Integer overflow in the ws_getpostvars function in Firefly Media Server
(formerly mt-daapd) 0.2.4.1 (0.9~r1696-1.2 on Debian) allows remote attackers
to cause a denial of service (crash) and possibly execute arbitrary code via
an HTTP POST request with a large Content-Length.
nion proposed a fix for the 0.9 svn trunk.
0.2.4.2 was released with a fix. Please update the ebuild
(In reply to comment #2)
> 0.2.4.2 was released with a fix. Please update the ebuild
+*mt-daapd-0.2.4.2 (06 Jul 2008)
+ 06 Jul 2008; Peter Alfredsen <firstname.lastname@example.org>
+ +files/mt-daapd-0.2.4.2-maintainer-mode.patch, +mt-daapd-0.2.4.2.ebuild:
+ Security bump for CVE-2008-1771 wrt bug #217986.
Arches, please test and mark stable:
Target keywords : "amd64 arm ppc sh sparc x86"
arches stable... ready for GLSA
But there is still bug 204063, could someone verify if this version is still affected by that issue or not please. To me it appeared to be.
I would like to issue a glsa for it, since the severity of the current bug is higher than bug 204063.
GLSA request was filed (but no one wrote the glsa yet).
Fixed long time ago