Ubuntu
audacity package

buffer overflow in .gro file parsing

Bug #327361 reported by Kees Cook on 2009-02-09

254

	Status	Importance	Assigned to
audacity (Debian)	Fix Released	Unknown	debbugs #514138
audacity (Gentoo Linux)	Fix Released	Medium	gentoo-bugs #253493
audacity (Ubuntu)	Fix Released	Undecided	Unassigned

Bug Description

Binary package hint: audacity

http://www.milw0rm.com/exploits/7634
http://secunia.com/advisories/33356/

No CVE yet.

Bug Watch Updater (bug-watch-updater) on 2009-02-09

Changed in audacity:
status:	Unknown → In Progress

Revision history for this message

David Henningsson (diwic) wrote on 2009-02-10:

According to the Gentoo bug thread, this appears fixed in 1.3.6, so one alternative could be to backport that version (or the newer 1.3.7) to Hardy and Intrepid. That would fix some other bugs as well.

Bug Watch Updater (bug-watch-updater) on 2009-03-07

Changed in audacity:
status:	In Progress → Fix Released

Bug Watch Updater (bug-watch-updater) on 2009-03-10

Changed in audacity:
status:	Unknown → Fix Released

Revision history for this message

Kees Cook (kees) wrote on 2009-03-25:

This has been fixed in jaunty (1.3.7-2).

Changed in audacity (Ubuntu):
status:	New → Fix Released

Bug Watch Updater (bug-watch-updater) on 2011-02-04

Changed in audacity (Gentoo Linux):
importance:	Unknown → Medium

Report a bug

This report contains Public Security information

Everyone can see this security related information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

debbugs #514138
[done grave security] Edit
gentoo-bugs #253493
[RESOLVED FIXED] Edit

Bug watches keep track of this bug in other bug trackers.

Ubuntuaudacity package

buffer overflow in .gro file parsing

Bug Description

Other bug subscribers

Remote bug watches

Ubuntu
audacity package