Debian Opus vulnerabilities

CVE-2017-0381 [HIGH] CVE-2017-0381: opus - An information disclosure vulnerability in silk/NLSF_stabilize.c in libopus in M... An information disclosure vulnerability in silk/NLSF_stabilize.c in libopus in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-31607432.

CVE-2013-0899 [MEDIUM] CVE-2013-0899: opus - Integer overflow in the padding implementation in the opus_packet_parse_impl fun... Integer overflow in the padding implementation in the opus_packet_parse_impl function in src/opus_decoder.c in Opus before 1.0.2, as used in Google Chrome before 25.0.1364.97 on Windows and Linux and before 25.0.1364.99 on Mac OS X and other products, allows remote attackers to cause a denial of service (out-of-bounds read) via a long packet. Scope: local bookworm: res