[Secure-testing-team] Bug#622091: libmodplug ReadS3M stack overflow
Remi Denis-Courmont
remi at remlab.net
Sun Apr 10 07:27:21 UTC 2011
Package: libmodplug
Version: 1:0.8.8.1-2
Severity: grave
Tags: security upstream
Justification: user security hole
Hello,
An exploitable memory corruption vulnerability has been publicized
against libmodplug 0.8.8.1:
http://seclists.org/fulldisclosure/2011/Apr/113
Upstream version 0.8.8.2 fixes the issue.
Best regards,
-- System Information:
Debian Release: wheezy/sid
APT prefers unstable
APT policy: (100, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.38-2-686 (SMP w/2 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
More information about the Secure-testing-team
mailing list