This Bug references Bug 379557 filed by Ago. It is for media-libs/libmodplug specifically, but since the source for audacious-plugins pulls in some of the same files for the libmodplug vulnerability, I created a separate bug per Underling. Some vulnerabilities have been reported in libmodplug, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library. 1) An integer overflow error exists within the "CSoundFile::ReadWav()" function (src/load_wav.cpp) when processing certain WAV files. This can be exploited to cause a heap-based buffer overflow by tricking a user into opening a specially crafted WAV file. 2) Boundary errors within the "CSoundFile::ReadS3M()" function (src/load_s3m.cpp) when processing S3M files can be exploited to cause stack-based buffer overflows by tricking a user into opening a specially crafted S3M file. 3) An off-by-one error within the "CSoundFile::ReadAMS()" function (src/load_ams.cpp) can be exploited to cause a stack corruption by tricking a user into opening a specially crafted AMS file. 4) An off-by-one error within the "CSoundFile::ReadDSM()" function (src/load_dms.cpp) can be exploited to cause a memory corruption by tricking a user into opening a specially crafted DSM file. 5) An off-by-one error within the "CSoundFile::ReadAMS2()" function (src/load_ams.cpp) can be exploited to cause a memory corruption by tricking a user into opening a specially crafted AMS file. Solution: Upgrade to version 3.0.3 Reference: https://bugs.gentoo.org/show_bug.cgi?id=379557 http://jira.atheme.org/browse/AUDPLUG-394 http://secunia.com/advisories/45131
@sound, 3.0.3 is not affected by these issues. Would it be possible to stabilize that version? Thanks!
3.0.3 depends on GTK+ 3. Make sure this is what you want. If you agree with that, do feel free to add arches. And next time, please do add the maintainer of the actual package rather than just the herd.
Guys, it was done in bug 383991 times ago. So, for upstream advisories, 2.x is not affected ( http://jira.atheme.org/browse/AUDPLUG-394 ) Close as invalid?
*** This bug has been marked as a duplicate of bug 383991 ***