Old 30th January 2006, 19:57   #1
DrO
 
Join Date: Sep 2003
Posts: 27,873
Winamp 5.13 released

Winamp 5.13

winamp 5.13 Full emusic plus
winamp 5.13 Pro (asks for key during install)
winamp 5.13 Korn bundle emusic plus
winamp 5.13 lite

Whats new:
* Fixed [in_mp3] extremely critical security vulnerability

This new build of Winamp is the same as 5.12 but with the above security fix implemented. For more information about the security vulnerability see this thread. It is highly recommended that you upgrade to this version of Winamp as your main version. Not doing so is at your own risk due to the potential nature of the vulnerability.

With this version, winamp.exe is marked as v5.13.387 and the fixed in_mp3.dll is marked as v3.41.

-daz
DrO is offline   Reply With Quote
Old 30th January 2006, 20:42   #2
amano
Major Dude
 
amano's Avatar
 
Join Date: Apr 2003
Location: where the llamas come from!
Posts: 952
TNX for the quick fix. There are other companies who should act as quick as you do.

eeeee eeeeeee eeeee eeeee eeeee
8 8 8 8 8 8 8 8 8 8 88
8eee8 8e 8 8 8eee8 8e 8 8 8
88 8 88 8 8 88 8 88 8 8 8
88 8 88 8 8 88 8 88 8 8eee8
amano is offline   Reply With Quote
Old 30th January 2006, 20:44   #3
The_Mega_ZZTer
Junior Member
 
The_Mega_ZZTer's Avatar
 
Join Date: Nov 2003
Location: On the Internet
Posts: 20
Send a message via AIM to The_Mega_ZZTer Send a message via Yahoo to The_Mega_ZZTer
Speedy fix! I just heard about this little bug. Good job.
The_Mega_ZZTer is offline   Reply With Quote
Old 30th January 2006, 21:00   #4
DrO
 
Join Date: Sep 2003
Posts: 27,873
It could have been quicker but the way certain security advice companies went about ignoring the standard accepted methods for such a scenario hindered that. If that's how they are going to deal with such issues in the future then i think we're looking at very dubious times with safety on the internet and it's related use of...

-daz
DrO is offline   Reply With Quote
Old 30th January 2006, 21:33   #5
Squadman
Senior Member
 
Squadman's Avatar
 
Join Date: Nov 2004
Location: UK
Posts: 284
Send a message via AIM to Squadman
Wow, quick fix. Good one guys, downloading now. Thanks.
Squadman is offline   Reply With Quote
Old 31st January 2006, 00:34   #6
priestlyboy
Junior Member
 
priestlyboy's Avatar
 
Join Date: Dec 2003
Location: Brooklyn, NYC
Posts: 43
Send a message via AIM to priestlyboy Send a message via Yahoo to priestlyboy
Heh, is that true that WMP is apparently becoming more popular than Winamp?

From ZDNet's Article about the mp3 bug fix
Quote:
Even though the security company gave the vulnerability its highest rating for software threats, it noted that the number of people who use Winamp has declined over the years, so the scope of the problem is not as large as it once might have been.

"Winamp used to be the world's most popular MP3 player and is still quite popular, but as Windows Media Player has gotten better, some users have migrated over," said Thomas Kristensen, Secunia's chief technology officer.
I've never really enjoyed WMP interface since the i think 6.4 which Media Player Classic the open source (i think) version on sourceforge seems to be based on.

Just curious how it seemed to bash winamp a lil bit.
priestlyboy is offline   Reply With Quote
Old 31st January 2006, 00:36   #7
Veej007
Senior Member
 
Join Date: Sep 2002
Posts: 349
so it's just a security fix? what about this?

http://forums.winamp.com/showthread....hreadid=235445
Veej007 is offline   Reply With Quote
Old 31st January 2006, 00:39   #8
DrO
 
Join Date: Sep 2003
Posts: 27,873
what was going to be 5.13 is now part of the 5.2 beta series. this 5.13 as indicated in the first post is 5.12 with security fix.

-daz
DrO is offline   Reply With Quote
Old 31st January 2006, 00:43   #9
doodle2
Junior Member
 
Join Date: Feb 2004
Posts: 18
So, is this extremely critical fix already included for those who installed the 5.2 beta build 365? Or do we have to wait for a new beta/install 5.13?
doodle2 is offline   Reply With Quote
Old 31st January 2006, 01:00   #10
CraigF
Passionately Apathetic
Administrator
 
CraigF's Avatar
 
Join Date: May 2000
Location: Hell
Posts: 5,435
as you suspect, no, the beta doesnt include the fix. hopefully an updated beta will be rolled either today or tomorrow that includes the fix. You may be able to get away with using the fixed in_mp3 from 5.13 with 5.2, but ymmv.

if you're that bothered in the meantime, install the latest stable build (5.13).

