Please sync libdumb (universe) from unstable
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
libdumb (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
affects distros/
status confirmed
subscribe ubuntu-archive
Please sync libdumb (universe) from Debian unstable.
Changelog since current edgy version 1:0.9.3-4:
libdumb (1:0.9.3-5) unstable; urgency=critical
* Set urgency=critical because of security fix.
* debian/
+ Fix for CVE-2006-3668 "Heap-based buffer overflow in the it_read_envelope
function in Dynamic Universal Music Bibliotheque (DUMB) 0.9.3 and
earlier, and current CVS as of 20060716, allows user-complicit attackers
to execute arbitrary code via a ".it" (Impulse Tracker) file with an
enveloper with a large number of nodes." (Closes: #379064).
* debian/control:
+ Set policy to 3.7.2.
-- Sam Hocevar (Debian packages) <email address hidden> Fri, 21 Jul 2006 11:07:45 +0200
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFExa9eDec
V4JYVIJ/
=4+pq
-----END PGP SIGNATURE-----
[Updating] libdumb (1:0.9.3-4 [Ubuntu] < 1:0.9.3-5 [Debian]) 0.9.3.orig. tar.gz: already in distro - downloading from librarian> 0.9.3-5. diff.gz: downloading from http:// ftp.debian. org/debian/> 0.9.3-5. dsc: downloading from http:// ftp.debian. org/debian/> dev_1:0. 9.3-4 [universe]. dev_1:0. 9.3-4 [universe].
* Trying to add libdumb...
- <libdumb_
- <libdumb_
- <libdumb_
I: libdumb [universe] -> libaldmb1-
I: libdumb [universe] -> libdumb1-
I: libdumb [universe] -> libaldmb1_1:0.9.3-4 [universe].
I: libdumb [universe] -> libdumb1_1:0.9.3-4 [universe].