From ${URL} : Description A vulnerability has been reported in libmms, which can be exploited by malicious people to compromise an application using the library. The vulnerability is caused due to a boundary error within the "get_answer()" function (src/mmsh.c) when handling MMS-over-HTTP server response, which can be exploited to cause a heap-based buffer overflow via a specially crafted response containing an overly long line. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in versions prior to 0.6.4. Solution: Update to version 0.6.4. Provided and/or discovered by: The vendor credits Alex Chapman. Original Advisory: http://sourceforge.net/p/libmms/code/ci/master/tree/ChangeLog @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
media-libs/libmms-0.6.4 is in the tree. It should be ok to test/stabilize right away.
CVE-2014-2892 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2892): Heap-based buffer overflow in the get_answer function in mmsh.c in libmms before 0.6.4 allows remote attackers to execute arbitrary code via a long line in an MMS over HTTP (MMSH) server response.
@arches, please stabilize: media-libs/libmms-0.6.4
amd64 stable
Stable for HPPA PPC64.
ppc stable
x86 stable
Stable on alpha.
sparc stable. Maintainer(s), please cleanup.
@maintainer(s), please clean the vulnerable versions.
This issue was resolved and addressed in GLSA 201612-29 at https://security.gentoo.org/glsa/201612-29 by GLSA coordinator Kristian Fiskerstrand (K_F).