Public bug reported: Binary package hint: mplayer
Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for mplayer. CVE-2008-0629[0]: | Buffer overflow in stream_cddb.c in MPlayer 1.0rc2 and SVN before | r25824 allows remote user-assisted attackers to execute arbitrary code | via a CDDB database entry containing a long album title. If you fix this vulnerability please also include the CVE id in your changelog entry. A fix for this can be found on: http://svn.mplayerhq.hu/mplayer/trunk/stream/stream_cddb.c?r1=25820&r2=25824 ** Affects: mplayer (Ubuntu) Importance: Undecided Status: New ** Affects: mplayer (Debian) Importance: Unknown Status: Unknown ** Bug watch added: Debian Bug tracker #464533 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=464533 ** Also affects: mplayer (Debian) via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=464533 Importance: Unknown Status: Unknown ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2008-0629 ** This bug has been flagged as a security issue -- CVE-2008-0629 buffer overflow via crafted cddb title https://bugs.launchpad.net/bugs/191412 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
