Package: libmodplug
Version: 1:0.7-5.1
Severity: normal
Tags: patch
Hi,
Attached is the diff for my libmodplug 1:0.7-5.2 NMU.
--
Homepage: http://www.sesse.net/
diff -Nru /tmp/TW3mdhYn0c/libmodplug-0.7/debian/changelog
/tmp/vIb8GM7GDK/libmodplug-0.7/debian/changelog
--- /tmp/TW3mdhYn0c/libmodplug-0.7/debian/changelog 2006-09-25
17:48:47.000000000 +0200
+++ /tmp/vIb8GM7GDK/libmodplug-0.7/debian/changelog 2006-09-25
17:48:48.000000000 +0200
@@ -1,3 +1,14 @@
+libmodplug (1:0.7-5.2) unstable; urgency=medium
+
+ * Non-maintainer upload.
+ * Check for very large sample sizes that could create overflows, enabling an
+ attacker to allocate zero bytes and possibly execute arbitrary codes as
+ the user [CVE-2006-4192]. (Closes: #383574)
+ * Run aclocal-1.9 instead of aclocal, as automake1.9 doesn't provide the
+ latter; fixes FTBFS.
+
+ -- Steinar H. Gunderson <[EMAIL PROTECTED]> Mon, 25 Sep 2006 17:36:29 +0200
+
libmodplug (1:0.7-5.1) unstable; urgency=low
* NMU.
diff -Nru /tmp/TW3mdhYn0c/libmodplug-0.7/debian/rules
/tmp/vIb8GM7GDK/libmodplug-0.7/debian/rules
--- /tmp/TW3mdhYn0c/libmodplug-0.7/debian/rules 2006-09-25 17:48:47.000000000
+0200
+++ /tmp/vIb8GM7GDK/libmodplug-0.7/debian/rules 2006-09-25 17:48:48.000000000
+0200
@@ -16,7 +16,7 @@
configure-stamp:
dh_testdir
libtoolize -f
- aclocal
+ aclocal-1.9
autoheader
automake
autoconf
diff -Nru /tmp/TW3mdhYn0c/libmodplug-0.7/src/sndfile.cpp
/tmp/vIb8GM7GDK/libmodplug-0.7/src/sndfile.cpp
--- /tmp/TW3mdhYn0c/libmodplug-0.7/src/sndfile.cpp 2003-10-11
04:27:23.000000000 +0200
+++ /tmp/vIb8GM7GDK/libmodplug-0.7/src/sndfile.cpp 2006-09-25
17:48:48.000000000 +0200
@@ -1077,7 +1077,7 @@
{
UINT len = 0, mem = pIns->nLength+6;
- if ((!pIns) || (pIns->nLength < 4) || (!lpMemFile)) return 0;
+ if ((!pIns) || ((int)pIns->nLength < 4) || (!lpMemFile)) return 0;
if (pIns->nLength > MAX_SAMPLE_LENGTH) pIns->nLength =
MAX_SAMPLE_LENGTH;
pIns->uFlags &= ~(CHN_16BIT|CHN_STEREO);
if (nFlags & RSF_16BIT)
