[ubuntu/maverick-security] libmodplug 1:0.8.8.1-1ubuntu1.3 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Wed Nov 9 15:03:32 UTC 2011 

libmodplug (1:0.8.8.1-1ubuntu1.3) maverick-security; urgency=low

  * SECURITY UPDATE: integer overflow in CSoundFile::ReadWav()
    - properly calculate length in src/load_wav.cpp.
    - http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commit;h=2d4c56de314ab13e4437bd8b609f0b751066eee8
    - CVE-2011-2911
  * SECURITY UPDATE: boundary error in CSoundFile::ReadS3M()
    - validate offsets and ignore duplicate samples in src/load_s3m.cpp.
    - http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commit;h=4e5295658fff000379caa122e75c9200205fe20
    - CVE-2011-2912
  * SECURITY UPDATE: off-by-one in CSoundFile::ReadAMS()
    - fix calculation in src/load_ams.cpp.
    - http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commit;h=26243ab9fe1171f70053e9aec4b20e9f7de9e4ef
    - CVE-2011-2913
  * SECURITY UPDATE: off-by-one in CSoundFile::ReadDSM()
    - fix calculation in src/load_dsm.cpp.
    - http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commit;h=26243ab9fe1171f70053e9aec4b20e9f7de9e4ef
    - CVE-2011-2914
  * SECURITY UPDATE: off-by-one in CSoundFile::ReadAMS2()
    - fix calculation in src/load_ams.cpp.
    - http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commit;h=16d7a78efe14d345a6c5b241f88422ad0ee483ea
    - CVE-2011-2915

Date: Fri, 14 Oct 2011 13:43:02 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/libmodplug/1:0.8.8.1-1ubuntu1.3
-------------- next part --------------
Format: 1.8
Date: Fri, 14 Oct 2011 13:43:02 -0400
Source: libmodplug
Binary: libmodplug1 libmodplug-dev
Architecture: source
Version: 1:0.8.8.1-1ubuntu1.3
Distribution: maverick-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 libmodplug-dev - development files for mod music based on ModPlug
 libmodplug1 - shared libraries for mod music based on ModPlug
Changes: 
 libmodplug (1:0.8.8.1-1ubuntu1.3) maverick-security; urgency=low
 .
   * SECURITY UPDATE: integer overflow in CSoundFile::ReadWav()
     - properly calculate length in src/load_wav.cpp.
     - http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commit;h=2d4c56de314ab13e4437bd8b609f0b751066eee8
     - CVE-2011-2911
   * SECURITY UPDATE: boundary error in CSoundFile::ReadS3M()
     - validate offsets and ignore duplicate samples in src/load_s3m.cpp.
     - http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commit;h=4e5295658fff000379caa122e75c9200205fe20
     - CVE-2011-2912
   * SECURITY UPDATE: off-by-one in CSoundFile::ReadAMS()
     - fix calculation in src/load_ams.cpp.
     - http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commit;h=26243ab9fe1171f70053e9aec4b20e9f7de9e4ef
     - CVE-2011-2913
   * SECURITY UPDATE: off-by-one in CSoundFile::ReadDSM()
     - fix calculation in src/load_dsm.cpp.
     - http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commit;h=26243ab9fe1171f70053e9aec4b20e9f7de9e4ef
     - CVE-2011-2914
   * SECURITY UPDATE: off-by-one in CSoundFile::ReadAMS2()
     - fix calculation in src/load_ams.cpp.
     - http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commit;h=16d7a78efe14d345a6c5b241f88422ad0ee483ea
     - CVE-2011-2915
Checksums-Sha1: 
 360ddca4007609cf4231624df49d72fafb1dce2c 1801 libmodplug_0.8.8.1-1ubuntu1.3.dsc
 0ce29e6482b663ea5c177b9bd5afa5c469f5c029 15095 libmodplug_0.8.8.1-1ubuntu1.3.diff.gz
Checksums-Sha256: 
 4ca8351e30f9a280d414ab94edaf999ff24c065127775f8889b320e48bda8ac9 1801 libmodplug_0.8.8.1-1ubuntu1.3.dsc
 ac3040abfd26bf1b7fefb9417449426e54502c6b111297a5ead79e7be0605a01 15095 libmodplug_0.8.8.1-1ubuntu1.3.diff.gz
Files: 
 0e662a0aaa18280a0b5fd101334a1d47 1801 libs optional libmodplug_0.8.8.1-1ubuntu1.3.dsc
 205c1855d057db61d87430a5472255b7 15095 libs optional libmodplug_0.8.8.1-1ubuntu1.3.diff.gz
Original-Maintainer: Zed Pobre <zed at debian.org>

More information about the Maverick-changes mailing list