MDVSA-2009:128

Package name

libmodplug

Date

2009-06-04

Advisory ID

MDVSA-2009:128

Affected versions

2009.0 x86_64 , 2009.1 i586 , 2009.0 i586 , 2008.1 i586 , 2008.1 x86_64 , 2009.1 x86_64

Problem description

Multiple security vulnerabilities has been identified and fixed
in libmodplug:

Integer overflow in the CSoundFile::ReadMed function (src/load_med.cpp)
in libmodplug before 0.8.6, as used in gstreamer-plugins and other
products, allows context-dependent attackers to execute arbitrary
code via a MED file with a crafted (1) song comment or (2) song name,
which triggers a heap-based buffer overflow (CVE-2009-1438).

Buffer overflow in the PATinst function in src/load_pat.cpp in
libmodplug before 0.8.7 allows user-assisted remote attackers to
cause a denial of service and possibly execute arbitrary code via a
long instrument name (CVE-2009-1513).

The updated packages have been patched to prevent this.

Updated packages

2009.0 x86_64

 b11968a05f7c82d19b0390487b1e7519  2009.0/x86_64/lib64modplug0-0.8.4-4.1mdv2009.0.x86_64.rpm
 8b25ba2561e0bd40dd7d98ad5c84b6f2  2009.0/x86_64/lib64modplug0-devel-0.8.4-4.1mdv2009.0.x86_64.rpm 
 f5beea611ec43f6e0885a27ac1aff48e  2009.0/SRPMS/libmodplug-0.8.4-4.1mdv2009.0.src.rpm

2009.1 i586

 1abe20b593278e00f5ce84d4bbc3ef22  2009.1/i586/libmodplug0-0.8.6-1.1mdv2009.1.i586.rpm
 ca319b4bc390014447dcf84cf6e93934  2009.1/i586/libmodplug-devel-0.8.6-1.1mdv2009.1.i586.rpm 
 460772bdd5802f79ee87dcc714fb5662  2009.1/SRPMS/libmodplug-0.8.6-1.1mdv2009.1.src.rpm

2009.0 i586

 ca0f1757e5e547a96a568c5d402a3973  2009.0/i586/libmodplug0-0.8.4-4.1mdv2009.0.i586.rpm
 617508702e6a16e34b678de36cd1a540  2009.0/i586/libmodplug0-devel-0.8.4-4.1mdv2009.0.i586.rpm 
 f5beea611ec43f6e0885a27ac1aff48e  2009.0/SRPMS/libmodplug-0.8.4-4.1mdv2009.0.src.rpm

2008.1 i586

 13d1666d8bf6b8b7c51d7d8878633a73  2008.1/i586/libmodplug0-0.8.4-3.1mdv2008.1.i586.rpm
 d75251ccb63f34aa986ffb4d1f0fcbea  2008.1/i586/libmodplug0-devel-0.8.4-3.1mdv2008.1.i586.rpm 
 d6dcdf053b4dfda1cce181b33970db90  2008.1/SRPMS/libmodplug-0.8.4-3.1mdv2008.1.src.rpm

2008.1 x86_64

 05031124a2a50613c72745126f33556b  2008.1/x86_64/lib64modplug0-0.8.4-3.1mdv2008.1.x86_64.rpm
 375642e9e070aae7d7a6a18752bd3459  2008.1/x86_64/lib64modplug0-devel-0.8.4-3.1mdv2008.1.x86_64.rpm 
 d6dcdf053b4dfda1cce181b33970db90  2008.1/SRPMS/libmodplug-0.8.4-3.1mdv2008.1.src.rpm

2009.1 x86_64

 26bc4c5a7433209f2fcdf801cb7ac821  2009.1/x86_64/lib64modplug0-0.8.6-1.1mdv2009.1.x86_64.rpm
 9e2b15436be6e7a8f6d1baf63be7ae53  2009.1/x86_64/lib64modplug-devel-0.8.6-1.1mdv2009.1.x86_64.rpm 
 460772bdd5802f79ee87dcc714fb5662  2009.1/SRPMS/libmodplug-0.8.6-1.1mdv2009.1.src.rpm

References

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1513
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1438