Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Fedora Core 3 FEDORA-2005-203 Critical Threat: Grip Buffer Overflow

fedora
Calendar Grey March 9, 2005
Dist Fedora Esm H88
This enhancement addresses a memory leak vulnerability in grasp, enhancing reliability during communication with the CDDB database.
This fixes a buffer overflow when the CDDB server returns more than 16 matches.

Summary

Grip is a GTK+ based front-end for CD rippers (such as cdparanoia and

cdda2wav) and Ogg Vorbis encoders. Grip allows you to rip entire tracks or

just a section of a track. Grip supports the CDDB protocol for

accessing track information on disc database servers.

This fixes a buffer overflow when the CDDB server returns more than 16

matches.

- add patch to fix overflow when there are too many CDDB matches

f078fec4a06112503c8f06bd222aaa40 SRPMS/grip-3.2.0-4.src.rpm

430dd9fa6d880e8b59a6819e6aab1c9b x86_64/grip-3.2.0-4.x86_64.rpm

7b14cf30b120d2d194a17f92fc41a78a x86_64/debug/grip-debuginfo-3.2.0-4.x86_64.rpm

caf07496566e30d76779ea36210efeee i386/grip-3.2.0-4.i386.rpm

ae1ac272d781c126b27d2378af2a5f1a i386/debug/grip-debuginfo-3.2.0-4.i386.rpm

This update can also be installed with the Update Agent; you can

launch the Update Agent with the 'up2date' command.

fedora-announce-list@redhat.com

Topics%20covered

Topics Covered

security advisory fedora core buffer overflow critical grip software

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Name: grip
Version: 3.2.0
Release: 4
Summary: A front-end for CD rippers and Ogg Vorbis encoders.

Topics%20covered

Topics Covered

security advisory fedora core buffer overflow critical grip software

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here