Format: 1.8
Date: Wed, 06 May 2009 13:47:18 -0400
Source: libmodplug
Binary: libmodplug0c2 libmodplug-dev
Architecture: armel
Version: 1:0.8.4-3ubuntu1.1
Distribution: jaunty
Urgency: low
Maintainer: Ubuntu/armel Build Daemon <buildd@nageia.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description: 
 libmodplug-dev - development files for mod music based on ModPlug
 libmodplug0c2 - shared libraries for mod music based on ModPlug
Changes: 
 libmodplug (1:0.8.4-3ubuntu1.1) jaunty-security; urgency=low
 .
   * SECURITY UPDATE: code execution via integer overflow in
     CSoundFile::ReadMed
     - src/load_med.cpp: check for overflow in song comment and song name.
       Make sure strings are properly NULL-terminated.
     - http://modplug-xmms.cvs.sourceforge.net/viewvc/modplug-xmms/libmodplug/src/load_med.cpp?r1=1.1&amp;r2=1.2
     - http://modplug-xmms.cvs.sourceforge.net/viewvc/modplug-xmms/libmodplug/src/load_med.cpp?r1=1.2&r2=1.3
     - CVE-2009-1438
   * SECURITY UPDATE: denial of service and possible code execution from
     buffer overflow in the PATinst function.
     - src/load_pat.cpp: use sizeof(hw.reserved) instead of a fixed size.
     - http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms;a=commitdiff;h=c4ebb701be6ee9a296a44fdac5a20b7739ff0595
     - CVE-2009-1513
Checksums-Sha1: 
 ccfc2ec871979f996f85a0d7580e29f723a39d1e 184154 libmodplug0c2_0.8.4-3ubuntu1.1_armel.deb
Checksums-Sha256: 
 cd4aca01d8b670e3974fd0c5b3095caa77d4d40438b0b8760e22a2f7b99a974a 184154 libmodplug0c2_0.8.4-3ubuntu1.1_armel.deb
Files: 
 fa99a19530d7a581e3aebff6edeafd53 184154 libs optional libmodplug0c2_0.8.4-3ubuntu1.1_armel.deb
Original-Maintainer: Zed Pobre <zed@debian.org>