@priestlyboy bundled software always has market dominance, but that doesnt mean people made any choice over what is superior. Theres a reason the EU sued microsoft.

CraigF is offline   Reply With Quote
Old 31st January 2006, 17:05   #11
joopbraak
Junior Member
 
Join Date: Jan 2006
Posts: 3
Re: Winamp 5.13 released

Quote:
Originally posted by DrO

With this version, winamp.exe is marked as v5.13.387 and the fixed in_mp3.dll is marked as v3.41.

-daz
http://www.winamp.com/in_mp3.dll

is a different in_mp3.dll then the released winamp 5.13 version. Why?

And how to see the v3.41?

Thanks
joopbraak is offline   Reply With Quote
Old 31st January 2006, 17:11   #12
DJ Egg
Techorator
Winamp & Shoutcast Team
 
Join Date: Jun 2000
Posts: 35,866
Hmm... I think they're both exactly the same, heh.

[edit] actually, the in_mp3 included with 5.13 is slightly newer, and is the recommended one. The separate dll was just a temporary solution until 5.13 became available, and the dll will be removed from winamp.com shortly [/edit]

To see the version number...

Winamp > Prefs > Plugins > Input:
Nullsoft MPEG Audio Decoder 3.41 (in_mp3.dll)
DJ Egg is online now   Reply With Quote
Old 31st January 2006, 21:55   #13
kzuse
Senior Member
 
kzuse's Avatar
 
Join Date: Oct 2005
Location: (D)
Posts: 480
Send a message via ICQ to kzuse Send a message via Skype™ to kzuse
Quote:
[edit] actually, the in_mp3 included with 5.13 is slightly newer, and is the recommended one. The separate dll was just a temporary solution until 5.13 became available, and the dll will be removed from winamp.com shortly [/edit]
Why don't you just replace the http://winamp.com/in_mp3.dll with the new one from Winamp 5.13

For the people who don't have broadband connections and just want to have the newest DLL. (Why should I download 5.3 MB when there's just 370 KB of changed code??)

Thanks...
kzuse is offline   Reply With Quote
Old 31st January 2006, 22:46   #14
CraigF
Passionately Apathetic
Administrator
 
CraigF's Avatar
 
Join Date: May 2000
Location: Hell
Posts: 5,435
Because you'll obviously want the latest and greatest winamp with all its too cool for school functionality.

CraigF is offline   Reply With Quote
Old 1st February 2006, 02:34   #15
epp_b
Junior Member
 
Join Date: Feb 2006
Posts: 5
I agree with kzuse. Assuming that version 5.12 of winamp.exe is compatible, it would be nice if you (someone?) could post the in_dll.mp3 file that is included with version 5.13.
epp_b is offline   Reply With Quote
Old 1st February 2006, 03:05   #16
DJ Egg
Techorator
Winamp & Shoutcast Team
 
Join Date: Jun 2000
Posts: 35,866
Like I said, the separate dll will be removed soon (should've been already, but I guess deppy's been busy with other issues). Of course, there's nothing to stop someone else from mirroring the in_mp3.dll from 5.13, but as CraigF said, we here want everyone to upgrade to the latest & greatest, and not continue to use older versions with other security flaws & bugs.

Yeah, sure, I feel your pain if you're on a 56k dialup and are just upgrading from 5.12, though you could just download/install the Lite version - but make sure you backup gen_ml.dll and gen_ff.dll (media library and modern skin support) first, because afaik, the Lite installer deletes those, heh. Infact, if installing 5.13 Lite over 5.12 Full/Pro, then it's probably best to just backup the entire Winamp dir first, then just restore everything except for winamp.exe and plugins\in_mp3.dll afterwards.
DJ Egg is online now   Reply With Quote
Old 1st February 2006, 09:17   #17
martin.deimos
Android/UI Development
 
martin.deimos's Avatar
 
Join Date: Sep 2004
Location: Bavaria
Posts: 1,242
Send a message via ICQ to martin.deimos Send a message via AIM to martin.deimos Send a message via Yahoo to martin.deimos
thanks for fixing!
btw I hate WMP!
Winamp was my first love :-)

WebSite: www.skinconsortium.com - Community for Userinterface Design & Coding
Skins: Click Here
martin.deimos is offline   Reply With Quote
Old 1st February 2006, 11:50   #18
kzuse
Senior Member
 
kzuse's Avatar
 
Join Date: Oct 2005
Location: (D)
Posts: 480
Send a message via ICQ to kzuse Send a message via Skype™ to kzuse
But if that new DLL is the only thing that changed in 5.13 (see the changelog!), then why download the whole installer?? Just to have a new version number? Thanks guys but that's not what I want. I really like updates if they improve things, but I'm not the one who updates just for the sake of updating and having a new number in the about box!!!!!

