-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 10 Nov 2024 16:26:42 +0100 Source: mpg123 Binary: libmpg123-0 libmpg123-0-dbgsym libmpg123-dev libout123-0 libout123-0-dbgsym libsyn123-0 libsyn123-0-dbgsym mpg123 mpg123-dbgsym Architecture: i386 Version: 1.31.2-1+deb12u1 Distribution: bookworm-security Urgency: high Maintainer: amd64 / i386 Build Daemon (x86-ubc-02) Changed-By: Salvatore Bonaccorso Description: libmpg123-0 - MPEG layer 1/2/3 audio decoder (shared library) libmpg123-dev - MPEG layer 1/2/3 audio decoder (development files) libout123-0 - MPEG layer 1/2/3 audio decoder (libout123 shared library) libsyn123-0 - MPEG layer 1/2/3 audio decoder (libsyn123 shared library) mpg123 - MPEG layer 1/2/3 audio player Closes: 1086443 Changes: mpg123 (1.31.2-1+deb12u1) bookworm-security; urgency=high . * Non-maintainer upload by the Security Team. * Fix buffer overflow (Frankenstein's Monster) (CVE-2024-10573) (Closes: #1086443) Checksums-Sha1: 55100c63f472251b9d585caf5da5b54f77e0dbb5 266088 libmpg123-0-dbgsym_1.31.2-1+deb12u1_i386.deb e7bd5feb47204ef7d13575841567be90aeb36985 149604 libmpg123-0_1.31.2-1+deb12u1_i386.deb 34b43802cb577b1b2dac53cca095ad20574f8ffc 57576 libmpg123-dev_1.31.2-1+deb12u1_i386.deb 52a72f0c894a7445dd718faffdde27ef1424dcd2 65064 libout123-0-dbgsym_1.31.2-1+deb12u1_i386.deb 6dc8e9feb694769ca3cc358f95fe1e1bbef988b0 29448 libout123-0_1.31.2-1+deb12u1_i386.deb 2b7f5f00f7ac29f468a1614dc93915543643c20b 166640 libsyn123-0-dbgsym_1.31.2-1+deb12u1_i386.deb ad3c998005b5d49920384ab06fa7dbed2ed09f60 68896 libsyn123-0_1.31.2-1+deb12u1_i386.deb ef47c3f280977e7f8313494a82f5d07703d7e646 293276 mpg123-dbgsym_1.31.2-1+deb12u1_i386.deb e7181e59768eea6c97bb019c306b716b11b5517b 10443 mpg123_1.31.2-1+deb12u1_i386-buildd.buildinfo 48c48d6efaa73ec2588ea33e36d2a3fee515e81c 206156 mpg123_1.31.2-1+deb12u1_i386.deb Checksums-Sha256: 40c3fd363b9385d5d2b6b7d3c5c8c85fe27750e4d7aefe82a6c39d1695c4a6e3 266088 libmpg123-0-dbgsym_1.31.2-1+deb12u1_i386.deb 7a7c29b2882a05610f89091ceff67773ec79d6558294226c1905b0a833430428 149604 libmpg123-0_1.31.2-1+deb12u1_i386.deb cd6a5d353a48ff91e3272643c764753214859c4389b45737af24c5bf2881fd52 57576 libmpg123-dev_1.31.2-1+deb12u1_i386.deb 95edb5cf8d0d4fba95b46bc8a0f2f53aecd6ebe763d9633cede8c27bab022847 65064 libout123-0-dbgsym_1.31.2-1+deb12u1_i386.deb d8763cedbddb838cf7147e73bd23bfd078c1c7d041f0602af10ebeb1377c3fec 29448 