOf63JSHfszgFmgCxfLqU7HL0j96hJiCKgLvnv4K5763J68mrjanWE
smAlwoi5cfnAKd99AmkGMeF5UoWkwVPGVN1FPtNAN9IqOYp6+Shxi6cZybkdJohr
geGfKINXK+S6De5ZZYYPpd4kIBeKwA5GVv2fLlh3Qbyrb1w4eTRz8dKh3t5q1SrC
PVO3evzgwLHitrx96uKSxHhzDurZxE7e99jbHV8yGuEv4k/9JY7KNl6yJn926VM4
XxCdITclHlvLRJGHU2IK83EvEtyj/ZeV9/sIDlnxyf24q6TStX2wObUPGEMnwgfR
1s/OyB2MPfYGn3u5OjiDUkWCPDzXNqxvcOUiG1O61V495Ckgkz+66BS56NsCypYT
lTZJ7sHEdE+aS34Y48esnoSGtmHqt0vFSdmTtXxZt9eJdfRGqug=
=RuED
-----END PGP SIGNATURE-----


  • [IT-SecNots] [SECURITY] [DSA 5109-1] faad2 security update, Moritz Muehlenhoff, 27.03.2022

Archiv bereitgestellt durch MHonArc 2.6.24.

Seitenanfang