[ubuntu/oneiric-security] libmodplug 1:0.8.8.2-3ubuntu1.1 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Wed Nov 9 15:03:21 UTC 2011 

libmodplug (1:0.8.8.2-3ubuntu1.1) oneiric-security; urgency=low

  * SECURITY UPDATE: integer overflow in CSoundFile::ReadWav()
    - properly calculate length in src/load_wav.cpp.
    - http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commit;h=2d4c56de314ab13e4437bd8b609f0b751066eee8
    - CVE-2011-2911
  * SECURITY UPDATE: boundary error in CSoundFile::ReadS3M()
    - validate offsets and ignore duplicate samples in src/load_s3m.cpp.
    - http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commit;h=4e5295658fff000379caa122e75c9200205fe20
    - CVE-2011-2912
  * SECURITY UPDATE: off-by-one in CSoundFile::ReadAMS()
    - fix calculation in src/load_ams.cpp.
    - http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commit;h=26243ab9fe1171f70053e9aec4b20e9f7de9e4ef
    - CVE-2011-2913
  * SECURITY UPDATE: off-by-one in CSoundFile::ReadDSM()
    - fix calculation in src/load_dsm.cpp.
    - http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commit;h=26243ab9fe1171f70053e9aec4b20e9f7de9e4ef
    - CVE-2011-2914
  * SECURITY UPDATE: off-by-one in CSoundFile::ReadAMS2()
    - fix calculation in src/load_ams.cpp.
    - http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commit;h=16d7a78efe14d345a6c5b241f88422ad0ee483ea
    - CVE-2011-2915

Date: Fri, 14 Oct 2011 13:28:14 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/oneiric/+source/libmodplug/1:0.8.8.2-3ubuntu1.1
-------------- next part --------------
Format: 1.8
Date: Fri, 14 Oct 2011 13:28:14 -0400
Source: libmodplug
Binary: libmodplug1 libmodplug-dev
Architecture: source
Version: 1:0.8.8.2-3ubuntu1.1
Distribution: oneiric-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 libmodplug-dev - development files for mod music based on ModPlug
 libmodplug1 - shared libraries for mod music based on ModPlug
Changes: 
 libmodplug (1:0.8.8.2-3ubuntu1.1) oneiric-security; urgency=low
 .
   * SECURITY UPDATE: integer overflow in CSoundFile::ReadWav()
     - properly calculate length in src/load_wav.cpp.
     - http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commit;h=2d4c56de314ab13e4437bd8b609f0b751066eee8
     - CVE-2011-2911
   * SECURITY UPDATE: boundary error in CSoundFile::ReadS3M()
     - validate offsets and ignore duplicate samples in src/load_s3m.cpp.
     - http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commit;h=4e5295658fff000379caa122e75c9200205fe20
     - CVE-2011-2912
   * SECURITY UPDATE: off-by-one in CSoundFile::ReadAMS()
     - fix calculation in src/load_ams.cpp.
     - http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commit;h=26243ab9fe1171f70053e9aec4b20e9f7de9e4ef
     - CVE-2011-2913
   * SECURITY UPDATE: off-by-one in CSoundFile::ReadDSM()
     - fix calculation in src/load_dsm.cpp.
     - http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commit;h=26243ab9fe1171f70053e9aec4b20e9f7de9e4ef
     - CVE-2011-2914
   * SECURITY UPDATE: off-by-one in CSoundFile::ReadAMS2()
     - fix calculation in src/load_ams.cpp.
     - http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commit;h=16d7a78efe14d345a6c5b241f88422ad0ee483ea
     - CVE-2011-2915
Checksums-Sha1: 
 6e4bb49068b458f8f9970a49c31810099eba9d88 1801 libmodplug_0.8.8.2-3ubuntu1.1.dsc
 9ac300e3546f984f0f997911bfcf0ac5bdcb1674 15180 libmodplug_0.8.8.2-3ubuntu1.1.diff.gz
Checksums-Sha256: 
 b14a3021855370afa0fb5ac99aa2bdfe257156823b5f9bdb8e1c910df9dd2830 1801 libmodplug_0.8.8.2-3ubuntu1.1.dsc
 27ca34584aed68edde05354bcbfac0521d92f0543bc090d0b375f054674abc57 15180 libmodplug_0.8.8.2-3ubuntu1.1.diff.gz
Files: 
 6c9a0ac70f6ca873b4bfae017dcabbc3 1801 libs optional libmodplug_0.8.8.2-3ubuntu1.1.dsc
 77cbd7edda2b5ca5947dfb15228442bd 15180 libs optional libmodplug_0.8.8.2-3ubuntu1.1.diff.gz
Original-Maintainer: Zed Pobre <zed at debian.org>

More information about the Oneiric-changes mailing list