-
libmikmod (3.1.11-6.1ubuntu0.1) lucid-security; urgency=low
* SECURITY UPDATE: denial of service and possible arbitrary code
execution via Impulse Tracker and Ultratracker files
- debian/patches/CVE-2009-3995f.patch: check number of channels in
loaders/load_ult.c, check volpts in loaders/load_it.c.
- CVE-2009-3995
- CVE-2009-3996
* SECURITY UPDATE: incomplete fix for CVE-2009-3995
- debian/patches/CVE-2010-2546.patch: do further validations in
loaders/load_it.c.
- CVE-2010-2546
- CVE-2010-2971
-- Marc Deslauriers <email address hidden> Wed, 22 Sep 2010 10:05:35 -0400
-
libmikmod (3.1.11-6.1) unstable; urgency=high
* Non-maintainer upload.
* debian/patches/CVE-2007-6720.patch: Fixed application crash or abort when
loading/playing multiple music files with varying number of channels.
(CVE-2007-6720) (Closes: #461519)
* debian/patches/CVE-2009-0179.patch: Fixed application crash when loading XM
files. (CVE-2009-0179) (Closes: #476339)
-- Kees Cook <email address hidden> Tue, 24 Nov 2009 00:21:03 +0000
-
libmikmod (3.1.11-6ubuntu4) karmic; urgency=low
* No-change rebuild to gain FORTIFY defaults.
-- Kees Cook <email address hidden> Wed, 24 Jun 2009 17:16:18 -0700
