news 28 Posted January 26, 2017 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Package : ming Version : 1:0.4.4-1.1+deb7u1 CVE ID : CVE-2016-9264 CVE-2016-9265 CVE-2016-9266 CVE-2016-9827 CVE-2016-9828 CVE-2016-9829 CVE-2016-9831 Debian Bug : 843928 Multiple security issues have been found in Ming. They may lead to the execution of arbitrary code or causing application crash. CVE-2016-9264 global-buffer-overflow in printMP3Headers CVE-2016-9265 divide-by-zero in printMP3Headers CVE-2016-9266 left shift in listmp3.c CVE-2016-9827 listswf: heap-based buffer overflow in _iprintf CVE-2016-9828 listswf: heap-based buffer overflow in _iprintf CVE-2016-9829 listswf: NULL pointer dereference in dumpBuffer CVE-2016-9831 listswf: heap-based buffer overflow in parseSWF_RGBA For Debian 7 "Wheezy", these problems have been fixed in version 0.4.4-1.1+deb7u1. We recommend that you upgrade your ming packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJYifYlAAoJEPZk0la0aRp9fxoQAKTkzD2VzHuErMFjuATxej1X j1cUCpPQTJ0aDNb4Ip3dFLHCGv4KGDUCrvapSJD5ssMGF5XqFLL9yzJze0SP0KPi QYgp4arp7NymP1SzqmJu3CXyuVIiysKv1mbjbGCxtRN9bI7zdRHZLNZFejAoe3qD VU/9INSER6s2TRLy+bOPBiMM9E4cRTiCiXflF+UmpMoPT4OCd9rvqOG/pBwYhoRn 6BFFkmmeqGmLF7i7U0hYgU1OhnyjhZfnBSrOMuEEYt2ilhq2fdQqj+uEfwnXXNuB QjT9hKStfC/F9K+1QQqWwP5HwzE+QMw2HxHAAmrh35mWD3k8cmoPMZo9AtCUExoW uza6e/8ZdtD/kM1zY01UcYXmcLbIS39ZA5FIXaIvo4gcaYV4V+7G4vusRUeiE1Lk 83fHvCFhOeZbbrJpHBkN1KYlbbi6UZasFXGFSpXkfAjYp6u9wAZEhWaM45ixYvA2 vjkmLP5vpkbcFzxA+56k62+mhL+5ZCUJ3Q6bWYDJa6e0ytiH5A8q8wnS0HFfowS/ x+oLaCvfjBBe3KvvRblp4UHbsVziPFdwvdl/HNli5UKfEQrGswDGbhWX+eU8exqJ r+iiuOnpRhopuFW95bPOzQJDrhel6ekL7h+DT7sFvM0cOpkv/cR8HTfeVmA5vQCH 8WmbTBSkpn7Jop2yo1Vx =Clp+ -----END PGP SIGNATURE----- Share this post Link to post
