-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 10 Nov 2024 16:26:42 +0100 Source: mpg123 Binary: libmpg123-0 libmpg123-0-dbgsym libmpg123-dev libout123-0 libout123-0-dbgsym libsyn123-0 libsyn123-0-dbgsym mpg123 mpg123-dbgsym Architecture: amd64 Version: 1.31.2-1+deb12u1 Distribution: bookworm-security Urgency: high Maintainer: amd64 / i386 Build Daemon (x86-csail-01) Changed-By: Salvatore Bonaccorso Description: libmpg123-0 - MPEG layer 1/2/3 audio decoder (shared library) libmpg123-dev - MPEG layer 1/2/3 audio decoder (development files) libout123-0 - MPEG layer 1/2/3 audio decoder (libout123 shared library) libsyn123-0 - MPEG layer 1/2/3 audio decoder (libsyn123 shared library) mpg123 - MPEG layer 1/2/3 audio player Closes: 1086443 Changes: mpg123 (1.31.2-1+deb12u1) bookworm-security; urgency=high . * Non-maintainer upload by the Security Team. * Fix buffer overflow (Frankenstein's Monster) (CVE-2024-10573) (Closes: #1086443) Checksums-Sha1: 4b9c36dd248c975129411ea88ebcfdfc28f09296 261888 libmpg123-0-dbgsym_1.31.2-1+deb12u1_amd64.deb 5100a34f19ab549d787926342ceb0395ad8653fc 146980 libmpg123-0_1.31.2-1+deb12u1_amd64.deb a9df503ce6bae40283476b351f619cbb065cf276 57556 libmpg123-dev_1.31.2-1+deb12u1_amd64.deb 035fa38f81cc312084feb2d7c0899046b736d8cd 74700 libout123-0-dbgsym_1.31.2-1+deb12u1_amd64.deb cc8d241c006d0f5cae3c355a7145be4557764296 28512 libout123-0_1.31.2-1+deb12u1_amd64.deb 9acd3ed09e3f273cff82c680efd4408b531f9220 171900 libsyn123-0-dbgsym_1.31.2-1+deb12u1_amd64.deb 3924f92e3dd10d3f9598edaa0045fed2c439e087 86120 libsyn123-0_1.31.2-1+deb12u1_amd64.deb 3359975c867dd92f2f28501d82ee4cfeeb4ad6b4 319492 mpg123-dbgsym_1.31.2-1+deb12u1_amd64.deb 8215880c9a203b676dd84c04122ff66022345d98 10524 mpg123_1.31.2-1+deb12u1_amd64-buildd.buildinfo 7a184ab814fa09fce522a75083de263ee87f1488 201152 mpg123_1.31.2-1+deb12u1_amd64.deb Checksums-Sha256: 908f9b3a4eed582367771c8a94cff92d0d27acce4e3972ab18a977d86b13486e 261888 libmpg123-0-dbgsym_1.31.2-1+deb12u1_amd64.deb a10ad0d59995b859797a5f20d2833672051d0b2c7dab4c71f2e79258b2e3f631 146980 libmpg123-0_1.31.2-1+deb12u1_amd64.deb 680252b9378ed33c71f8dd25efe9e8a43d3b0e52aa15090c78e21ef73879ff9e 57556 libmpg123-dev_1.31.2-1+deb12u1_amd64.deb c23afea5291a99d7c5c222551a8ef20e9639cc7681298ee7cd6a26c99f0db370 74700 libout123-0-dbgsym_1.31.2-1+deb12u1_amd64.deb 0ef3c7b2f4dc63f2b1cca6ccc943f8d5f363fcad60aee4ab07305392040a42c5 28512 