Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 7 Nov 2008 18:25:26 +0100
From: Tomas Hoger <thoger@...hat.com>
To: oss-security@...ts.openwall.com
Cc: thomas@...e.de
Subject: Re: CVE request: libcdaudio

On Wed, 5 Nov 2008 09:07:23 +0100 Thomas Biege <thomas@...e.de> wrote:

> we need a CVE-ID for a buffer overflow in libcdaudio.
> It is a remotely exploitable heap-based buffer overflow.

If you have been using libcdaudio packages based on ATrpms / Fedora,
you may have libcdaudio-0.99.12-buffovfl.patch, which addresses the
same issue, it only mallocs more instead of fgetsing less.

http://cvs.fedoraproject.org/viewvc/rpms/libcdaudio/devel/libcdaudio-0.99.12-buffovfl.patch

This issue does not seem to affect CDDB code used by grip/gnome-vfs2,
which may have common origin and previously had some flaws identical to
libcdaudio (see below).

Additionally, if you are shipping libcdaudio, you may be interested in
patch for CVE-2005-0706 used by Gentoo:

http://sources.gentoo.org/viewcvs.py/gentoo-x86/media-libs/libcdaudio/files/libcdaudio-0.99-CAN-2005-0706.patch

According to the libcdaudio home page, upstream seems to be aware of
this issue, as they acknowledge having security issues and even link to
old Gentoo GLSA.

-- 
Tomas Hoger / Red Hat Security Response Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