News for package faad2

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 3.0 (quilt)
Source: faad2
Binary: faad, faad2-dbg, libfaad-dev, libfaad2
Architecture: any
Version: 2.8.0~cvs20161113-1+deb9u1
Maintainer: Debian Multimedia Maintainers <pkg-multimedia-maintainers@lists.alioth.debian.org>
Uploaders:  Matthew W. S. Bell <matthew@bells23.org.uk>, Reinhard Tartler <siretart@tauware.de>, Fabian Greffrath <fabian@debian.org>
Homepage: http://www.audiocoding.com/
Standards-Version: 3.9.6
Vcs-Browser: http://anonscm.debian.org/cgit/pkg-multimedia/faad2.git
Vcs-Git: git://anonscm.debian.org/pkg-multimedia/faad2.git
Build-Depends: debhelper (>= 9), dh-autoreconf
Package-List:
 faad deb sound optional arch=any
 faad2-dbg deb debug extra arch=any
 libfaad-dev deb libdevel optional arch=any
 libfaad2 deb libs optional arch=any
Checksums-Sha1:
 847e7ed97108e26e226943e7d0a6d3ea8e488134 514680 faad2_2.8.0~cvs20161113.orig.tar.xz
 db6423f4e85349e0111aeb24724d160ab1e5b54d 17832 faad2_2.8.0~cvs20161113-1+deb9u1.debian.tar.xz
Checksums-Sha256:
 de34bce327eac8a89cd58b7d44dfb58988033de6fda0ab9582ed0585fc3fd07e 514680 faad2_2.8.0~cvs20161113.orig.tar.xz
 56580e3420a1ae2f103fc542e4a4ea46e229828a852f874823755fbfc033626b 17832 faad2_2.8.0~cvs20161113-1+deb9u1.debian.tar.xz
Files:
 bceecaced180cdeb9f73d7d04967ce46 514680 faad2_2.8.0~cvs20161113.orig.tar.xz
 9b28daf5c71fdd42cdf7c9e13ace82a7 17832 faad2_2.8.0~cvs20161113-1+deb9u1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlrokapfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkVOwP/3e6w8pkkPF42yrxcD/zJBDt3PX9+s7P1q7c
Y0xSPV92tpZLnWSnbWlBLEJAoGXzN7T3sy9sQNNguq/ui1dpmsRaubpp3DN7vExP
ahdfnompRvFWgeDuZjXCAOEeTkVlf0/nix9YVVgoYdlJbLPGkqRoj94b9j+1BEAW
KKwr6glDpTPqm/+hIgnteaSAzyJx6yb0UYkg3YXyO5ibfEB9H76Kv7YbA3QdZeZw
I2Il/fSICHw9sfcsFWSRzBcsJ/Cvlev9qX1CD0jovwg5qWEo+fLW092IaOhKov/U
GZzmJT5Rkg6aHSZORIzlyrp1pRDufUB/eCr4eeNt/E/1fWWeQNEl01BaGxytFbdD
xEXEk6AEJ2fml0ftRqaYsv7Veif3P4FDZpO2IDXTMwJwcMw+eo7m7BENpbBvHZr4
rQTJ33+TGvsDRY9lmS70lFU1Mqtt4UdI35XqTxueuavs5/+tASKx/iChng8iXV9Y
fl7s+RuRmF/C/8b97HoGAqnhAAgHI9vz/WGKSr4l4tqV7vB3nUm8OT00RlLpKx6l
NfDeoYkUn5lxqYQNqYOpuZwBNrN5rnCjVyNSmfPOoVmYPX9Cw1Q8AIpRamOV53MC
SmbAIU+ydvPfng0Hx003WAwSeCaBcDrNm8NTG9yDNsT5p7Oa9W6VJTnIN3lZfEJh
4QBtfoKR
=LJFC
-----END PGP SIGNATURE-----

<span id="changes">Changes:</span>
faad2 (2.8.0~cvs20161113-1+deb9u1) stretch; urgency=high

  * Non-maintainer upload.
  * Fix CVE-2017-9218, CVE-2017-9219, CVE-2017-9220, CVE-2017-9221,
    CVE-2017-9222, CVE-2017-9223, CVE-2017-9253, CVE-2017-9254, CVE-2017-9255,
    CVE-2017-9256, CVE-2017-9257.
    Various issues were discovered in faad2, a fast audio decoder, that could
    cause a denial of service (large loop and CPU consumption) via a crafted
    mp4 file. (Closes: #889915)

 -- Markus Koschany <apo@debian.org>  Tue, 01 May 2018 17:49:02 +0200