|
"A vulnerability in libtunepimp can be potentially exploited by
malicious people to compromise a user's system.
The vulnerability is caused due to a boundary error in the
"LookupTRM::lookup()" function when retrieving album release dates.
This can be exploited to cause a buffer overflow by returning an overly
long release date string (more than 100 bytes).
Successful exploitation may allow execution of arbitrary code in context
of an application using the vulnerable library."
http://secunia.com/advisories/21026/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3600
Patch from MusicBrainz SVN. Bump PKGREVISION.
|
