Product : Fedora Core 2
Name : grip
Version : 3.2.0
Release : 3.fc2
Summary : A front-end for CD rippers and Ogg Vorbis encoders.
Description :
Grip is a GTK+ based front-end for CD rippers (such as cdparanoia and
cdda2wav) and Ogg Vorbis encoders. Grip allows you to rip entire tracks or
just a section of a track. Grip supports the CDDB protocol for
accessing track information on disc database servers.
Update Information:
This fixes a buffer overflow when the CDDB server returns more than 16
matches.
Wed Mar 9 2005 Bill Nottingham <notting@redhat.com> 3.2.0-3.fc2
add patch to fix overflow when there are too many CDDB matches
Fri Oct 8 2004 Bill Nottingham <notting@redhat.com> 3.2.0-3
add a passel of buildreqs (#135045)
Wed Jul 28 2004 Adrian Havill <havill@redhat.com> 3.2.0-2
rebuilt
add vte-devel to BuildRequires
Sun Jun 20 2004 Karsten Hopp <karsten@redhat.de> 3.2.0-1
Product : Fedora Core 3
Name : grip
Version : 3.2.0
Release : 4
Summary : A front-end for CD rippers and Ogg Vorbis encoders.
Description :
Grip is a GTK+ based front-end for CD rippers (such as cdparanoia and
cdda2wav) and Ogg Vorbis encoders. Grip allows you to rip entire tracks or
just a section of a track. Grip supports the CDDB protocol for
accessing track information on disc database servers.
Update Information:
This fixes a buffer overflow when the CDDB server returns more than 16
matches.
Wed Mar 9 2005 Bill Nottingham <notting@redhat.com> 3.2.0-4
add patch to fix overflow when there are too many CDDB matches
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
Ubuntu Linux
Ubuntu Security Notice USN-94-1 March 09, 2005
perl vulnerability
CAN-2005-0448
A security issue affects the following Ubuntu releases:
Ubuntu 4.10 (Warty Warthog)
The following packages are affected:
perl-modules
The problem can be corrected by upgrading the affected package to
version 5.8.4-2ubuntu0.4. In general, a standard system upgrade is
sufficient to effect the necessary changes.
Details follow:
Paul Szabo discovered another vulnerability in the rmtree() function
in File::Path.pm. While a process running as root (or another user)
was busy deleting a directory tree, a different user could exploit a
race condition to create setuid binaries in this directory tree,
provided that he already had write permissions in any subdirectory of
that tree.
