| Bug | wheezy | jessie | stretch | buster | sid | Description |
|---|
| CVE-2017-9872 | vulnerable | vulnerable (no DSA) | fixed | fixed | fixed | The III_dequantize_sample function in layer3.c in mpglib, as used in ... |
| CVE-2017-9871 | vulnerable | vulnerable (no DSA) | fixed | fixed | fixed | The III_i_stereo function in layer3.c in mpglib, as used in ... |
| CVE-2017-9870 | vulnerable | vulnerable (no DSA) | fixed | fixed | fixed | The III_i_stereo function in layer3.c in mpglib, as used in ... |
| CVE-2017-9869 | vulnerable | vulnerable (no DSA) | fixed | fixed | fixed | The II_step_one function in layer2.c in mpglib, as used in ... |
| CVE-2017-15046 | vulnerable | vulnerable (no DSA) | fixed | fixed | fixed | LAME 3.99.5 has a stack-based buffer overflow in unpack_read_samples ... |
| CVE-2017-15045 | vulnerable | vulnerable (no DSA) | fixed | fixed | fixed | LAME 3.99.5 has a heap-based buffer over-read in fill_buffer in ... |
| CVE-2017-15019 | vulnerable | vulnerable (no DSA, ignored) | vulnerable (no DSA, ignored) | vulnerable | vulnerable | LAME 3.99.5 has a NULL Pointer Dereference in the hip_decode_init ... |
| CVE-2017-15018 | vulnerable | vulnerable (no DSA) | fixed | fixed | fixed | LAME 3.99.5 has a heap-based buffer over-read when handling a malformed ... |
| CVE-2017-13712 | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | NULL Pointer Dereference in the id3v2AddAudioDuration function in ... |