[Bug 318555] Re: Amarok - integer overflows and unchecked allocation vulnerabilities
Launchpad Bug Tracker
318555 at bugs.launchpad.net
Tue Mar 17 16:45:46 UTC 2009
This bug was fixed in the package amarok - 2:1.4.7-0ubuntu3.2
---------------
amarok (2:1.4.7-0ubuntu3.2) gutsy-security; urgency=low
* SECURITY UPDATE: Code execution via multiple integer overflows and array
index errors in the metadata parser for audible files. (LP: #318555)
- debian/patches/100_security_CVE-2009-0135-0136.patch: improve error handling
and set a maximum tag size in amarok/src/metadata/audible/audibletag.cpp.
- CVE-2009-0135
- CVE-2009-0136
-- Marc Deslauriers <marc.deslauriers at ubuntu.com> Thu, 12 Mar 2009
11:16:08 -0400
** Changed in: amarok (Ubuntu Gutsy)
Status: In Progress => Fix Released
** Changed in: amarok (Ubuntu Hardy)
Status: In Progress => Fix Released
--
Amarok - integer overflows and unchecked allocation vulnerabilities
https://bugs.launchpad.net/bugs/318555
You received this bug notification because you are a member of Kubuntu
Bugs, which is subscribed to amarok in ubuntu.
More information about the kubuntu-bugs
mailing list