It was discovered that a heap overflow in the CDDB retrieval code of libcdaudio, a library for controlling a CD-ROM when playing audio CDs, may result in the execution of arbitrary code. For the stable distribution (etch), this problem has been fixed in version 0.99.12p2-2+etch1. A package for hppa will be provided later. For the upcoming stable distribution (lenny) and the unstable distribution (sid), this problem has been fixed in version 0.99.12p2-7. We recommend that you upgrade your libcdaudio packages.
It was discovered that a heap overflow in the CDDB retrieval code of libcdaudio, a library for controlling a CD-ROM when playing audio CDs, may result in the execution of arbitrary code.
For the stable distribution (etch), this problem has been fixed in version 0.99.12p2-2+etch4. A package for hppa will be provided later.
For the upcoming stable distribution (lenny) and the unstable distribution (sid), this problem has been fixed in version 0.99.12p2-7.
We recommend that you upgrade your libcdaudio packages.
MD5 checksums of the listed files are available in the original advisory.