thr3ads.net - Secure testing team - [Secure-testing-team] Bug#548885: iaxmodem: contains embedded code copies of liabiax and spandsp [Sep 2009]

If this information is useful, please help other people find it:
Share via:

Bernd Zeimetz

2009-Sep-29 11:45 UTC

[Secure-testing-team] Bug#548885: iaxmodem: contains embedded code copies of liabiax and spandsp

Package: iaxmodem
Version: 1.2.0~dfsg-1
Severity: serious
Tags: security

Hi,

iaxmodem contains embedded copies of libiax and spandsp.

bzed at think /tmp/iaxmodem-1.2.0~dfsg% ll lib
total 8
drwxr-xr-x  3 bzed bzed 4096 2009-02-21 19:59 libiax2
drwxr-xr-x 10 bzed bzed 4096 2009-02-21 22:39 spandsp
bzed at think /tmp/iaxmodem-1.2.0~dfsg% 

Even if the libraries in Debian are not in a useable state, you should
fix them before shipping code copies.

Cheers,

Bernd

-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, ''unstable''), (500,
''testing''), (1, ''experimental'')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.30.5-think (SMP w/2 CPU cores; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages iaxmodem depends on:
ii  libc6                         2.9-26     GNU C Library: Shared libraries

iaxmodem recommends no packages.

iaxmodem suggests no packages.

Secure testing team - Sep 2009 - Bug#548885: iaxmodem: contains embedded code copies of liabiax and spandsp

[Secure-testing-team] Bug#548885: iaxmodem: contains embedded code copies of liabiax and spandsp