On Thu, May 08, 2008 at 05:44:54PM +0200, Nico Golde wrote: > Package: libid3tag > Version: 0.15.1b-10 > Severity: important > Tags: security patch > > Hi, > the following CVE (Common Vulnerabilities & Exposures) id was > published for libid3tag.
I believe this is the same as #304913 and is fixed in version 0.15.1b-5. The diff is at a deeper level than what they did. They prevent calling id3_parse_string() again, while our id3_utf16_deserialize() called by id3_parse_string() just makes sure it's not called again by increasing ptr by one. The test.mp3 from the gentoo bug report atleast also shows the OOM behaviour with version 0.15.1b-4.1 and doesn't show the problem with 0.15.1b-10. Note that we changed the diff we used in 0.15.1b-5 because it could cause a segfault, and it was rewritten in 0.15.1b-8. Kurt -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
