[vlc-devel] [PACKAGERS] libmodplug is teh suxxor

Laurent Aimar fenrir at elivagar.org
Sat May 7 17:29:14 CEST 2011


On Sat, May 07, 2011 at 05:36:00PM +0300, Rémi Denis-Courmont wrote:
> 	Hello,
> As foretold by Nico Golde a month ago ( 
> http://mailman.videolan.org/pipermail/vlc-devel/2011-April/079653.html ), 
> another security bug has been found in libmodplug:
> http://www.exploit-db.com/exploits/17222/
> Upstream has yet to provide a fix for this. And if I trust other code 
> reviewer, this may only be the beginning of a cat & mouse game.
 FYI, I have already provided libmodplug maintainer with a lot of patches fixing
security issues. They should probably merged soon (some have already been merged).


More information about the vlc-devel mailing list