libmodplug 1:0.8.4-3ubuntu1.1 source package in Ubuntu

Changelog

libmodplug (1:0.8.4-3ubuntu1.1) jaunty-security; urgency=low

  * SECURITY UPDATE: code execution via integer overflow in
    CSoundFile::ReadMed
    - src/load_med.cpp: check for overflow in song comment and song name.
      Make sure strings are properly NULL-terminated.
    - http://modplug-xmms.cvs.sourceforge.net/viewvc/modplug-xmms/libmodplug/src/load_med.cpp?r1=1.1&r2=1.2
    - http://modplug-xmms.cvs.sourceforge.net/viewvc/modplug-xmms/libmodplug/src/load_med.cpp?r1=1.2&r2=1.3
    - CVE-2009-1438
  * SECURITY UPDATE: denial of service and possible code execution from
    buffer overflow in the PATinst function.
    - src/load_pat.cpp: use sizeof(hw.reserved) instead of a fixed size.
    - http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms;a=commitdiff;h=c4ebb701be6ee9a296a44fdac5a20b7739ff0595
    - CVE-2009-1513

 -- Marc Deslauriers <email address hidden>   Wed, 06 May 2009 13:47:18 -0400

Upload details

Uploaded by:
Marc Deslauriers on 2009-05-07
Uploaded to:
Jaunty
Original maintainer:
Ubuntu Development Team
Component:
main
Architectures:
any
Section:
libs
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size MD5 Checksum
libmodplug_0.8.4.orig.tar.gz 498.8 KiB 091bd1168a524a4f36fc61f95209e7e4
libmodplug_0.8.4-3ubuntu1.1.diff.gz 8.5 KiB 65ddff85bc42da5fdd2806adfae2364e
libmodplug_0.8.4-3ubuntu1.1.dsc 1.1 KiB a9768cf5e67c1af673110df40343bb6c

View changes file

Binary packages built by this source

libmodplug-dev: No summary available for libmodplug-dev in ubuntu jaunty.

No description available for libmodplug-dev in ubuntu jaunty.

libmodplug0c2: No summary available for libmodplug0c2 in ubuntu jaunty.

No description available for libmodplug0c2 in ubuntu jaunty.