[gstreamer-bugs] [Bug 385788] [SECURITY] buffer overflows in modplug
GStreamer (bugzilla.gnome.org)
bugzilla-daemon at bugzilla.gnome.org
Thu Dec 14 07:02:01 PST 2006
Do not reply to this via email (we are currently unable to handle email
responses and they get discarded). You can add comments to this bug at
http://bugzilla.gnome.org/show_bug.cgi?id=385788
GStreamer | gst-plugins-bad | Ver: HEAD CVS
------- Comment #1 from Tim-Philipp Müller 2006-12-14 15:00 UTC -------
> Fix seems to be to update our copy of libmodplug
Even though the advisory is from 09-08-2006, it doesn't seem to be fixed in
their SVN as far as I can tell, at least not the CSoundFile::ReadSample() issue
if it is real:
http://aluigi.altervista.org/adv/mptho-adv.txt
http://modplug.svn.sourceforge.net/viewvc/modplug/trunk/OpenMPT/soundlib/Sndfile.cpp?view=log
> better fix probably involves not having that code in our CVS
Do you know why that is anyway? Surely there is a reason why we don't link to
an external lib?
--
Configure bugmail: http://bugzilla.gnome.org/userprefs.cgi?tab=email
More information about the Gstreamer-bugs
mailing list