Date: Fri, 7 Nov 2008 18:25:26 +0100 From: Tomas Hoger <thoger@...hat.com> To: oss-security@...ts.openwall.com Cc: thomas@...e.de Subject: Re: CVE request: libcdaudio On Wed, 5 Nov 2008 09:07:23 +0100 Thomas Biege <thomas@...e.de> wrote: > we need a CVE-ID for a buffer overflow in libcdaudio. > It is a remotely exploitable heap-based buffer overflow. If you have been using libcdaudio packages based on ATrpms / Fedora, you may have libcdaudio-0.99.12-buffovfl.patch, which addresses the same issue, it only mallocs more instead of fgetsing less. http://cvs.fedoraproject.org/viewvc/rpms/libcdaudio/devel/libcdaudio-0.99.12-buffovfl.patch This issue does not seem to affect CDDB code used by grip/gnome-vfs2, which may have common origin and previously had some flaws identical to libcdaudio (see below). Additionally, if you are shipping libcdaudio, you may be interested in patch for CVE-2005-0706 used by Gentoo: http://sources.gentoo.org/viewcvs.py/gentoo-x86/media-libs/libcdaudio/files/libcdaudio-0.99-CAN-2005-0706.patch According to the libcdaudio home page, upstream seems to be aware of this issue, as they acknowledge having security issues and even link to old Gentoo GLSA. -- Tomas Hoger / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.