The remote Debian host is missing a security-related update.
Multiple vulnerabilities have been discovered in faad2, the Freeware Advanced Audio Coder. These vulnerabilities might allow remote attackers to cause denial-of-service, or potentially execute arbitrary code if crafted MPEG AAC files are processed.
Upgrade the faad2 packages. For the oldstable distribution (stretch), these problems have been fixed in version 2.8.0~cvs20161113-1+deb9u2.