Bug#527075: gst-plugins-bad0.10: CVE-2009-1438 integer overflow in embedded libmodplug
Nico Golde
nion at debian.org
Tue May 5 14:05:16 UTC 2009
Package: gst-plugins-bad0.10
Severity: grave
Tags: security patch
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for gst-plugins-bad0.10.
CVE-2009-1438[0]:
| Integer overflow in the CSoundFile::ReadMed function
| (src/load_med.cpp) in libmodplug before 0.8.6, as used in
| gstreamer-plugins and other products, allows context-dependent
| attackers to execute arbitrary code via a MED file with a crafted (1)
| song comment or (2) song name, which triggers a heap-based buffer
| overflow.
Since you embedd this package in your sources....
The upstream patch is available on:
http://modplug-xmms.cvs.sourceforge.net/viewvc/modplug-xmms/libmodplug/src/load_med.cpp?r1=1.1&r2=1.2&view=patch
If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.
For further information see:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1438
http://security-tracker.debian.net/tracker/CVE-2009-1438
--
Nico Golde - http://www.ngolde.de - nion at jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-gstreamer-maintainers/attachments/20090505/7af5b44c/attachment.pgp>
More information about the Pkg-gstreamer-maintainers
mailing list