cvs commit: ports/audio/libcdaudio Makefile ports/audio/libcdaudio/files patch-CVE-2008-5030.2005-0706

Martin Wilke miwi at
Sun Jan 11 05:22:41 PST 2009

miwi        2009-01-11 13:22:40 UTC

  FreeBSD ports repository

  Modified files:
    audio/libcdaudio     Makefile 
  Added files:
    audio/libcdaudio/files patch-CVE-2008-5030.2005-0706 
  - Fix:
          Heap-based buffer overflow in the cddb_read_disc_data function in
          cddb.c in libcdaudio 0.99.12p2 allows remote attackers to execute
          arbitrary code via long CDDB data.
          Buffer overflow in discdb.c for grip 3.1.2 allows attackers to cause
          a denial of service (crash) and possibly execute arbitrary code by
          causing the cddb lookup to return more matches than expected.
  PR:             129050
  Submitted by:   Eygene Ryabinkin <rea-fbsd at>
  Approved by:    novel@ (maintainer)
  Revision  Changes    Path
  1.28      +2 -2      ports/audio/libcdaudio/Makefile
  1.1       +45 -0     ports/audio/libcdaudio/files/patch-CVE-2008-5030.2005-0706 (new)

More information about the cvs-all mailing list