It was discovered that speex, the Speex codec command line tools, did not correctly deal with negative offsets in a particular header field. This could allow a malicious file to execute arbitrary code. For the stable distribution (etch), this problem has been fixed in version 1.1.12-3etch1. We recommend that you upgrade your speex package.
It was discovered that speex, the Speex codec command line tools, did not correctly deal with negative offsets in a particular header field. This could allow a malicious file to execute arbitrary code.
For the stable distribution (etch), this problem has been fixed in version 1.1.12-3etch4.
We recommend that you upgrade your speex package.
MD5 checksums of the listed files are available in the original advisory.