Package "faad"
Name: |
faad
|
Description: |
freeware Advanced Audio Decoder player
|
Latest version: |
2.9.1-1ubuntu0.1 |
Release: |
focal (20.04) |
Level: |
updates |
Repository: |
universe |
Head package: |
faad2 |
Homepage: |
https://github.com/knik0/faad2 |
Links
Download "faad"
Other versions of "faad" in Focal
Changelog
faad2 (2.9.1-1ubuntu0.1) focal-security; urgency=medium
* SECURITY UPDATE: Arbitrary Code Execution
- debian/patches/CVE-2021-32272.patch: fixed a buffer overflow in stszin
function.
- debian/patches/CVE-2021-32273.patch: fixed a buffer overflow in ftypin
function.
- debian/patches/CVE-2021-32274.patch: fixed two buffer overflows, one in
sbr_qmf_synthesis_64 function (CVE-2021-32274) and the other one in
sbr_qmf_analysis_32 function (CVE-2021-32277).
- debian/patches/CVE-2021-32278.patch: fixed a buffer overflow in
lt_prediction function.
- debian/patches/CVE-2023-38857-[1-2].patch: fixed a buffer overflow in
stcoin function.
- debian/patches/CVE-2023-38858.patch: fixed a buffer overflow in mp4info
function
- CVE-2021-32272
- CVE-2021-32273
- CVE-2021-32274
- CVE-2021-32277
- CVE-2021-32278
- CVE-2023-38857
- CVE-2023-38858
* SECURITY UPDATE: Denial of Service
- debian/patches/CVE-2021-32276.patch: fixed a null pointer dereference in
get_sample function.
- CVE-2021-32276
-- Amir Naseredini <email address hidden> Tue, 22 Aug 2023 14:07:04 +0100
|
CVE-2021-32272 |
An issue was discovered in faad2 before 2.10.0. A heap-buffer-overflow exists in the function stszin located in mp4read.c. It allows an attacker to c |
CVE-2021-32273 |
An issue was discovered in faad2 through 2.10.0. A stack-buffer-overflow exists in the function ftypin located in mp4read.c. It allows an attacker to |
CVE-2021-32274 |
An issue was discovered in faad2 through 2.10.0. A heap-buffer-overflow exists in the function sbr_qmf_synthesis_64 located in sbr_qmf.c. It allows a |
CVE-2021-32277 |
An issue was discovered in faad2 through 2.10.0. A heap-buffer-overflow exists in the function sbr_qmf_analysis_32 located in sbr_qmf.c. It allows an |
CVE-2021-32278 |
An issue was discovered in faad2 through 2.10.0. A heap-buffer-overflow exists in the function lt_prediction located in lt_predict.c. It allows an at |
CVE-2023-38857 |
Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the stcoin functi |
CVE-2023-38858 |
Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the mp4info funct |
CVE-2021-32276 |
An issue was discovered in faad2 through 2.10.0. A NULL pointer dereference exists in the function get_sample() located in output.c. It allows an att |
|
About
-
Send Feedback to @ubuntu_updates