clone 383574 -1 reassign -1 cmus retitle -1 CVE-2006-4192: cmus needs to be rebuilt against libmodplug >= 0.7-5.2 to fix arbitrary code execution thanks
On Thu, Aug 17, 2006 at 11:38:07PM -0400, Alec Berryman wrote: > I have confirmed the second vector but have not confirmed the first. The first only applies to modplug, not libmodplug (since libmodplug doesn't support the ITP format, according to the advisory), so it's irrelevant for Debian TTBOMK. The second seems to be easily fixed (just check for "< 4" signed instead of unsigned); I'm preparing an NMU now, and I'm quite sure the fix will apply cleanly to sarge. > The original advisory [1] includes proof-of-concept code [2] to generate > sample ITP and AMF files; cmus (using libmodplug) crashed while playing > the AMF file. Note that cmus links statically to libmodplug for some reason, so it will have to be relinked. I haven't tested it, but at least my patch fixes the issue for xmms-modplug. /* Steinar */ -- Homepage: http://www.sesse.net/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
