Package: audacity
Version: 1.3.5-2
Severity: grave
Tags: security
Justification: user security hole
There is a buffer overflow in audacity apparently affecting the etch
and lenny version. You can find a reproducer here[0].
However, I just took a random .gro file and when importing it under
The upcoming audacity 1.3.7-1 does not crash if I open the generated
file from [0]. According to the Gentoo bug tracker [1] audacity 1.3.6
does not have this bug any more. You can find
String_parse::get_nonspace_quoted in version 1.3.7 in
lib-src/portsmf/strparse.cpp:
void
fixed 514138 1.3.6-1
thanks
Hi Benjamin
On Wed, 4 Feb 2009 04:29:05 pm Benjamin Drung wrote:
The upcoming audacity 1.3.7-1 does not crash if I open the generated
file from [0]. According to the Gentoo bug tracker [1] audacity 1.3.6
does not have this bug any more. You can find
3 matches
Mail list logo
