[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
upgrade to Ruby 2.0.0-p353 or 1.9.3-p484 (CVE-2013-4164)
|
From: |
Eric Wong |
|
Subject: |
upgrade to Ruby 2.0.0-p353 or 1.9.3-p484 (CVE-2013-4164) |
|
Date: |
Sat, 23 Nov 2013 03:09:57 +0000 |
|
User-agent: |
Mutt/1.5.21 (2010-09-15) |
See:
https://www.ruby-lang.org/en/news/2013/11/22/heap-overflow-in-floating-point-parsing-cve-2013-4164/
Users of ReplayGain functionality in dtas-player(1) are affected if
they did not generate the REPLAYGAIN_* metadata tags themselves.
REPLAYGAIN_* metadata tags generated by malicious music sources may
trigger a heap overflow this way.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- upgrade to Ruby 2.0.0-p353 or 1.9.3-p484 (CVE-2013-4164),
Eric Wong <=