Quote:
and not continue to use older versions with other security flaws & bugs.
Aahh...in other words, there are more security flaws in 5.12????

I think I'll use the dll from winamp.com/in_mp3.dll (or WMP) until there's 5.2.
kzuse is offline   Reply With Quote
Old 1st February 2006, 12:57   #19
CraigF
Passionately Apathetic
Administrator
 
CraigF's Avatar
 
Join Date: May 2000
Location: Hell
Posts: 5,435
go nuts.

what do you do when microsoft drop a 100mb service pack? I suppose you order the disc right?

I bet those WoW patches really hit hard, and gosh darn, they even pretty much force you to you torrent sucking up all your upstream too.

damn them all to hell.

lets put things into perspective here. 5mb is nothing, even on dialup.

CraigF is offline   Reply With Quote
Old 1st February 2006, 13:05   #20
Koopa
16-Bit Moderator
 
Koopa's Avatar
 
Join Date: Apr 2004
Posts: 4,341
Quote:
Just to have a new version number? Thanks guys but that's not what I want.
First: Be happy, that Nullsoft released a quick security update.

Second: For most people, it's much easier to run the installer, instead of copying a .dll file in Winamp's installation folder.

Quote:
Aahh...in other words, there are more security flaws in 5.12????
Sure, software has bugs, every program has security flaws too.

It doesn't matter, if you use WMP, Winamp or any other player, from time to time, new security flaws will be public.
Koopa is offline   Reply With Quote
Old 1st February 2006, 13:14   #21
DJ Egg
Techorator
Winamp & Shoutcast Team
 
Join Date: Jun 2000
Posts: 35,866
@kzuse

No, there's no other known security flaws in 5.12.
But there were many security fixes in many other releases between 2.x and 5.1 and it's the people who are using any of those builds who we don't want to simply download in_mp3.dll.

There wasn't going to be a 5.13 until this security issue arose.
5.2 was the next planned release, with a whole heap of changes & new features.

Instead of moaning about a few megabytes, you should be full of praise & gratitude for the speed at which Nullsoft addressed and fixed the issue... like most other people.
DJ Egg is online now   Reply With Quote
Old 1st February 2006, 13:51   #22
DrO
 
Join Date: Sep 2003
Posts: 27,873
and since the in_mp3 which was on winamp.com is slightly older than the 5.13 version, you'd need to upgrade anyway (a few extra checks were added in to bolster up the fixes just incase).

5Mb on dialup, is what 15-20mins are most and you didn't have to deal with doing that all of the time during the early 5.0x dev phase so it's not much at all. If you don't want to, then don't use it. No one is going to be able to force you to upgrade, it's your machine and data, you can do with it as you wish. Winamp has done what's required so it's not really their issue now.

Also shipping lose dlls around is not good since it then makes tech support of a product that bit harder due to not knowing what version is being used, especially if you made a hybrid version (i've done it for dev purposes and it can become a nightmare to manage at times). Having to get the full package means at least you (and us if there are issues) know what you should have in the given Winamp install.

-daz
DrO is offline   Reply With Quote
Old 1st February 2006, 14:00   #23
CraigF
Passionately Apathetic
Administrator
 
CraigF's Avatar
 
Join Date: May 2000
Location: Hell
Posts: 5,435
There are a great number of people who believe that winamp 2 is the way to go. You see it everywhere, a lot of misguided understanding with regards to winamp 5, how it was crafted, and how it works.

What we have whenever there is a security bug that is found in legacy versions, is a whole heap of those misguided people still running version 2 trying to find a way to secure up their winamp. Lots of people do this by simply using the plugins from the latest version with older versions.

In most cases, this can work. Amusingly, the reason this works is the same reason people are misguided in the first place. Winamp 5 IS winamp 2. Its the same core, the same API's, and for all intent and purpose, it could just as well be numbered 2.9999999.

Of course, things change. in_mp3 would be a prime example. Recently new formats have come into the mix such as AAC, AAC+, containers like MP4, and god knows how many fundemental tagging changes. A lot of this functionality is reusable. To that end, a lot of it has been moved out of every plugin and included as a library. Think of it as a space saving measure; Why have 8 plugins with network abilities including 8 copies of jnetlib when you can just include one copy of jnetlib that all plugins can use? Thats how winamp has been able to add so much more functionality and still remains the tiny download it has always been.

