Security Information / 2000 / Security Information -- esound

Debian Security Advisory

esound -- race condition

Date Reported:

08 Oct 2000

Affected Packages:

esound

Vulnerable:

No

Security database references:

In Mitre's CVE dictionary: CVE-2000-0864.

More information:

Linux-Mandrake has recently released a Security Advisory (MDKSA-2000:051) covering a race condition in the esound. Debian is not affected by this bug; the bug is specific to the unix domain socket support, which was turned off in stable (2.2/potato) and unstable (woody) on February 16, 2000. Therefore neither the current stable or unstable distribution of Debian is vulnerable to this problem. Debian 2.1 (aka "slink") is also not vulnerable to this problem; the version of esound in Debian 2.1 is 0.2.6, which predates the buggy unix domain socket code.