Synopsis: Moderate: mikmod security update Issue date: 2010-09-28 CVE Names: CVE-2007-6720 CVE-2009-3995 CVE-2009-3996 Multiple input validation flaws, resulting in buffer overflows, were discovered in MikMod. Specially-crafted music files in various formats could, when played, cause an application using the MikMod library to crash or, potentially, execute arbitrary code. (CVE-2009-3995, CVE-2009-3996, CVE-2007-6720) All running applications using the MikMod library must be restarted for this update to take effect. SL 3.0.x SRPMS: mikmod-3.1.6-23.el3.src.rpm i386: mikmod-3.1.6-23.el3.i386.rpm mikmod-devel-3.1.6-23.el3.i386.rpm x86_64: mikmod-3.1.6-23.el3.i386.rpm mikmod-3.1.6-23.el3.x86_64.rpm mikmod-devel-3.1.6-23.el3.x86_64.rpm SL 4.x SRPMS: mikmod-3.1.6-33.el4_8.1.src.rpm i386: mikmod-3.1.6-33.el4_8.1.i386.rpm mikmod-devel-3.1.6-33.el4_8.1.i386.rpm x86_64: mikmod-3.1.6-33.el4_8.1.i386.rpm mikmod-3.1.6-33.el4_8.1.x86_64.rpm mikmod-devel-3.1.6-33.el4_8.1.x86_64.rpm SL 5.x SRPMS: mikmod-3.1.6-39.el5_5.1.src.rpm i386: mikmod-3.1.6-39.el5_5.1.i386.rpm mikmod-devel-3.1.6-39.el5_5.1.i386.rpm x86_64: mikmod-3.1.6-39.el5_5.1.i386.rpm mikmod-3.1.6-39.el5_5.1.x86_64.rpm mikmod-devel-3.1.6-39.el5_5.1.i386.rpm mikmod-devel-3.1.6-39.el5_5.1.x86_64.rpm -Connie Sieh -Troy Dawson