Package: libtunepimp Version: 0.4.2-3 Version: 0.3.0-3 Severity: grave Tags: security patch
Hi! http://bugs.musicbrainz.org/ticket/1764 describes some buffer overflows in libtunepimp. For your convenience, these are the ubuntu debdiffs for 0.4.2 and 0.3.0 (for sarge-security): http://people.ubuntu.com/patches/libtunepimp-0.4.2.buffer-overflow.diff http://people.ubuntu.com/patches/libtunepimp-0.3.0.buffer-overflow.diff I asked for a CVE on vendor-sec, will forward it here as soon as it is assigned. Thanks, Martin -- Martin Pitt http://www.piware.de Ubuntu Developer http://www.ubuntu.com Debian Developer http://www.debian.org In a world without walls and fences, who needs Windows and Gates?
signature.asc
Description: Digital signature
