[ubuntu/focal-updates] faad2 2.9.1-1ubuntu0.1 (Accepted)

Ubuntu Archive Robot ubuntu-archive-robot at lists.canonical.com
Tue Aug 29 10:28:08 UTC 2023

faad2 (2.9.1-1ubuntu0.1) focal-security; urgency=medium

  * SECURITY UPDATE: Arbitrary Code Execution
    - debian/patches/CVE-2021-32272.patch: fixed a buffer overflow in stszin
    - debian/patches/CVE-2021-32273.patch: fixed a buffer overflow in ftypin
    - debian/patches/CVE-2021-32274.patch: fixed two buffer overflows, one in
      sbr_qmf_synthesis_64 function (CVE-2021-32274) and the other one in 
      sbr_qmf_analysis_32 function (CVE-2021-32277).
    - debian/patches/CVE-2021-32278.patch: fixed a buffer overflow in 
      lt_prediction function.
    - debian/patches/CVE-2023-38857-[1-2].patch: fixed a buffer overflow in 
      stcoin function.
    - debian/patches/CVE-2023-38858.patch: fixed a buffer overflow in mp4info
    - CVE-2021-32272
    - CVE-2021-32273
    - CVE-2021-32274
    - CVE-2021-32277
    - CVE-2021-32278 
    - CVE-2023-38857
    - CVE-2023-38858
  * SECURITY UPDATE: Denial of Service
    - debian/patches/CVE-2021-32276.patch: fixed a null pointer dereference in 
      get_sample function.
    - CVE-2021-32276

Date: 2023-08-23 10:32:08.399292+00:00
Changed-By: Amir Naseredini <amir.naseredini at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Focal-changes mailing list