11 matches found
Mageia: Security Advisory (MGASA-2017-0249)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 27 : mpg123 (2017-12794057a6)
Update to upstream release 1.25.6 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...
openSUSE Security Update : mpg123 (openSUSE-2017-1139)
This update for mpg123 to version 1.25.7 fixes the following issues : - CVE-2017-10683: Improvement over previous fix for xrpnt overflow problems boo1046766 The following changes are also included in version 1.25.7 : - Do not play with cursor and inverse video for progress bar when TERM=dumb - Fi...
Fedora Update for mpg123 FEDORA-2017-172410ec92
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for mpg123 FEDORA-2017-c89d94d812
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated mpg123 packages fix security vulnerabilities
The nexttext function in src/libmpg123/id3.c in mpg123 1.24.0 allows remote attackers to cause a denial of service buffer over-read via a crafted mp3 file CVE-2017-9545. Invalid read of size 1 in ID3v2 parser due to forgotten offset from the frame flag bytes CVE-2017-10683. Extend pow tables for...
CVE-2017-10683
In mpg123 1.25.0, there is a heap-based buffer over-read in the convertlatin1 function in libmpg123/id3.c. A crafted input will lead to a remote denial of service attack...
CVE-2017-10683
In mpg123 1.25.0, there is a heap-based buffer over-read in the convertlatin1 function in libmpg123/id3.c. A crafted input will lead to a remote denial of service attack...
CVE-2017-10683
In mpg123 1.25.0, there is a heap-based buffer over-read in the convertlatin1 function in libmpg123/id3.c. A crafted input will lead to a remote denial of service attack...
CVE-2017-10683
CVE-2017-10683 affects mpg123 prior to upstream releases 1.25.6/1.25.7, via a heap-based over-read in convert_latin1() in libmpg123/id3.c that enables remote denial of service. Advisories reference upstream fixes and vendor releases (e.g., Fedora/openSUSE patches to 1.25.6/1.25.7). The initial de...
CVE-2017-10683
In mpg123 1.25.0, there is a heap-based buffer over-read in the convertlatin1 function in libmpg123/id3.c. A crafted input will lead to a remote denial of service attack...