Date: Mon, 23 Mar 2009 14:24:22 +0000 (UTC) From: Martin Wilke <miwi@FreeBSD.org> To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: ports/audio/amarok Makefile ports/audio/amarok/files patch-tkadv2009-002 Message-ID: <200903231424.n2NEOMP7020103@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
miwi 2009-03-23 14:24:22 UTC FreeBSD ports repository Modified files: audio/amarok Makefile Added files: audio/amarok/files patch-tkadv2009-002 Log: - Fix multiple vulnerabilities - Bump PORTREVISION Note: Two integer overflow errors exist within the "Audible::Tag::readTag()" function in src/metadata/audible/audibletag.cpp. These can be exploited to cause heap-based buffer overflows via specially crafted Audible Audio files. Two errors within the "Audible::Tag::readTag()" function in src/metadata/audible/audibletag.cpp can be exploited to corrupt arbitrary memory via specially crafted Audible Audio files. PR: 132938 Submitted by: Eygene Ryabinkin <rea-fbsd@codelabs.ru> Approved by: makc (maintainer) Security: http://www.vuxml.org/freebsd/6bb6188c-17b2-11de-ae4d-0030843d3802.html Revision Changes Path 1.92 +1 -1 ports/audio/amarok/Makefile 1.1 +85 -0 ports/audio/amarok/files/patch-tkadv2009-002 (new)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200903231424.n2NEOMP7020103>