Home / mailings [SECURITY] [DSA 4522-1] faad2 security update
Posted on 15 September 2019
Debian Security Advisory- -------------------------------------------------------------------------
Debian Security Advisory DSA-4522-1 security@debian.org
https://www.debian.org/security/ Hugo Lefeuvre
September 15, 2019 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : faad2
CVE ID : CVE-2018-19502 CVE-2018-19503 CVE-2018-19504 CVE-2018-20194
CVE-2018-20195 CVE-2018-20197 CVE-2018-20198 CVE-2018-20357
CVE-2018-20358 CVE-2018-20359 CVE-2018-20361 CVE-2018-20362
CVE-2019-15296
Debian Bug : 914641
Multiple vulnerabilities have been discovered in faad2, the Freeware Advanced
Audio Coder. These vulnerabilities might allow remote attackers to cause
denial-of-service, or potentially execute arbitrary code if crafted MPEG AAC
files are processed.
For the oldstable distribution (stretch), these problems have been fixed
in version 2.8.0~cvs20161113-1+deb9u2.
We recommend that you upgrade your faad2 packages.
For the detailed security status of faad2 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/faad2
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
