Format: 1.7
Date: Thu, 12 Mar 2009 11:16:08 -0400
Source: amarok
Binary: amarok amarok-xine amarok-engines
Architecture: hppa
Version: 2:1.4.7-0ubuntu3.2
Distribution: gutsy
Urgency: low
Maintainer: Ubuntu/hppa Build Daemon <buildd@kohnen.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description: 
 amarok     - versatile and easy to use audio player for KDE
 amarok-engines - output engines for the Amarok audio player
 amarok-xine - xine engine for the Amarok audio player
Launchpad-Bugs-Fixed: 318555
Changes: 
 amarok (2:1.4.7-0ubuntu3.2) gutsy-security; urgency=low
 .
   * SECURITY UPDATE: Code execution via multiple integer overflows and array
     index errors in the metadata parser for audible files. (LP: #318555)
     - debian/patches/100_security_CVE-2009-0135-0136.patch: improve error handling
       and set a maximum tag size in amarok/src/metadata/audible/audibletag.cpp.
     - CVE-2009-0135
     - CVE-2009-0136
Files: 
 fcf9780ef3b63601d71cb4f781d2b67c 14028232 kde optional amarok_1.4.7-0ubuntu3.2_hppa.deb
 741fd424826c5a6b05cda7064a994b34 884 kde optional amarok-engines_1.4.7-0ubuntu3.2_hppa.deb
 b756b7c7dbde25d04d15285232f1f3cf 68106 kde optional amarok-xine_1.4.7-0ubuntu3.2_hppa.deb
Original-Maintainer: Adeodato Simó <dato@net.com.org.es>