From ${URL} : Description A vulnerability has been reported in abcMIDI, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to a boundary error when parsing the repeat string in ABC files and can potentially be exploited to cause a stack-based buffer overflow. Successful exploitation may allow execution of arbitrary code, but requires tricking the user into opening a specially crafted ABC file. The vulnerability is reported in versions prior to 2013-04-30. Solution Update to version 2013-04-30. Provided and/or discovered by Reported by the vendor. Original Advisory http://freecode.com/projects/abcmidi/releases/354373 @maintainer(s): after the bump, in case we need to stabilize the package, please say explicitly if it is ready for the stabilization or not
Maintainers, please drop vulnerable versions.
(In reply to Sean Amoss from comment #1) > Maintainers, please drop vulnerable versions. Was done time ago. Closing as noglsa
