Format: 1.8
Date: Wed, 06 May 2009 13:47:18 -0400
Source: libmodplug
Binary: libmodplug0c2 libmodplug-dev
Architecture: sparc
Version: 1:0.8.4-3ubuntu1.1
Distribution: jaunty
Urgency: low
Maintainer: Ubuntu/sparc Build Daemon <buildd@artigas.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description: 
 libmodplug-dev - development files for mod music based on ModPlug
 libmodplug0c2 - shared libraries for mod music based on ModPlug
Changes: 
 libmodplug (1:0.8.4-3ubuntu1.1) jaunty-security; urgency=low
 .
   * SECURITY UPDATE: code execution via integer overflow in
     CSoundFile::ReadMed
     - src/load_med.cpp: check for overflow in song comment and song name.
       Make sure strings are properly NULL-terminated.
     - http://modplug-xmms.cvs.sourceforge.net/viewvc/modplug-xmms/libmodplug/src/load_med.cpp?r1=1.1&amp;r2=1.2
     - http://modplug-xmms.cvs.sourceforge.net/viewvc/modplug-xmms/libmodplug/src/load_med.cpp?r1=1.2&r2=1.3
     - CVE-2009-1438
   * SECURITY UPDATE: denial of service and possible code execution from
     buffer overflow in the PATinst function.
     - src/load_pat.cpp: use sizeof(hw.reserved) instead of a fixed size.
     - http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms;a=commitdiff;h=c4ebb701be6ee9a296a44fdac5a20b7739ff0595
     - CVE-2009-1513
Checksums-Sha1: 
 48f21ea4bd88298a92056a4c953f32b3dcb94451 188008 libmodplug0c2_0.8.4-3ubuntu1.1_sparc.deb
Checksums-Sha256: 
 cc55f52f0d295ee9c31aae3cc2003d1128a5242b8fbb527b463e0edc8c52c76e 188008 libmodplug0c2_0.8.4-3ubuntu1.1_sparc.deb
Files: 
 df4617de3276c111ca15b3d6b5116156 188008 libs optional libmodplug0c2_0.8.4-3ubuntu1.1_sparc.deb
Original-Maintainer: Zed Pobre <zed@debian.org>