← Back to branch summary

~ubuntu-branches/ubuntu/gutsy/amarok/gutsy-updates

~ubuntu-branches/ubuntu/gutsy/amarok/gutsy-updates

« back to all changes in this revision

Viewing changes to debian/changelog

Committer: Bazaar Package Importer
Author(s): Marc Deslauriers
Date: 2009-03-12 11:16:08 UTC
Revision ID: james.westby@ubuntu.com-20090312111608-fdr4zpdxkviiavto

Tags: 2:1.4.7-0ubuntu3.2

https://launchpad.net/bugs/318555

* SECURITY UPDATE: Code execution via multiple integer overflows and array
  index errors in the metadata parser for audible files. (LP: #318555)
  - debian/patches/100_security_CVE-2009-0135-0136.patch: improve error handling
    and set a maximum tag size in amarok/src/metadata/audible/audibletag.cpp.
  - CVE-2009-0135
  - CVE-2009-0136

files added:
debian/patches/100_security_CVE-2009-0135-0136.patch

files modified:
debian/changelog

Show diffs side-by-side

added added

removed removed

debian/changelog

1

amarok (2:1.4.7-0ubuntu3.2) gutsy-security; urgency=low

2

3

* SECURITY UPDATE: Code execution via multiple integer overflows and array

4

index errors in the metadata parser for audible files. (LP: #318555)

5

- debian/patches/100_security_CVE-2009-0135-0136.patch: improve error handling

6

and set a maximum tag size in amarok/src/metadata/audible/audibletag.cpp.

7

- CVE-2009-0135

8

- CVE-2009-0136

9

10

-- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 12 Mar 2009 11:16:08 -0400

11

1

12

amarok (2:1.4.7-0ubuntu3.1) gutsy-security; urgency=low

2

13

3

14

* SECURITY UPDATE: insecure temporary file creation in magnatunebrowser

Older »