Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Date: Tue, 13 Jan 2009 15:41:50 +0100
From: Jan Lieskovsky <jlieskov@...hat.com>
To: "Steven M. Christey" <coley@...us.mitre.org>
Cc: oss-security@...ts.openwall.com
Subject: CVE Request -- libmikmod

Hello Steve,

  could you please allocate two 2008 CVE ids for the following
libmikmod issues:

A, 
mikmod, libmikmod: app crash or abort when loading/playing multiple
music files with varying number of channels
References:
https://bugzilla.redhat.com/show_bug.cgi?id=479829
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=461519

Patch:
http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=5;filename=mikmod.diff;att=1;bug=461519

Affected libmikmod versions:  libmikmod-3.1.9 <= x <= libmikmod-3.2.0-3.beta2.fc9 (possibly newer too)

B, 
mikmod,libmikmod: app crash when loading XM files
References:
https://bugzilla.redhat.com/show_bug.cgi?id=479833
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476339

Patch: 
http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=5;filename=31.xm-header.patch;att=1;bug=476339

Affected mikmod versions: libmikmod-3.1.11 <= x libmikmod-3.2.0-3.beta2.fc9 (possibly newer too)

Thanks, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Response Team


Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.