-
libmodplug (1:0.7-5ubuntu0.6.06.2) dapper-security; urgency=low
* SECURITY UPDATE: code execution via integer overflow in
CSoundFile::ReadMed
- src/load_med.cpp: check for overflow in song comment and song name.
Make sure strings are properly NULL-terminated.
- http://modplug-xmms.cvs.sourceforge.net/viewvc/modplug-xmms/libmodplug/src/load_med.cpp?r1=1.1&r2=1.2
- http://modplug-xmms.cvs.sourceforge.net/viewvc/modplug-xmms/libmodplug/src/load_med.cpp?r1=1.2&r2=1.3
- CVE-2009-1438
-- Marc Deslauriers <email address hidden> Wed, 06 May 2009 15:45:23 -0400
-
libmodplug (1:0.7-5ubuntu0.6.06.1) dapper-security; urgency=low
* SECURITY UPDATE: possible arbitrary code execution as the user via buffer
overflows when processing crafted files with very large sample sizes
* patch for sndfile.cpp to properly verify nLength
* References
CVE-2006-4192
-- Jamie Strandboge <email address hidden> Thu, 27 Sep 2007 14:34:04 -0400
-
libmodplug (1:0.7-5) unstable; urgency=low
* Official build, acknowledging NMU, and closing out the bugs
(closes: #318392, #318994)
* Standards-Version: 3.6.2.0 (no changes required)
-- Zed Pobre <email address hidden> Fri, 19 Aug 2005 18:13:54 -0500
