Package: libfishsound1 Version: 0.7.0-2 Severity: grave Tags: security patch
Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for libfishsound1. CVE-2008-1686[0]: | Uncontrolled array index in Speex 1.1.12 and earlier, as used in | libfishsound 0.9.0 and earlier, including Illiminable DirectShow | Filters and Annodex Plugins for Firefox, allows remote attackers to | execute arbitrary code via a header structure containing a negative | offset, which is used to dereference a function pointer. A patch is on: http://trac.annodex.net/changeset/3536 If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686 http://security-tracker.debian.net/tracker/CVE-2008-1686 -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgp501b2Wfujd.pgp
Description: PGP signature
