libtunepimp -- buffer overflow

2006-08-02T00:00:00
ID DSA-1135
Type debian
Reporter Debian
Modified 2006-08-02T00:00:00

Description

Kevin Kofler discovered several stack-based buffer overflows in the LookupTRM::lookup function in libtunepimp, a MusicBrainz tagging library, which allows remote attackers to cause a denial of service or execute arbitrary code.

For the stable distribution (sarge) these problems have been fixed in version 0.3.0-3sarge2.

For the unstable distribution (sid) these problems have been fixed in version 0.4.2-4.

We recommend that you upgrade your libtunepimp packages.