Summary: | <media-sound/mpg123-1.25.10-r1: denial of service (buffer over-read) via a crafted mp3 file | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Christopher Díaz Riveros (RETIRED) <chrisadr> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | sound, thomas-forum |
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://nvd.nist.gov/vuln/detail/CVE-2017-9545 | ||
Whiteboard: | B3 [noglsa cve] | ||
Package list: |
media-sound/mpg123-1.25.10-r1
|
Runtime testing required: | --- |
Description
Christopher Díaz Riveros (RETIRED)
2017-07-27 10:35:07 UTC
Why not simply stabilise 1.25.10 then... x86 stable amd64 stable ia64 stable ppc stable ppc64 stable sparc done. Stable on alpha. arm stable, all arches done. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7c01b0308e5930c14617b37612328345d14f384d commit 7c01b0308e5930c14617b37612328345d14f384d Author: Andreas Sturmlechner <asturm@gentoo.org> AuthorDate: 2018-09-20 13:09:32 +0000 Commit: Andreas Sturmlechner <asturm@gentoo.org> CommitDate: 2018-09-20 15:22:33 +0000 media-sound/mpg123: Security cleanup Bug: https://bugs.gentoo.org/626346 Package-Manager: Portage-2.3.49, Repoman-2.3.10 media-sound/mpg123/Manifest | 2 - media-sound/mpg123/mpg123-1.25.6.ebuild | 103 -------------------------------- media-sound/mpg123/mpg123-1.25.8.ebuild | 103 -------------------------------- 3 files changed, 208 deletions(-) @security, please vote. Security Padawan GLSA Vote No. Thank you all for your work. Closing as [noglsa]. |