Thanks for reporting this issue.
I have taken a look at the buzz.wav file. It does appear to contain
extra data at the end, including an elf header.
Fortunately, there doesn't seem to be enough of it to pose any sort of
threat. It is likely the extra part was, as you described, filesystem
corruption, or perhaps uninitialized memory.
I am closing this bug, since I don't think there is anything worth
fixing as this extra data is pretty harmless. The sound files are in the
upstream tarball, so perhaps you could file a bug with the upstream
project to get the files fixed.
Thanks!
** Information type changed from Private Security to Public Security
** Changed in: tuxtype (Ubuntu)
Status: New => Won't Fix
--
You received this bug notification because you are a member of Edubuntu
Bugsquad, which is subscribed to tuxtype in Ubuntu.
https://bugs.launchpad.net/bugs/1210349
Title:
Bundled buzz.wav file in tuxtype package has (potentially) malicious
embedded executable content
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/tuxtype/+bug/1210349/+subscriptions
_______________________________________________
Mailing list: https://launchpad.net/~edubuntu-bugs
Post to : edubuntu-bugs@lists.launchpad.net
Unsubscribe : https://launchpad.net/~edubuntu-bugs
More help : https://help.launchpad.net/ListHelp
