| Release | Version |
|---|---|
| wheezy | 3.99.5+repack1-3+deb7u1 |
| jessie | 3.99.5+repack1-7+deb8u1 |
| stretch | 3.99.5+repack1-9 |
| buster | 3.99.5+repack1-9 |
| sid | 3.99.5+repack1-9 |
| Bug | wheezy | jessie | stretch | buster | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2017-9872 | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | vulnerable | The III_dequantize_sample function in layer3.c in mpglib, as used in ... |
| CVE-2017-9871 | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | vulnerable | The III_i_stereo function in layer3.c in mpglib, as used in ... |
| CVE-2017-9870 | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | vulnerable | The III_i_stereo function in layer3.c in mpglib, as used in ... |
| CVE-2017-9869 | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | vulnerable | The II_step_one function in layer2.c in mpglib, as used in ... |
| CVE-2017-13712 | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | vulnerable | NULL Pointer Dereference in the id3v2AddAudioDuration function in ... |
| Bug | Description |
|---|---|
| CVE-2017-9412 | The unpack_read_samples function in frontend/get_audio.c in LAME 3.99.5 ... |
| CVE-2017-9411 | The fill_buffer_resample function in libmp3lame/util.c in LAME 3.99.5 ... |
| CVE-2017-9410 | The fill_buffer_resample function in libmp3lame/util.c in LAME 3.99.5 ... |
| CVE-2017-8419 | LAME through 3.99.5 relies on the signed integer data type for values ... |
| CVE-2017-11720 | There is a division-by-zero vulnerability in LAME 3.99.5, caused by a ... |
| CVE-2015-9101 | The fill_buffer_resample function in util.c in libmp3lame.a in LAME ... |
| CVE-2015-9100 | The fill_buffer_resample function in util.c in libmp3lame.a in LAME ... |
| CVE-2015-9099 | The lame_init_params function in lame.c in libmp3lame.a in LAME 3.99.5 ... |