Advisories ยป MGASA-2014-0067

Updated mpg123 packages fix a buffer overflow

Publication date: 13 Feb 2014
Modification date: 16 Feb 2014
Type: security
Affected Mageia releases : 3 , 4

Description

Updated mpg123 packages fix security vulnerability:

mpg123 1.14.1 and later are vulnerable to a buffer overflow that could allow
a maliciously crafted audio file to crash applications that use the libmpg123
library.

mpg123 has been updated to version 1.18.0, which fixes this issue, as well as
several others.
                

References

SRPMS

3/core

4/core