Bug#911584: libopenmpt: out of bounds memory read in MED files

To: James Cowgill <jcowgill@debian.org>
Cc: 911584@bugs.debian.org
Subject: Bug#911584: libopenmpt: out of bounds memory read in MED files
From: Moritz Mühlenhoff <jmm@inutil.org>
Date: Fri, 26 Oct 2018 17:01:41 +0200
Message-id: <[🔎] 20181026150141.GA4046@pisco.westfalen.local>
Reply-to: Moritz Mühlenhoff <jmm@inutil.org>, 911584@bugs.debian.org
In-reply-to: <[🔎] 0036beee-de96-b46a-9d73-140fb9f70f39@debian.org>
References: <[🔎] 0036beee-de96-b46a-9d73-140fb9f70f39@debian.org> <[🔎] 0036beee-de96-b46a-9d73-140fb9f70f39@debian.org>

On Mon, Oct 22, 2018 at 09:44:27AM +0100, James Cowgill wrote:
> Source: libopenmpt
> Version: 0.2.7025~beta20.1-1
> Severity: important
> Tags: security upstream fixed-upstream
> 
> Hi,
> 
> Upstream 0.3.13 released a fix for an out of bound read in malformed MED
> files. It affects stretch.

Doesn't warrant a DSA, but we can fix it along if there's a more severe
issue in the future (or via point release)

Cheers,
        Moritz

Reply to:

References:
- Bug#911584: libopenmpt: out of bounds memory read in MED files
  - From: James Cowgill <jcowgill@debian.org>

Prev by Date: Re: fluidsynth 2.0
Next by Date: Bug#892339: marked as done (inkscape: Please use 'pkg-config' to find FreeType 2)
Previous by thread: Bug#911584: marked as done (libopenmpt: out of bounds memory read in MED files)
Next by thread: Processing of libopenmpt_0.3.13-1_source.changes
Index(es):
- Date
- Thread