Information on source package lame

Available versions

ReleaseVersion
wheezy3.99.5+repack1-3+deb7u1
jessie3.99.5+repack1-7+deb8u1
stretch3.99.5+repack1-9
buster3.100-2
sid3.100-2

Open issues

BugwheezyjessiestretchbustersidDescription
CVE-2017-9872vulnerablevulnerable (no DSA)fixedfixedfixedThe III_dequantize_sample function in layer3.c in mpglib, as used in ...
CVE-2017-9871vulnerablevulnerable (no DSA)fixedfixedfixedThe III_i_stereo function in layer3.c in mpglib, as used in ...
CVE-2017-9870vulnerablevulnerable (no DSA)fixedfixedfixedThe III_i_stereo function in layer3.c in mpglib, as used in ...
CVE-2017-9869vulnerablevulnerable (no DSA)fixedfixedfixedThe II_step_one function in layer2.c in mpglib, as used in ...
CVE-2017-15046vulnerablevulnerable (no DSA)fixedfixedfixedLAME 3.99.5 has a stack-based buffer overflow in unpack_read_samples ...
CVE-2017-15045vulnerablevulnerable (no DSA)fixedfixedfixedLAME 3.99.5 has a heap-based buffer over-read in fill_buffer in ...
CVE-2017-15019vulnerablevulnerablevulnerablevulnerablevulnerableLAME 3.99.5 has a NULL Pointer Dereference in the hip_decode_init ...
CVE-2017-15018vulnerablevulnerable (no DSA)fixedfixedfixedLAME 3.99.5 has a heap-based buffer over-read when handling a malformed ...
CVE-2017-13712vulnerablevulnerable (no DSA)vulnerable (no DSA)fixedfixedNULL Pointer Dereference in the id3v2AddAudioDuration function in ...

Resolved issues

BugDescription
CVE-2017-9412The unpack_read_samples function in frontend/get_audio.c in LAME 3.99.5 ...
CVE-2017-9411The fill_buffer_resample function in libmp3lame/util.c in LAME 3.99.5 ...
CVE-2017-9410The fill_buffer_resample function in libmp3lame/util.c in LAME 3.99.5 ...
CVE-2017-8419LAME through 3.99.5 relies on the signed integer data type for values ...
CVE-2017-11720There is a division-by-zero vulnerability in LAME 3.99.5, caused by a ...
CVE-2015-9101The fill_buffer_resample function in util.c in libmp3lame.a in LAME ...
CVE-2015-9100The fill_buffer_resample function in util.c in libmp3lame.a in LAME ...
CVE-2015-9099The lame_init_params function in lame.c in libmp3lame.a in LAME 3.99.5 ...

Search for package or bug name: Reporting problems