| Package | fluidsynth |
|---|---|
| Version | 1.1.6-2+deb8u1 |
| Related CVEs | CVE-2021-28421 |
A vulnerbility has been found in fluidsynth, a real-time MIDI software synthesizer. Using a special crafted soundfont2 file, a use after free vulnerability might result in arbitrary code execution or a denial of service (DoS).
For Debian 8 jessie, these problems have been fixed in version 1.1.6-2+deb8u1.
We recommend that you upgrade your fluidsynth packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.