K 10
svn:author
V 4
miwi
K 8
svn:date
V 27
2009-01-11T13:22:40.000000Z
K 7
svn:log
V 560
- Fix:
	Heap-based buffer overflow in the cddb_read_disc_data function in
	cddb.c in libcdaudio 0.99.12p2 allows remote attackers to execute
	arbitrary code via long CDDB data.

	Buffer overflow in discdb.c for grip 3.1.2 allows attackers to cause
	a denial of service (crash) and possibly execute arbitrary code by
	causing the cddb lookup to return more matches than expected.

PR:		129050
Submitted by:	Eygene Ryabinkin <rea-fbsd@codelabs.ru>
Approved by:	novel@ (maintainer)
Security:	http://www.vuxml.org/freebsd/bd730827-dfe0-11dd-a765-0030843d3802.html

END