-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 10 Nov 2024 16:26:42 +0100 Source: mpg123 Binary: libmpg123-0 libmpg123-0-dbgsym libmpg123-dev libout123-0 libout123-0-dbgsym libsyn123-0 libsyn123-0-dbgsym mpg123 mpg123-dbgsym Architecture: armhf Version: 1.31.2-1+deb12u1 Distribution: bookworm-security Urgency: high Maintainer: arm Build Daemon (arm-ubc-01) Changed-By: Salvatore Bonaccorso Description: libmpg123-0 - MPEG layer 1/2/3 audio decoder (shared library) libmpg123-dev - MPEG layer 1/2/3 audio decoder (development files) libout123-0 - MPEG layer 1/2/3 audio decoder (libout123 shared library) libsyn123-0 - MPEG layer 1/2/3 audio decoder (libsyn123 shared library) mpg123 - MPEG layer 1/2/3 audio player Closes: 1086443 Changes: mpg123 (1.31.2-1+deb12u1) bookworm-security; urgency=high . * Non-maintainer upload by the Security Team. * Fix buffer overflow (Frankenstein's Monster) (CVE-2024-10573) (Closes: #1086443) Checksums-Sha1: 6548e3cbc4a8dff8e9d0b2baf46777ca50dbe595 253764 libmpg123-0-dbgsym_1.31.2-1+deb12u1_armhf.deb 6daee069205aaa1c125ecdbb235c3219503cfad3 126704 libmpg123-0_1.31.2-1+deb12u1_armhf.deb d45fdc666bc989df9024c046739219f8bbca765b 57568 libmpg123-dev_1.31.2-1+deb12u1_armhf.deb 4185ebcac18118a752b8e39f25b901d56c3b5f84 74308 libout123-0-dbgsym_1.31.2-1+deb12u1_armhf.deb 07c72924a0f1dafbca10c7bfb17e1713e1e8cae1 24020 libout123-0_1.31.2-1+deb12u1_armhf.deb d66f4022659cb934bbd9c39610675d6bcd2c294e 168168 libsyn123-0-dbgsym_1.31.2-1+deb12u1_armhf.deb d5ee3f7eea169d38e68c7553ec292278a1e86b24 72288 libsyn123-0_1.31.2-1+deb12u1_armhf.deb f2460ae9bb92f4599e958cba7ef88c1389d2c328 310976 mpg123-dbgsym_1.31.2-1+deb12u1_armhf.deb ead748854df6983cc6d9dd7492877c4e7e5a0683 10399 mpg123_1.31.2-1+deb12u1_armhf-buildd.buildinfo 87b316bdfdad0dcce7a6d146fffb29a48da81041 192348 mpg123_1.31.2-1+deb12u1_armhf.deb Checksums-Sha256: 09783a7a28f366aed7fe54a3cfbea179268971a8f872f6ee502ac12980fd1baa 253764 libmpg123-0-dbgsym_1.31.2-1+deb12u1_armhf.deb 2aebdfe7ddc323cb7599b1e6c22289c81e27c1ea03b5e66e98d91c3fbd4b7ac9 126704 libmpg123-0_1.31.2-1+deb12u1_armhf.deb c47a56e0f7414bb8986f91aed13a2902e1882e6c78b20fe3f021c3c14a8d9113 57568 libmpg123-dev_1.31.2-1+deb12u1_armhf.deb e5cfbedd4b19b26bf78cab155aad181893612193e2028399ee800a55f0b5a406 74308 libout123-0-dbgsym_1.31.2-1+deb12u1_armhf.deb bd757cb625aa41a2002ea86f4417f085cc379d3afc1007b05ee7ff1056538f20 24020 