[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [SECURITY] [DSA-320-1] New mikmod packages fix buffer overflow

On Fri, Jun 13, 2003 at 07:44:39PM -0400, Matt Zimmerman wrote:
> Package        : mikmod
> Vulnerability  : buffer overflow
> Problem-Type   : local
> Debian-specific: no
> CVE Id         : CAN-2003-0427
> Ingo Saitz discovered a bug in mikmod whereby a long filename inside
> an archive file can overflow a buffer when the archive is being read
> by mikmod.
> For the stable distribution (woody) this problem has been fixed in
> version 3.1.6-4woody3.

 Is libmikmod2 affected by this?  xmms uses it.

#define X(x,y) x##y
Peter Cordes ;  e-mail: X(peter@llama.nslug.n , s.ca)

"The gods confound the man who first found out how to distinguish the hours!
 Confound him, too, who in this place set up a sundial, to cut and hack
 my day so wretchedly into small pieces!" -- Plautus, 200 BC

Reply to: