Summary: | <dev-tcltk/snack-2.2.10-r5: Buffer overflow via specially crafted WAV files (CVE-2012-6303) | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | Gentoo Security | Reporter: | Sean Amoss (RETIRED) <ackle> | ||||||
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> | ||||||
Status: | RESOLVED FIXED | ||||||||
Severity: | normal | CC: | tcltk | ||||||
Priority: | Normal | ||||||||
Version: | unspecified | ||||||||
Hardware: | All | ||||||||
OS: | Linux | ||||||||
URL: | http://www.openwall.com/lists/oss-security/2012/12/10/2 | ||||||||
Whiteboard: | B2 [glsa] | ||||||||
Package list: | Runtime testing required: | --- | |||||||
Attachments: |
|
Description
Sean Amoss (RETIRED)
2012-12-11 01:25:15 UTC
*** Bug 446870 has been marked as a duplicate of this bug. *** Created attachment 334962 [details]
Script to generate the wav file
+*snack-2.2.10-r5 (09 Jan 2013) + + 09 Jan 2013; Justin Lecher <jlec@gentoo.org> +snack-2.2.10-r5.ebuild, + +files/snack-2.2.10-CVE-2012-6303-fix.patch, metadata.xml: + Add fix from Fedora for CVE-2012-6303, #446822 + Created attachment 334964 [details]
script to trigger the DOS ot check for its fix.
Its fixed now. Test scripts are attached. (In reply to comment #5) > Its fixed now. Test scripts are attached. Thanks, Justin. Is this version ready for stabilization? (In reply to comment #6) > (In reply to comment #5) > > Its fixed now. Test scripts are attached. > > Thanks, Justin. Is this version ready for stabilization? Only the code fix for this issue is new. So I would say yes. Arches, please test and mark stable: =dev-tcltk/snack-2.2.10-r5 Stable for HPPA. amd64 stable x86 stable ppc64 stable ppc stable sparc stable alpha stable New GLSA request filed. This issue was resolved and addressed in GLSA 201309-04 at http://security.gentoo.org/glsa/glsa-201309-04.xml by GLSA coordinator Sergey Popov (pinkbyte). CVE-2012-6303 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6303): Heap-based buffer overflow in the GetWavHeader function in generic/jkSoundFile.c in the Snack Sound Toolkit, as used in WaveSurfer 1.8.8p4, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large chunk size in a WAV file. |