Summary: | media-libs/sdl-sound <1.0.1-r2 speex implementation insufficient boundary checks | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Matthias Geerdsen (RETIRED) <vorlon> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | games, ssuominen |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B2 [ebuild] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 217715 | ||
Bug Blocks: |
Description
Matthias Geerdsen (RETIRED)
2008-04-14 09:09:04 UTC
vapier, as member of games, could you prepare an ebuild? this should be handled as a semi-public bug until the issue is fully public by means of a new release or an announcement adding vapier as cc This does not need to be fixed if we enable the workaround in libspeex, which is bug 217715. just going with the speex fix sounds fine to me now public via http://www.ocert.org/advisories/ocert-2008-004.html This will be fixed with the speex update in bug 217715, keeping open until the GLSA has been released. speex has been sent as GLSA 200804-17, this also fixes this bug. |