Path to this page:
Subject: CVS commit: pkgsrc
From: Julio M. Merino Vidal
Date: 2005-04-12 22:12:02
Message id: 20050412201202.89B6A2DA27@cvs.netbsd.org
Log Message:
Apply patch from Gentoo to fix security problem in the cdda module. Bump
gnome-vfs2-cdda's module to 1.
Quoting the Gentoo advisory: "The GnomeVFS and libcdaudio libraries contain
a buffer overflow that can be triggered by a large CDDB response, potentially
allowing the execution of arbitrary code."
See http://www.gentoo.org/security/en/glsa/glsa-200504-07.xml and
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0706 for more
information.
Files: