Hello, the bug has been fixed upstream, but no new version has been released yet:
https://github.com/mmitch/gbsplay/commit/983b5f13cfe06c16534f6bd64fb0075388e77ccb The problem was a large number of songs within a GBS file and a signed/unsigned mixup: The song number ended up negative and thus a negative size value was passed to malloc(). This should not be exploitable. Upstream fixed the signed/unsigned issue and added more sanity checks to the values read from a GBS file. Regards Christian -- ....Christian.Garbs.....................................http://www.cgarbs.de Ein Nickerchen hinter dem Lenkrad schuetzt vor dem Aelterwerden. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
