cvs commit: ports/audio/libcdaudio Makefile
ports/audio/libcdaudio/files patch-CVE-2008-5030.2005-0706
Martin Wilke
miwi at FreeBSD.org
Sun Jan 11 05:22:41 PST 2009
miwi 2009-01-11 13:22:40 UTC
FreeBSD ports repository
Modified files:
audio/libcdaudio Makefile
Added files:
audio/libcdaudio/files patch-CVE-2008-5030.2005-0706
Log:
- Fix:
Heap-based buffer overflow in the cddb_read_disc_data function in
cddb.c in libcdaudio 0.99.12p2 allows remote attackers to execute
arbitrary code via long CDDB data.
Buffer overflow in discdb.c for grip 3.1.2 allows attackers to cause
a denial of service (crash) and possibly execute arbitrary code by
causing the cddb lookup to return more matches than expected.
PR: 129050
Submitted by: Eygene Ryabinkin <rea-fbsd at codelabs.ru>
Approved by: novel@ (maintainer)
Security: http://www.vuxml.org/freebsd/bd730827-dfe0-11dd-a765-0030843d3802.html
Revision Changes Path
1.28 +2 -2 ports/audio/libcdaudio/Makefile
1.1 +45 -0 ports/audio/libcdaudio/files/patch-CVE-2008-5030.2005-0706 (new)
More information about the cvs-all
mailing list