Format: 1.7
Date: Mon, 19 Jan 2009 22:13:53 +0100
Source: amarok
Binary: amarok amarok-engines amarok-xine
Architecture: lpia_translations lpia
Version: 2:1.4.9.1-0ubuntu3.2
Distribution: hardy
Urgency: low
Maintainer: Ubuntu/lpia Build Daemon <buildd@zirconium.buildd>
Changed-By: Harald Sitter <apachelogger@ubuntu.com>
Description: 
 amarok     - versatile and easy to use audio player for KDE
 amarok-engines - output engines for the Amarok audio player
 amarok-xine - xine engine for the Amarok audio player
Launchpad-Bugs-Fixed: 318555
Changes: 
 amarok (2:1.4.9.1-0ubuntu3.2) hardy-security; urgency=low
 .
   * SECURITY UPDATE: integer overflows allow remote attackers to execute
     arbitrary code via an Audible Audio (.aa) file (LP: #318555)
     - debian/patches/security_audible_tags.diff fix integer overflow while
       reading audible aa file tags. Based on upstream patch.
     - http://websvn.kde.org/?view=rev&revision=908415
     - http://www.trapkit.de/advisories/TKADV2009-002.txt
     - CVE-2009-0135
     - CVE-2009-0136
Files: 
 9fe15e76b499911dadb67ed66e9e9a2d 5262131 raw-translations - amarok_1.4.9.1-0ubuntu3.2_lpia_translations.tar.gz
 00939b00ed248dcb20ba48cb0f7d4e85 9634246 kde optional amarok_1.4.9.1-0ubuntu3.2_lpia.deb
 08de17b51f8dc7e1718a538354793d96 892 kde optional amarok-engines_1.4.9.1-0ubuntu3.2_lpia.deb
 7e3ec4dd258b53d229e2a62f10f24ee0 55434 kde optional amarok-xine_1.4.9.1-0ubuntu3.2_lpia.deb
Original-Maintainer: Adeodato Simó <dato@net.com.org.es>