Debian Security Advisory
DLA-1017-1 mpg123 -- LTS security update
- Date Reported:
- 08 Jul 2017
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2017-10683.
- More information:
It was discovered that there was a remote denial of service vulnerability in the mpg123 audio library/player. This was caused by a heap-based buffer over-read in the
For Debian 7
Wheezy, this issue has been fixed in mpg123 version 1.14.4-1+deb7u2.
We recommend that you upgrade your mpg123 packages.