libout123-0_1.31.2-1+deb12u1_armhf.deb 73e8228ad50d5355fc1482a596b5879e049cfc759ed25921c498f5fe6aaf91e6 168168 libsyn123-0-dbgsym_1.31.2-1+deb12u1_armhf.deb 3228963e118943d2631a8385db41db816d797ad261c2c4564d3b9ee42e2bcd51 72288 libsyn123-0_1.31.2-1+deb12u1_armhf.deb c59dd19ea9a62fb68c515fe9becc19d8a2fe88801753fba6bdf72e7acd56dbf6 310976 mpg123-dbgsym_1.31.2-1+deb12u1_armhf.deb f17ab9368dff50ebd4c6014b6a1c1b45be834322cdb51e07f205b26700bf54b1 10399 mpg123_1.31.2-1+deb12u1_armhf-buildd.buildinfo 77af3df64a475fd6182c095a0b01c321cc055d7ea76b6a06ce50e5e6e0243286 192348 mpg123_1.31.2-1+deb12u1_armhf.deb Files: 9ffefe92a0addb3ba033b3a364b43458 253764 debug optional libmpg123-0-dbgsym_1.31.2-1+deb12u1_armhf.deb 7ea7f7d7605421c7d959f83f11ecc574 126704 libs optional libmpg123-0_1.31.2-1+deb12u1_armhf.deb 3543450199ec0f25505f9a14b76b799f 57568 libdevel optional libmpg123-dev_1.31.2-1+deb12u1_armhf.deb 43b15de2e861b0c5629daa11c4ba1b17 74308 debug optional libout123-0-dbgsym_1.31.2-1+deb12u1_armhf.deb 5853a09b656e48f85a07360b8f11e763 24020 libs optional libout123-0_1.31.2-1+deb12u1_armhf.deb 7181981ea2a6c2df34a3cc57da450ab9 168168 debug optional libsyn123-0-dbgsym_1.31.2-1+deb12u1_armhf.deb c698d31c10c7dca924ec6bafec644a12 72288 libs optional libsyn123-0_1.31.2-1+deb12u1_armhf.deb f3fff232f72350aaece860c3f6a948eb 310976 debug optional mpg123-dbgsym_1.31.2-1+deb12u1_armhf.deb da0f443b33d74a45ceb50e6f1d902f58 10399 sound optional mpg123_1.31.2-1+deb12u1_armhf-buildd.buildinfo 20e1831c2c4af8fec5c3b45293eb768d 192348 sound optional mpg123_1.31.2-1+deb12u1_armhf.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEH43oX1cK+BEEs9Pe/9j0ct/+ZwwFAmcw1mQACgkQ/9j0ct/+ ZwwzXg//eVbVqmoiH0uZVfCJQerGl7VD8v7/oJuUFd/xHBDY66qWL0Y884/+h9Ap 0FFWNHtx2Paja1Rc7xm0S+qpr+eMoE/gZ9vgfjoK/BEX84qWt2Ev278d+q30usO7 oDMtAHKaUnyHkXLZAkYNJae3Wh623CtZmFNMm05gxBSO8aQX0G/JqfREhQEdl04Z 85sEjArWdKhMlY2qnwRXyI1E3VXmtpuCP4xZRHp14s4bZyqiZCybkWxrSDLdWpQy 6TGFd6qWpnkLhl9TbwDqz/WodBMPpwQiVwkw+MaUKpPGwUkYU2qKkoaT+HYhzrE5 fOCf7vopx3prkIMB7e5/yFGxOCkeoqf03a5UTZKRyGUh0EX4m54Lss2kaeLRGxaw E/H+MLHPHa8We7prPRfgrEcMOQOYNvh4HA5yPkowItAHerYqE+G506UwPoVNOSEh lHdnqAaWjpzeWj3DZ9Fl/dIWQ0vqs9PCKp1HMkVnVhGXrU72uozc73MBA53GuWIC nNCO7VLrdl0TeQ7/Io6lK1shq+iYREL5fj6z2y8GEJxYATOuioNvD4uBebR1WuSs 5gkfje5oJOyLlqdhrUqVemH3E7b/eOfoMyfRB4Tsso/9e1UoW9Ht3qUSssZSw9qO Wgrjig1QsCcyS1dxNjnTxJtlV+ee3Rk8xmFUiT74Y/q6cWi5Lj0= =1OrG -----END PGP SIGNATURE-----