Hi, I've prepared a NMU to fix CVE-2009-0179 and CVE-2007-6720 in unstable
The package can be found on mentors.debian.net: - URL: http://mentors.debian.net/debian/pool/main/l/libmikmod - Source repository: deb-src http://mentors.debian.net/debian unstable main contrib non-free - dget http://mentors.debian.net/debian/pool/main/l/libmikmod/libmikmod_3.1.11-6.1.dsc I would be glad if someone uploaded this package for me. Cheers, Giuseppe.
diff -u libmikmod-3.1.11/debian/changelog libmikmod-3.1.11/debian/changelog --- libmikmod-3.1.11/debian/changelog +++ libmikmod-3.1.11/debian/changelog @@ -1,3 +1,15 @@ +libmikmod (3.1.11-6.1) unstable; urgency=high + + * Non-maintainer upload. + * debian/patch/CVE-2007-6720.patch: Fixed application crash or abort when + loading/playing multiple music files with varying number of channels. + (CVE-2007-6720) (Closes: #461519) + * debian/patch/CVE-2009-0179.patch: Fixed application crash when loading XM + files. (CVE-2009-0179) (Closes: #476339) + + + -- Giuseppe Iuculano <giuse...@iuculano.it> Wed, 05 Aug 2009 11:50:25 +0200 + libmikmod (3.1.11-6) unstable; urgency=medium * The "Play a .mod on your ia64 today!" release. only in patch2: unchanged: --- libmikmod-3.1.11.orig/debian/patches/CVE-2009-0179.patch +++ libmikmod-3.1.11/debian/patches/CVE-2009-0179.patch @@ -0,0 +1,31 @@ +--- libmikmod-3.1.11.orig/loaders/load_xm.c ++++ libmikmod-3.1.11/loaders/load_xm.c +@@ -622,7 +622,8 @@ + /* read the remainder of the header */ + for(u=headend-_mm_ftell(modreader);u;u--) _mm_read_UBYTE(modreader); + +- if(_mm_eof(modreader)) { ++ /* last instrument is at the end of file in version 0x0104 */ ++ if(_mm_eof(modreader) && (mh->version<0x0104 || t<of.numins-1)) { + free(nextwav);free(wh); + nextwav=NULL;wh=NULL; + _mm_errno = MMERR_LOADING_SAMPLEINFO; +--- libmikmod-3.1.11.orig/playercode/mloader.c ++++ libmikmod-3.1.11/playercode/mloader.c +@@ -450,10 +450,12 @@ + if (!l->Init || l->Init()) { + _mm_rewind(modreader); + ok = l->Load(curious); +- /* propagate inflags=flags for in-module samples */ +- for (t = 0; t < of.numsmp; t++) +- if (of.samples[t].inflags == 0) +- of.samples[t].inflags = of.samples[t].flags; ++ if (ok) { ++ /* propagate inflags=flags for in-module samples */ ++ for (t = 0; t < of.numsmp; t++) ++ if (of.samples[t].inflags == 0) ++ of.samples[t].inflags = of.samples[t].flags; ++ } + } else + ok = 0; + only in patch2: unchanged: --- libmikmod-3.1.11.orig/debian/patches/CVE-2007-6720.patch +++ libmikmod-3.1.11/debian/patches/CVE-2007-6720.patch @@ -0,0 +1,38 @@ +--- libmikmod-3.1.11.orig/playercode/mplayer.c ++++ libmikmod-3.1.11/playercode/mplayer.c +@@ -2318,7 +2318,7 @@ + SAMPLE *s; + + mod->totalchn=mod->realchn=0; +- for (channel=0;channel<md_sngchn;channel++) { ++ for (channel=0;channel<mod->numchn;channel++) { + aout=&mod->voice[channel]; + i=aout->main.i; + s=aout->main.s; +@@ -3086,7 +3086,7 @@ + pf->patbrk=0; + pf->vbtick=pf->sngspd; + +- for (t=0;t<md_sngchn;t++) { ++ for (t=0;t<pf->numchn;t++) { + Voice_Stop_internal(t); + pf->voice[t].main.i=NULL; + pf->voice[t].main.s=NULL; +@@ -3111,7 +3111,7 @@ + pf->patbrk=0; + pf->vbtick=pf->sngspd; + +- for (t=0;t<md_sngchn;t++) { ++ for (t=0;t<pf->numchn;t++) { + Voice_Stop_internal(t); + pf->voice[t].main.i=NULL; + pf->voice[t].main.s=NULL; +@@ -3138,7 +3138,7 @@ + pf->sngpos=pos; + pf->vbtick=pf->sngspd; + +- for (t=0;t<md_sngchn;t++) { ++ for (t=0;t<pf->numchn;t++) { + Voice_Stop_internal(t); + pf->voice[t].main.i=NULL; + pf->voice[t].main.s=NULL;
signature.asc
Description: OpenPGP digital signature