mpg123 1.32.5-1ubuntu1.1 source package in Ubuntu

Changelog

mpg123 (1.32.5-1ubuntu1.1) noble-security; urgency=medium

  * SECURITY UPDATE: OOB write during PCM decoding
    - debian/patches/CVE-2024-10573-1.patch: don't prepare for actual frame
      data when there is none in src/libmpg123/parse.c.
    - debian/patches/CVE-2024-10573-2.patch: separate header data into a
      struct, ensure late updating in frame in src/libmpg123/frame.c,
      src/libmpg123/frame.h, src/libmpg123/layer1.c,
      src/libmpg123/layer2.c, src/libmpg123/layer3.c,
      src/libmpg123/libmpg123.c, src/libmpg123/parse.c.
    - CVE-2024-10573

 -- Marc Deslauriers <email address hidden>  Mon, 04 Nov 2024 13:26:15 -0500

Upload details

Uploaded by:
Marc Deslauriers
Uploaded to:
Noble
Original maintainer:
Ubuntu Developers
Architectures:
any
Section:
sound
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Noble updates main sound
Noble security main sound

Downloads

File Size SHA-256 Checksum
mpg123_1.32.5.orig.tar.xz 905.4 KiB 04d20ed3ae6aad576a0ccec4a851b9f142afa56ef20e82f1bf610c4e8bcd8579
mpg123_1.32.5-1ubuntu1.1.debian.tar.xz 34.8 KiB b82502b87d031e5f9f49eef0d90e59bc94eba737bcc1aa3e6a8e3a665ea6774a
mpg123_1.32.5-1ubuntu1.1.dsc 2.4 KiB 10c771ac9362ddfa6b863740cc541a3d1b88841908231a28b87b49f66974cab6

View changes file

Binary packages built by this source

libmpg123-0t64: MPEG layer 1/2/3 audio decoder (shared library)

 mpg123 is a real time MPEG 1.0/2.0/2.5 audio player/decoder for layers
 1, 2 and 3 (MPEG 1.0 layer 3 also known as MP3).
 .
 This package contains the C libraries needed to run executables that use
 the mpg123 library.

libmpg123-0t64-dbgsym: debug symbols for libmpg123-0t64
libmpg123-dev: MPEG layer 1/2/3 audio decoder (development files)

 mpg123 is a real time MPEG 1.0/2.0/2.5 audio player/decoder for layers
 1, 2 and 3 (MPEG 1.0 layer 3 also known as MP3).
 .
 This package contains the C development headers and library files needed
 to compile programs using the mpg123 library.

libout123-0t64: MPEG layer 1/2/3 audio decoder (libout123 shared library)

 mpg123 is a real time MPEG 1.0/2.0/2.5 audio player/decoder for layers
 1, 2 and 3 (MPEG 1.0 layer 3 also known as MP3).
 .
 This package contains the shared out123 library.

libout123-0t64-dbgsym: debug symbols for libout123-0t64
libsyn123-0t64: MPEG layer 1/2/3 audio decoder (libsyn123 shared library)

 mpg123 is a real time MPEG 1.0/2.0/2.5 audio player/decoder for layers
 1, 2 and 3 (MPEG 1.0 layer 3 also known as MP3).
 .
 This package contains the shared syn123 library.

libsyn123-0t64-dbgsym: debug symbols for libsyn123-0t64
mpg123: MPEG layer 1/2/3 audio player

 mpg123 is a real time MPEG 1.0/2.0/2.5 audio player/decoder for layers
 1, 2 and 3 (MPEG 1.0 layer 3 also known as MP3).
 .
 This package contains output plugins for several audio systems, including
 OSS4, the Advanced Linux Sound Architecture (ALSA), JACK, PortAudio,
 PulseAudio, OpenAL and the Network Audio System (NAS).

mpg123-dbgsym: debug symbols for mpg123