Comment 7 for bug 318555

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package amarok - 2:1.4.10-0ubuntu3.1

---------------
amarok (2:1.4.10-0ubuntu3.1) intrepid-security; urgency=low

  * SECURITY UPDATE: integer overflows allow remote attackers to execute
    arbitrary code via an Audible Audio (.aa) file (LP: #318555)
    - debian/patches/security_audible_tags.diff fix integer overflow while
      reading audible aa file tags. Based on upstream patch.
    - http://websvn.kde.org/?view=rev&revision=908415
    - http://www.trapkit.de/advisories/TKADV2009-002.txt
    - CVE-2009-0135
    - CVE-2009-0136

 -- Harald Sitter <email address hidden> Mon, 19 Jan 2009 22:05:24 +0100