libout123-0_1.31.2-1+deb12u1_i386.deb 885adcfe5e0edab06569180626fdfa69710b5e01c7e0124fa6df6a32347b7684 166640 libsyn123-0-dbgsym_1.31.2-1+deb12u1_i386.deb 87999813593e3f78cdcf1620734b16dadae11c3b0d9910472eff3d18e38558b0 68896 libsyn123-0_1.31.2-1+deb12u1_i386.deb d7edcdb94c0d92164dd45523d21b944a4f73901b6e5954e267c99a05b0fa9351 293276 mpg123-dbgsym_1.31.2-1+deb12u1_i386.deb 32af174575f4982973ed6bf90fc31cdcb1a7d6ac94d4552fb0bf0236a888a2d2 10443 mpg123_1.31.2-1+deb12u1_i386-buildd.buildinfo d7aeda5fb13a3ecfc2a3c016c960a33391f092acd61801d80362d8082ed4a212 206156 mpg123_1.31.2-1+deb12u1_i386.deb Files: 0b2dda30d8cff288b4b42cb57e99e0e9 266088 debug optional libmpg123-0-dbgsym_1.31.2-1+deb12u1_i386.deb 464e95d1e58aea350813b5faaf7ff08d 149604 libs optional libmpg123-0_1.31.2-1+deb12u1_i386.deb 8ad1dd554bf40d90ce413f9c3062344f 57576 libdevel optional libmpg123-dev_1.31.2-1+deb12u1_i386.deb d4008be0acf85e32da0b2b77927d6d06 65064 debug optional libout123-0-dbgsym_1.31.2-1+deb12u1_i386.deb bd3f9bc2d6e42f040b0ef93a4f94fb47 29448 libs optional libout123-0_1.31.2-1+deb12u1_i386.deb a7e78acb54ff0da3cb2dbd5cce392a7f 166640 debug optional libsyn123-0-dbgsym_1.31.2-1+deb12u1_i386.deb 0497d0acf937a94571d18e3950e99c9c 68896 libs optional libsyn123-0_1.31.2-1+deb12u1_i386.deb a0dbe4abec02dd0001209050b62bb792 293276 debug optional mpg123-dbgsym_1.31.2-1+deb12u1_i386.deb 6fb6492d064b4be4da79bd910fcb0db7 10443 sound optional mpg123_1.31.2-1+deb12u1_i386-buildd.buildinfo 8e39df6bc6971eae0fda0050dbf7c8be 206156 sound optional mpg123_1.31.2-1+deb12u1_i386.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEGBeuno8wiDXCewDuqqLQG5ksqMMFAmcw1ZUACgkQqqLQG5ks qMMDwRAAvyOWXGwLtwlA8zdE5oNuXlqPsFUWj4/PJyMgj6xZKZ9HQ7xxQeMF8Jur zdOrX+FozygHe8mlUmysyTT+X+di4Vuo5hE/TGRDn66FRUtWvSILKFt26ec4ljwu zRAfaEY6DA5L9not/vB36ZU1ZCrExNIoJHA39S3ItQu0773libovlgi0VftYT/LP ihw47vLtc379DIfrg46eRRt3A8X20riNfk4GgDKP+q4MP+ndDyhIitmZhSDj2BjW P8DX8sKLdOMFGa5tA8t5nJt9XzBRcOokl2/H85ucGPnUpkOhmZl108vcRs6dElmE wohs/r3wXw4e1WFjWaGaXGDup1QV1+U02vTvaaiqiKk8A1u0kovf8CsNifW4KX9d WOOr1an7LlHAXw4JTLBfV7ekDuRMKIUX6GHEv1q7Ey4s3d+hpZubNjrp+dTTvywH G1XqAbi5VlFRm6XiowufjTO8S50t90osyo1pRKijIwVaJaa59h7hKsRZjVEPRQHa 9bMtZrsFm055OlfsCIgiIWOiVUfro1+mJNNV8YxolKUVqeZ9hoW8nMFz4QkD9NEu 5ahc8NwK+6Cb3PtWQJzU0eZaPAWJLUHb2pRNF2dO7eqTW84jA/i7TwS0cTHFbLxa KMLzDfQaFxynV45ZPF/P7IEGSg6wk7/qRzkiRACg5Ncas59UOZc= =Hk8A -----END PGP SIGNATURE-----