libmodplug 1:0.7-5ubuntu0.6.06.2 source package in Ubuntu

Changelog

libmodplug (1:0.7-5ubuntu0.6.06.2) dapper-security; urgency=low

  * SECURITY UPDATE: code execution via integer overflow in
    CSoundFile::ReadMed
    - src/load_med.cpp: check for overflow in song comment and song name.
      Make sure strings are properly NULL-terminated.
    - http://modplug-xmms.cvs.sourceforge.net/viewvc/modplug-xmms/libmodplug/src/load_med.cpp?r1=1.1&r2=1.2
    - http://modplug-xmms.cvs.sourceforge.net/viewvc/modplug-xmms/libmodplug/src/load_med.cpp?r1=1.2&r2=1.3
    - CVE-2009-1438

 -- Marc Deslauriers <email address hidden>   Wed, 06 May 2009 15:45:23 -0400

Upload details

Uploaded by:
Marc Deslauriers on 2009-05-07
Uploaded to:
Dapper
Original maintainer:
Zed Pobre
Architectures:
any
Section:
sound
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
libmodplug_0.7.orig.tar.gz 321.7 KiB c80da366576501be18a987c28609bd8ffa340ed20fc03249c70c43634f077052
libmodplug_0.7-5ubuntu0.6.06.2.diff.gz 7.8 KiB c3ce564da80415e8f920c40ae0760e867cd36f85be0c7d044f19f6a0d7cde5c3
libmodplug_0.7-5ubuntu0.6.06.2.dsc 648 bytes 3c3999147cc71f5f39f28485440e87ec40fdafefb57b06e8c5a6828d7b0bc8ba

View changes file

Binary packages built by this source

libmodplug-dev: No summary available for libmodplug-dev in ubuntu dapper.

No description available for libmodplug-dev in ubuntu dapper.

libmodplug0c2: No summary available for libmodplug0c2 in ubuntu dapper.

No description available for libmodplug0c2 in ubuntu dapper.