Articles / Debian: New freeamp package…

Debian: New freeamp packages fix arbitrary code execution

Luigi Auriemma discovered a buffer overflow condition in the playlist module of freeamp which could lead to arbitrary code execution. Recent versions of freeamp were renamed into zinf. Fixed packages are available from
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 587-1                                        Martin Schulze
November 8th, 2004            
- --------------------------------------------------------------------------

Package        : freeamp
Vulnerability  : buffer overflow
Problem-Type   : remote
Debian-specific: no
CVE ID         : CAN-2004-0964

Luigi Auriemma discovered a buffer overflow condition in the playlist
module of freeamp which could lead to arbitrary code execution.
Recent versions of freeamp were renamed into zinf.

For the stable distribution (woody) this problem has been fixed in

For the unstable distribution (sid) this problem does not exist in the
zinf packageas the code in question was rewritten.

We recommend that you upgrade your freeamp packages.

Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody
- --------------------------------

  Source archives:
      Size/MD5 checksum:      944 39d51f9def21f5b1d5542ccbcbc01e29
      Size/MD5 checksum:    32347 783b34ce5201a8e4e10a8722fd00ad8f
      Size/MD5 checksum:  3116888 d465da9fcdcc6ee7991e9b6cd968127b

  Architecture independent components:
      Size/MD5 checksum:   282330 ffb91e1362db38b0e063839afdb7eefa

  Alpha architecture:
      Size/MD5 checksum:  2399962 187f779ad3fa78a1bcb6f79837a733ba
      Size/MD5 checksum:    90476 d184dd97abf70f5db80579e76bdca43a
      Size/MD5 checksum:    34752 97704f6cd7245b6821d4683ee7999015
      Size/MD5 checksum:    33376 77bbee46f4b02464e387d40fd850fac9

  ARM architecture:
      Size/MD5 checksum:  2194684 c37e64837c2353be71062e9c74934028
      Size/MD5 checksum:    82794 6e6e0079c0f912c6aba7e3a73bc7963d
      Size/MD5 checksum:    29440 615324c7d033b4c327a883239b5afe9c
      Size/MD5 checksum:    29342 d745a17d3a3c59dd6d004babcfa7563b

  Intel IA-32 architecture:
      Size/MD5 checksum:  2032164 5c68a2b2940d9bfa3f5f3320f9a85d5b
      Size/MD5 checksum:    73482 091fe47ddd9308edcd2df707b00fefc8
      Size/MD5 checksum:    29382 3b22fa0992c89e05542d06b78ca263df
      Size/MD5 checksum:    28476 0142da2d0ed0d50e7fe454171d7066da

  Intel IA-64 architecture:
      Size/MD5 checksum:  2367142 c43140e99b8dd87934e9611a060fe1bc
      Size/MD5 checksum:    84638 6e55107e3071f451b08d77aed3260d44
      Size/MD5 checksum:    27532 84b0e8df2b31326b378ce79e404ec4cd

  HP Precision architecture:
      Size/MD5 checksum:  2184294 a8a7ec3fa22215201fc05c9572c89074
      Size/MD5 checksum:   105354 ed97bdb2ae641dc2eecc66e7dfd2daf8
      Size/MD5 checksum:    27602 bae0e367bfb7b40d2c4b0390c6638d3f

  Motorola 680x0 architecture:
      Size/MD5 checksum:  1744992 25bf614e89c0bfddc8863d1e007335d4
      Size/MD5 checksum:    72386 a0faa0affb7912807c340d65c6049cd5
      Size/MD5 checksum:    28706 f226affa56379550b2d74c8cded44520

  Big endian MIPS architecture:
      Size/MD5 checksum:  1864476 d8874d057b941058a7981a3233fdaa65
      Size/MD5 checksum:    69940 7f2ae3c9420e113583932b40eb8604dd
      Size/MD5 checksum:    28610 9eb1bec2958a24a12872486c81e7a106
      Size/MD5 checksum:    27854 88ef872d3fdaa6e6cd274549f250b434

  Little endian MIPS architecture:
      Size/MD5 checksum:  1827610 3bd082fa5eca1e96b2ad2fec3293a8bd
      Size/MD5 checksum:    68796 d772ca8a111e64cab746a1f9efe5cf98
      Size/MD5 checksum:    27546 d9eb6b5c8f6f608c09e695333e2cd477

  PowerPC architecture:
      Size/MD5 checksum:  2046412 539183b9f14aeeabbd74049bb9dcbca8
      Size/MD5 checksum:    75370 033f91e19fbb6da25da8a864a2fde435
      Size/MD5 checksum:    29854 405d64cb8eae9c9f24e32191e1ffd8da
      Size/MD5 checksum:    29042 595cd2062229e98a2ce6d5c4ccbbc882

  IBM S/390 architecture:
      Size/MD5 checksum:  1962584 ea73c5dcf1b3d54eb04ebaeb4e190290
      Size/MD5 checksum:    73074 93857a08ea97df7926b688b3d7b75e0d
      Size/MD5 checksum:    29334 4aec2ae5a414e6d2bfbb73c6409f78c7

  Sun Sparc architecture:
      Size/MD5 checksum:  1969882 b220f88f807c80d6b96d7cfab862b2a3
      Size/MD5 checksum:    74556 cfb464ec0bf2c9859b5df5f80e9dabbc
      Size/MD5 checksum:    28814 9d7d9735acc60e36dac2d19c51d9ace9
      Size/MD5 checksum:    27802 5c91f275ac283265a8c4bd6d94b5122f

  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list:
Package info: `apt-cache show ' and

Version: GnuPG v1.2.5 (GNU/Linux)


Project Spotlight

Kigo Video Converter Ultimate for Mac

A tool for converting and editing videos.


Project Spotlight


An efficient tagger for MP3, Ogg/Vorbis, and FLAC files.