libout123-0_1.31.2-1+deb12u1_amd64.deb a889ab09699103d8cfb2690bf166a76e1cf5d10551d8aadf842b3b93fef1d435 171900 libsyn123-0-dbgsym_1.31.2-1+deb12u1_amd64.deb 5ff66dbd34b3b388dc33b526f72904d47b75a930c7767f7327c9408f223e5b64 86120 libsyn123-0_1.31.2-1+deb12u1_amd64.deb 3f2f80b2845ea52a0baf1a39659010bd0f98efe0cd6d6f2972272b5147eda5c6 319492 mpg123-dbgsym_1.31.2-1+deb12u1_amd64.deb 999d79493fd76c1db249fb5acd7b5d32d3dd8e8136fa5ae1685c9501f97e14e0 10524 mpg123_1.31.2-1+deb12u1_amd64-buildd.buildinfo 87bb04a3a5bd1174307afd71e78b4dc8e8735c9c04f552222402c7fe34391c32 201152 mpg123_1.31.2-1+deb12u1_amd64.deb Files: fb86dde29b16698c61e5bc9f119d9c4c 261888 debug optional libmpg123-0-dbgsym_1.31.2-1+deb12u1_amd64.deb 2d44cb8a5caf4b39c083c859dd492852 146980 libs optional libmpg123-0_1.31.2-1+deb12u1_amd64.deb f84beaac42ccd8274012a4cea9aef7ac 57556 libdevel optional libmpg123-dev_1.31.2-1+deb12u1_amd64.deb 9d6a95f81f1627b850f88250ce16d52f 74700 debug optional libout123-0-dbgsym_1.31.2-1+deb12u1_amd64.deb 206ab632b940224e6ede385d31bd7dde 28512 libs optional libout123-0_1.31.2-1+deb12u1_amd64.deb bad1bb1f7d2d963d61772658240f456a 171900 debug optional libsyn123-0-dbgsym_1.31.2-1+deb12u1_amd64.deb 88dbc8a803458afea26606fbb831f62c 86120 libs optional libsyn123-0_1.31.2-1+deb12u1_amd64.deb d8324b12974a011b6e791bfb3f1c19fe 319492 debug optional mpg123-dbgsym_1.31.2-1+deb12u1_amd64.deb 059b3e5e01f969f3abd92b8c8c7e7f96 10524 sound optional mpg123_1.31.2-1+deb12u1_amd64-buildd.buildinfo c3d76ffb3ff94d727cc3b64aa55b8673 201152 sound optional mpg123_1.31.2-1+deb12u1_amd64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEvy6d65NNYPbL6IQIEQ1nooK/IAQFAmcw1bEACgkQEQ1nooK/ IAQQnQ//UGMqIHwiZv1tI5yN8dPrOQAwTTGs+TBaTEmkM7FO4px3Pq6dCf/N9+SC gG8NMjKo08JPOAm+EZoRYGcCQxu5Gphp6Cm1xej1yWit2JwbKbqVzvtFj+nVbGmh lypiejNlEr967Y+a1r+7Rg0KxtdNiWLOkBXvmuDQvMj+GAaXWKPu1Yx0vG/It4HY +8eoV1xms4KW5qS6nx5Px9mH+V/6M/H04JzKp9k9WVCVUVe2UPVMXwQTVAuYkO8/ iZoe1mGfn9jhA52AtzXQlT308RjYpi7kAWRY60kqmum6VO0pMlCXogy/+i4YRMxC IFlgt+7FIjfk6UVzHKUF8rEUMoEuYzSnycfrAEMi0t0XZadwiLZas0Gu6xGFkoBz CNt4JumoMvpqMsxZSLtnLgLHvfZOBSFtnqOreMwjHRdIKP9b4zUg7aAh6kiGe+c5 zWM8ZJDz4rhc5wj5v3nDEJgFK/xDoD0h4budNB0wZ9EB9gZbeBhTJsfnP5NE0C7c 7Prmm3VB5ldFiDrTucPMpIWFKFvOU6GlWRBhgf04K4WORQmavq8Tzp1w0CxMftw2 dy06ph3bizi6q8H9/E8RKNyVCDDcj1V370pFz4OXfLDwqg/ys0oKoXiZ3qHuCjwp S7UUGTn5At0hhUjfWLWYnA8AEjZfbRBpeTvWVCPRlP1+/w82Jpw= =PwOF -----END PGP SIGNATURE-----