Package "mpg123"

Name:	mpg123
Description:	MPEG layer 1/2/3 audio player
Latest version:	1.16.0-1ubuntu1.1
Release:	trusty (14.04)
Level:	updates
Repository:	universe
Homepage:	http://mpg123.org/

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "mpg123"

32-bit deb package

64-bit deb package

APT INSTALL

Other versions of "mpg123" in Trusty

Repository	Area	Version
base	universe	1.16.0-1ubuntu1
security	universe	1.16.0-1ubuntu1.1

Packages in group

Deleted packages are displayed in grey.

Changelog

Version: 1.16.0-1ubuntu1.1 2018-09-05 22:06:41 UTC

mpg123 (1.16.0-1ubuntu1.1) trusty-security; urgency=medium * SECURITY UPDATE: Buffer overflow - debian/patches/CVE-2014-9497.patch: Regression fix: Ensure decoder reinitialization on combination of seek and resync (buffer overflow) and add check for bad bit allocation value in layer I decoder. - CVE-2014-9497 * SECURITY UPDATE: Memory overread - debian/patches/CVE-2016-1000247.patch: fix DoS with crafted ID3v2 tags. - CVE-2016-1000247 * SECURITY UPDATE: Memory overread - debian/patches/CVE-2017-10683.patch: fix in id3.c - CVE-2017-10683 -- Eduardo Barretto <email address hidden> Tue, 04 Sep 2018 17:42:41 -0300

CVE-2014-9497	Buffer overflow in mpg123 before 1.18.0.
CVE-2016-1000247	mpg123 memory overread
CVE-2017-10683	In mpg123 1.25.0, there is a heap-based buffer over-read in the convert_latin1 function in libmpg123/id3.c. A crafted input will lead to a remote den

About - Send Feedback to @ubuntu_updates

Package "mpg123"

Links

Download "mpg123"

Other versions of "mpg123" in Trusty

Packages in group

Changelog

Share this page

Bookmarks

Latest updates

security

PPA updates