It was discovered that libfishsound, a simple programming interface that wraps Xiph.Org audio codecs, didn't correctly handle negative values in a particular header field. This could allow malicious files to execute arbitrary code. For the stable distribution (etch), this problem has been fixed in version 0.7.0-2etch1. For the unstable distribution (sid), this problem has been fixed in version 0.7.0-2.2. We recommend that you upgrade your libfishsound package.
It was discovered that libfishsound, a simple programming interface that wraps Xiph.Org audio codecs, didn't correctly handle negative values in a particular header field. This could allow malicious files to execute arbitrary code.
For the stable distribution (etch), this problem has been fixed in version 0.7.0-2etch4.
For the unstable distribution (sid), this problem has been fixed in version 0.7.0-2.2.
We recommend that you upgrade your libfishsound package.
MD5 checksums of the listed files are available in the original advisory.