-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4729-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff July 19, 2020 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libopenmpt CVE ID : CVE-2019-14380 CVE-2019-17113 Two security issues were found in libopenmpt, a cross-platform C++ and C library to decode tracked music files, which could result in denial of service and potentially the execution of arbitrary if malformed music files are processed. For the stable distribution (buster), these problems have been fixed in version 0.4.3-1+deb10u1. We recommend that you upgrade your libopenmpt packages. For the detailed security status of libopenmpt please refer to its security tracker page at: https://security-tracker.debian.org/tracker/libopenmpt Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl8UirgACgkQEMKTtsN8 TjbvZA/+JiupoLm5s4dNsxUQLj88OQWq16XVu0W0u49ezUF41DGLAswNQ5LKgaQK 1En2ufi406YVoJSgEr6zTHdu4RM1mErKf5u7gaLw4EMgYk3p7WBl7pXtbsEDqPgt UCEsn76MEVxs7ykp0UD+OaPPg/hhgjp8nyG69FTMVI+zYOt5hzicc3aW1XMtV7Xc GN5OewlczzxP4DgJC0GChNZfkN1JURf5KkDAmCAdrBBQ/SckxR2Le66iWpGb3sxe Zk16sl/UMEIiFlTIlgWuywaa8Ls2rz6wq+s8AczGT3foMs7l+mfineAmq9sHAM+M 9UYu6cIUFuujE9Xg9zrkpOxsYl4W+vhojN65gOteGyPRvlvOvFG16xUGpEbnOb3B O+JfhU5sMTwRujwnDgRxnSEn8lcfvMdSnGkKjv6m0Sd7zjs0cv1MdjGzBBAvnEhy 8eckxc35XAM/q7bdFm2myI5iaeY0X5k5ESjwfkfJhVUmjEpwm2mbPMjsH/dg2fKb ONboKOalZgP+lfICNTkhDnewc409lCp5OEK16lfoOEhRNI+wB6/X3J26TGgzB497 ZDds2B7NV3sG/ZoPUgkiMibIovfVGzx05e94yEQUZJ+b7oyEE0tbfZRJthWEReDx lnrByMvRpIzcy1iUjKcWhnrBdKhtQOHzWVKvuZJFUqOMh/CwiqM= =RwYE -----END PGP SIGNATURE-----