[gstreamer-bugs] [Bug 385788] [SECURITY] buffer overflows in modplug
GStreamer (bugzilla.gnome.org)
bugzilla-daemon at bugzilla.gnome.org
Thu Dec 14 07:47:18 PST 2006
Do not reply to this via email (we are currently unable to handle email
responses and they get discarded). You can add comments to this bug at
http://bugzilla.gnome.org/show_bug.cgi?id=385788
GStreamer | gst-plugins-bad | Ver: HEAD CVS
Tim-Philipp Müller changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |FIXED
Target Milestone|HEAD |0.10.4
------- Comment #2 from Tim-Philipp Müller 2006-12-14 15:45 UTC -------
Fixed in CVS:
2006-12-14 Tim-Philipp Müller <tim at centricular dot net>
* gst/modplug/libmodplug/sndfile.cpp:
Fix potential buffer overflow (CVE-2006-4192) (#385788).
Can't say I fully understand the fix, but all of Gentoo debian and RH seem to
use this to fix this issue, so I guess there must be something to it. See e.g.:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=383574
http://sources.gentoo.org/viewcvs.py/gentoo-x86/media-libs/libmodplug/files/libmodplug-0.8-CVE-2006-4192.patch?view=markup
--
Configure bugmail: http://bugzilla.gnome.org/userprefs.cgi?tab=email
More information about the Gstreamer-bugs
mailing list