Bug#527075: gst-plugins-bad0.10: CVE-2009-1438 integer overflow in embedded libmodplug
Sebastian Dröge
slomo at circular-chaos.org
Wed May 6 08:31:42 UTC 2009
Am Mittwoch, den 06.05.2009, 09:36 +0200 schrieb Sebastian Dröge:
> notfound 527077 0.10.10.2-1
> notfound 527077 0.10.10.3-1
> notfound 527077 0.10.11-1
> notfound 527077 0.10.11-2
> notfound 527077 0.10.11-2+b1
>
> Hi,
> thanks for reporting, this bug doesn't affect the version in
> unstable/testing though as it builds against an external libmodplug.
>
> I'll upload fixed versions for stable and oldstable later today.
I've uploaded them now to stable-security and oldstable-security.
Attached are the debdiffs...
-------------- next part --------------
A non-text attachment was scrubbed...
Name: gst-plugins-bad0.10_0.10.3-3.1+etch2.debdiff
Type: text/x-patch
Size: 20680 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-gstreamer-maintainers/attachments/20090506/efdcbb7b/attachment-0002.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: gst-plugins-bad0.10_0.10.7-2+lenny1.debdiff
Type: text/x-patch
Size: 2341 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-gstreamer-maintainers/attachments/20090506/efdcbb7b/attachment-0003.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
URL: <http://lists.alioth.debian.org/pipermail/pkg-gstreamer-maintainers/attachments/20090506/efdcbb7b/attachment-0001.pgp>
More information about the Pkg-gstreamer-maintainers
mailing list