Accepted mpg123 0.59r-19 (source)

Ubuntu Archive Auto-Sync katie at jackass.ubuntu.com
Fri Feb 4 13:45:29 CST 2005 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Origin: Debian/unstable
Format: 1.7
Date: Fri,  04 Feb 2005 19:17:05 +0000
Source: mpg123
Binary: mpg123-esd, mpg123, mpg123-nas, mpg123-oss-3dnow, mpg123-oss-i486
Architecture: source
Version: 0.59r-19
Distribution: hoary
Urgency: high
Maintainer: Daniel Kobras <kobras at debian.org>
Changed-By: Ubuntu Archive Auto-Sync <katie at jackass.ubuntu.com>
Description: 
 mpg123     - MPEG layer 1/2/3 audio player
Closes: 60058 185544 277948 287043
Changes: 
 mpg123 (0.59r-19) unstable; urgency=high
 .
   * layer2.c: Fix off-by-one error in boundary check introduced in -18.
     Thanks to Jeremy Huddleston for noticing.
   * layer1.c: Use proper parameter range in stereo test.
 .
 mpg123 (0.59r-18) unstable; urgency=high
 .
   * common.c, layer2.c: Fix insufficient validation of MPEG header
     values, discovered by Yuri D'Elia (CAN-2004-0991).
   * mpg123.c: Fix buffer overflow in playlist parser, discovered by
     Bartlomiej Sieka (CAN-2004-1284). Thanks to Steve Kemp for the
     patch. Closes: #287043
   * httpget.c: Fix further heap overflows in http parser. Backported
     from the Gentoo patch for CAN-2004-0982. Original path was coded
     by Jeremy Huddleston for version pre0.59s.
   * mpg123.c: Fix NULL pointer dereference if http_open() fails.
   * httpget.c, xfermem.c: Do not explicitly declare errno variable.
   * audio.c: Include stdlib.h to silence compiler warning.
 .
 mpg123 (0.59r-17) unstable; urgency=high
 .
   * httpget.c: Fix heap overflow in http authentication handler
     (CAN-2004-0982). Closes: #277948
   * mpg123.c: Apply patch by Dan Olson to fix handling of remote
     playlists. Closes: #60058, #185544
Files: 
 36efdf7a61b9545e696e77f8353a8dd2 739 non-free/sound optional mpg123_0.59r-19.dsc
 6e1a84a7c13e86d446b67021cb71e71a 41003 non-free/sound optional mpg123_0.59r-19.diff.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iQEVAwUBQgPKMQF4adwMEr3XAQIu9AgAtbjJOjrqlGHQCIZOpKBUJbAh9vxt96BA
dHaIKumtADtaRiLlAGgC8VkDzG/Kln0XqYhH+gBAEEOF8ZD5fn3UNND+2Ab3nC3z
Cir02BJYR6XnTKax6hmujRYux1rOTmUI6zW31b0zUfOI1BeTVKYxtoB0kg8coZLl
CECBW9LDigp9s3sBHRtqhugSPb5x3UxxFuucZDxF/kiJqO83sptm5L0klhdHaq2F
aBwigYvLysMT8nBvug5BhUYIJmGw1nZOJvpmOwV6re7lgPX8d7iIarUA+p4XqG+Y
bfYFuOzL++QErAnYopEhEmf+qwurF1Yt7yLciE10/EtiCM9k8GXHQg==
=ojVi
-----END PGP SIGNATURE-----


Accepted:
mpg123_0.59r-19.diff.gz
  to pool/multiverse/m/mpg123/mpg123_0.59r-19.diff.gz
mpg123_0.59r-19.dsc
  to pool/multiverse/m/mpg123/mpg123_0.59r-19.dsc

More information about the hoary-changes mailing list