Re: [SECURITY] [DSA-320-1] New mikmod packages fix buffer overflow
On Fri, Jun 13, 2003 at 07:44:39PM -0400, Matt Zimmerman wrote:
> Package : mikmod
> Vulnerability : buffer overflow
> Problem-Type : local
> Debian-specific: no
> CVE Id : CAN-2003-0427
> Ingo Saitz discovered a bug in mikmod whereby a long filename inside
> an archive file can overflow a buffer when the archive is being read
> by mikmod.
> For the stable distribution (woody) this problem has been fixed in
> version 3.1.6-4woody3.
Is libmikmod2 affected by this? xmms uses it.
#define X(x,y) x##y
Peter Cordes ; e-mail: X(email@example.com , s.ca)
"The gods confound the man who first found out how to distinguish the hours!
Confound him, too, who in this place set up a sundial, to cut and hack
my day so wretchedly into small pieces!" -- Plautus, 200 BC