Recommended "Album" dB change for all files: -4.060000 Max PCM sample at current gain: 28658.739531 Just repeating Herman's tests for 64-bits. , it does not look worthwhile to follow up the PoCs. In the light of what has been already said, e.g. Played mp3's again then, but could not really tell if there was a noticeable change. No changes to 01 Welington's Sieg.mp3 are necessaryĪpplying mp3 gain change of -3 to 02 Zapfenstreich.mp3. $ mp3gain -r 01\ Welington\'s\ Sieg.mp3 02\ Zapfenstreich.mp3 Max PCM sample at current gain: 32481.402828 Recommended "Album" mp3 gain change for all files: -1 Recommended "Album" dB change for all files: -1.430000 Max PCM sample at current gain: 32819.066763 WARNING: some clipping may occur with this gain change! The wav's come from an old Philips audio cassette. Probably won't be fixed, package should be dropped/replaced =>Ĭreated two mp3 files from wav's using audacity.
Updated packages in core/updates_testing: The vulnerability causes a denial of service (segmentation fault and application crash) or possibly unspecified other impact (CVE-2017-14412).īuffer overflow in the WriteMP3GainAPETag function in apetag.c in mp3gain through 1.5.2-r2 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact (CVE-2018-10777).
The vulnerability causes an out-of-bounds write, which leads to remote denial of service or possibly code execution (CVE-2017-14411).Īn invalid memory write was discovered in copy_mp in interface.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes an application crash, which leads to remote denial of service (CVE-2017-14410).Ī stack-based buffer overflow was discovered in copy_mp in interface.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes an out-of-bounds write, which leads to remote denial of service or possibly code execution (CVE-2017-14409).Ī buffer over-read was discovered in III_i_stereo in layer3.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes an application crash, which leads to remote denial of service (CVE-2017-14408).Ī buffer overflow was discovered in III_dequantize_sample in layer3.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes an application crash, which leads to remote denial of service (CVE-2017-14407).Ī stack-based buffer over-read was discovered in dct36 in layer3.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes a segmentation fault and application crash, which leads to remote denial of service (CVE-2017-14406).Ī stack-based buffer over-read was discovered in filterYule in gain_analysis.c in MP3Gain version 1.5.2.
Updated mp3gain package fixes security vulnerabilities:Ī NULL pointer dereference was discovered in sync_buffer in interface.c in mpglibDBL, as used in MP3Gain version 1.5.2. Updated packages uploaded for cauldron and Mageia 6.