OPENSUSE-SU-2024:14454-1 libmpg123-0-1.32.9-1.1 on GA media

These are all security issues fixed in the libmpg123-0-1.32.9-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:11061-1 libmpg123-0-1.29.0-1.2 on GA media

These are all security issues fixed in the libmpg123-0-1.29.0-1.2 package on the GA media of openSUSE Tumbleweed...

Debian: Security Advisory (DLA-655-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : mpg123 (openSUSE-2017-1139)

This update for mpg123 to version 1.25.7 fixes the following issues : - CVE-2017-10683: Improvement over previous fix for xrpnt overflow problems boo1046766 The following changes are also included in version 1.25.7 : - Do not play with cursor and inverse video for progress bar when TERM=dumb - Fi...

openSUSE Security Update : mpg123 (openSUSE-2017-1035)

This update for mpg123 fixes the following issues : - Update to version 1.25.6 - Hotfix for bug 255: Overflow reading frame data bits in layer II decoding. Now, all-zero data is returned if the frame data is exhausted. This might have a slight impact on performance, but not easily measurable so...

CVE-2017-11126

The IIIistereo function in libmpg123/layer3.c in mpg123 through 1.25.1 allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted audio file that is mishandled in the code for the "blocktype != 2" case, a similar issue to CVE-2017-9870...

CVE-2017-11126

CVE-2017-11126 affects mpg123 (libmpg123) through version 1.25.1. The III_i_stereo function in libmpg123/layer3.c mishandles the block_type != 2 code path, enabling a crafted audio file to trigger a buffer over-read and an application crash (denial of service). The available connected documents c...

CVE-2017-11126

The IIIistereo function in libmpg123/layer3.c in mpg123 through 1.25.1 allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted audio file that is mishandled in the code for the "blocktype != 2" case, a similar issue to CVE-2017-9870...

CVE-2017-11126

The IIIistereo function in libmpg123/layer3.c in mpg123 through 1.25.1 allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted audio file that is mishandled in the code for the "blocktype != 2" case, a similar issue to CVE-2017-9870...

mpg123 'III_i_stereo' denial of service vulnerability

mpg123 is a MPEG audio player and decoding library for Linux and Unix operating systems developed by software developer Michael Hipp. A security vulnerability exists in the 'IIIistereo' function in the libmpg123/layer3.c file in mpg123 versions prior to 1.25.1. A remote attacker can exploit this...

CVE-2017-10683

In mpg123 1.25.0, there is a heap-based buffer over-read in the convertlatin1 function in libmpg123/id3.c. A crafted input will lead to a remote denial of service attack...

Debian DLA-655-1 : mpg123 security update

Several security vulnerabilities have been discovered in mpg123, an MPEG layer 1/2/3 audio decoder and player. An attacker could take advantage of these flaws to cause a denial of service against mpg123 or applications using the libmpg123 library with a carefully crafted input file. CVE-2014-9497...

[SECURITY] [DLA 655-1] mpg123 security update

Several security vulnerabilities have been discovered in mpg123, an MPEG layer 1/2/3 audio decoder and player. An attacker could take advantage of these flaws to cause a denial of service against mpg123 or applications using the libmpg123 library with a carefully crafted input file. CVE-2014-9497...

Updated mpg123 packages fix a buffer overflow

Updated mpg123 packages fix security vulnerability: mpg123 1.14.1 and later are vulnerable to a buffer overflow that could allow a maliciously crafted audio file to crash applications that use the libmpg123 library. mpg123 has been updated to version 1.18.0, which fixes this issue, as well as...

MGASA-2014-0067 Updated mpg123 packages fix a buffer overflow

Updated mpg123 packages fix security vulnerability: mpg123 1.14.1 and later are vulnerable to a buffer overflow that could allow a maliciously crafted audio file to crash applications that use the libmpg123 library. mpg123 has been updated to version 1.18.0, which fixes this issue, as well as...