Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Fedora Core 3 FEDORA-2005-203 Critical Threat: Grip Buffer Overflow

fedora
Calendar Grey March 9, 2005
Dist Fedora Esm H88
This enhancement addresses a memory leak vulnerability in grasp, enhancing reliability during communication with the CDDB database.
This fixes a buffer overflow when the CDDB server returns more than 16 matches.

Summary

Grip is a GTK+ based front-end for CD rippers (such as cdparanoia and

cdda2wav) and Ogg Vorbis encoders. Grip allows you to rip entire tracks or

just a section of a track. Grip supports the CDDB protocol for

accessing track information on disc database servers.

This fixes a buffer overflow when the CDDB server returns more than 16

matches.

- add patch to fix overflow when there are too many CDDB matches

f078fec4a06112503c8f06bd222aaa40 SRPMS/grip-3.2.0-4.src.rpm

430dd9fa6d880e8b59a6819e6aab1c9b x86_64/grip-3.2.0-4.x86_64.rpm

7b14cf30b120d2d194a17f92fc41a78a x86_64/debug/grip-debuginfo-3.2.0-4.x86_64.rpm

caf07496566e30d76779ea36210efeee i386/grip-3.2.0-4.i386.rpm

ae1ac272d781c126b27d2378af2a5f1a i386/debug/grip-debuginfo-3.2.0-4.i386.rpm

This update can also be installed with the Update Agent; you can

launch the Update Agent with the 'up2date' command.

fedora-announce-list@redhat.com

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Name: grip
Version: 3.2.0
Release: 4
Summary: A front-end for CD rippers and Ogg Vorbis encoders.

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here