Synopsis:	Moderate: mikmod security update
Issue date:	2010-09-28
CVE Names:	CVE-2007-6720 CVE-2009-3995 CVE-2009-3996

Multiple input validation flaws, resulting in buffer overflows, were
discovered in MikMod. Specially-crafted music files in various formats
could, when played, cause an application using the MikMod library to 
crash or, potentially, execute arbitrary code. (CVE-2009-3995, 
CVE-2009-3996, CVE-2007-6720)

All running applications using the MikMod library must be restarted for 
this update to take effect.

SL 3.0.x

       SRPMS:
mikmod-3.1.6-23.el3.src.rpm
       i386:
mikmod-3.1.6-23.el3.i386.rpm
mikmod-devel-3.1.6-23.el3.i386.rpm
       x86_64:
mikmod-3.1.6-23.el3.i386.rpm
mikmod-3.1.6-23.el3.x86_64.rpm
mikmod-devel-3.1.6-23.el3.x86_64.rpm

SL 4.x

       SRPMS:
mikmod-3.1.6-33.el4_8.1.src.rpm
       i386:
mikmod-3.1.6-33.el4_8.1.i386.rpm
mikmod-devel-3.1.6-33.el4_8.1.i386.rpm
       x86_64:
mikmod-3.1.6-33.el4_8.1.i386.rpm
mikmod-3.1.6-33.el4_8.1.x86_64.rpm
mikmod-devel-3.1.6-33.el4_8.1.x86_64.rpm

SL 5.x

       SRPMS:
mikmod-3.1.6-39.el5_5.1.src.rpm
       i386:
mikmod-3.1.6-39.el5_5.1.i386.rpm
mikmod-devel-3.1.6-39.el5_5.1.i386.rpm
       x86_64:
mikmod-3.1.6-39.el5_5.1.i386.rpm
mikmod-3.1.6-39.el5_5.1.x86_64.rpm
mikmod-devel-3.1.6-39.el5_5.1.i386.rpm
mikmod-devel-3.1.6-39.el5_5.1.x86_64.rpm

-Connie Sieh
-Troy Dawson