Of course, what happens when someone uses code from later versions with old software? Well, for one, the newer version may in actual fact be stripped down. You might have dependancies on other files, and even if you catch those dependancies, winamp 2 certainly wont include the internal api's used to load those dependancies. To sum up, you end up with a clusterfuck.

But lets suppose it does work, I mean, in_mp3 doesnt use external libraries to play back mp3, and people using winamp 2 may only be after mp3 playback; but even then theres an assumption of security when of course, we only need look at the changelog from 2.95->5.13 to see that there are plenty of things that have been fixed in that time. And no, not all of them are with functionality only found in Winamp 5.

Your best course of action is to update to the latest and greatest stable Winamp, and that is of course always our recommendation on the forums. Infact, you wont get very much help with any issues until you confirm that you have done this.

So back to the original issue: Yes, if you have 5.12, there is almost zero reason why you cant just use the in_mp3 from 5.13, its the only thing thats changed, aside from a version bump, and there are no known security issues with 5.12 other than the one fixed in 5.13. But giving people who refuse to upgrade a false sense of security is not the goal of this exercise.

CraigF is offline   Reply With Quote
Old 1st February 2006, 16:09   #24
kzuse
Senior Member
 
kzuse's Avatar
 
Join Date: Oct 2005
Location: (D)
Posts: 480
Send a message via ICQ to kzuse Send a message via Skype™ to kzuse
Ok. The only thing/argument that I think makes sense is this one:

Quote:
But there were many security fixes in many other releases between 2.x and 5.1 and it's the people who are using any of those builds who we don't want to simply download in_mp3.dll.
And just to get thing's right: I'm not one of those "misleaded" people who still use Winamp 2, and I DO really like Winamp and use it SINCE there was Version 2. Ans I also DO know tha 5=2.9999. The only thing I wanted, was that the winamp.com/in_mp3.dll should be replaced by the newest one available (from 5.13). But now I ' got it from a friend by mail, so no problems any more.

Quote:
So back to the original issue: Yes, if you have 5.12, there is almost zero reason why you cant just use the in_mp3 from 5.13, its the only thing thats changed, aside from a version bump, and there are no known security issues with 5.12 other than the one fixed in 5.13. But giving people who refuse to upgrade a false sense of security is not the goal of this exercise.
That's okay. I agree. Let's stop argueing.

I'm really looking forward to Winamp 5.2 and all future version!!

Best regards, kzuse
kzuse is offline   Reply With Quote
Old 1st February 2006, 16:55   #25
CraigF
Passionately Apathetic
Administrator
 
CraigF's Avatar
 
Join Date: May 2000
Location: Hell
Posts: 5,435
Hehe, I wasn't even arguing with you; and you even quoted the paragraph where I specifically said that.

CraigF is offline   Reply With Quote
Old 1st February 2006, 22:56   #26
cunninlynguist
Junior Member
 
Join Date: Feb 2006
Location: Suisse
Posts: 8
Hello

I noticed my pc started hanging today and after doing some tests, I found out it was indeed winamp (i had version 5.1 pro). I did some further testing and noticed a strange file in my running processes called launch~1.exe

I couldn't find out anything about this on google. after ending the task and uninstalling 5.1 the problem seemed solved

I just now installed 5.3 so I'm still checking for any problems...

Anybody have any similar problems??? I'm pretty sure that it has something to do with the above mentioned circumstances. Please post ur feedback

Edit:
Well, i found out the launch~1.exe is not the problem causer, it's a system startup file for Nokia PC Suite


If anyone knows where I can find more info on this exploit (other than the code) please post it. I'd like to figure out if someone really was on my machine...

Anywho, pc is running properly now...

I don't want to sound like a cock, but this isn't the first time winamp had a major security flaw, it's not a surprise to me that people are migrating away from winamp. I'm still going to stick around because I've been using winamp since winamp 2, but if something like this were to happen again in the near future, I definetely will be thinking of finding an alternative program. I'm sure many other users share my opinion. Don't get me wrong, I love winamp, but I would have wished more detailed info from the Winamp developers about this exploit, not just some links to foreign sites where I have to guess together what the problem is.

Last edited by cunninlynguist; 1st February 2006 at 23:27.
cunninlynguist is offline   Reply With Quote
Old 1st February 2006, 23:28   #27
DJ Egg
Techorator
Winamp & Shoutcast Team
 
Join Date: Jun 2000
Posts: 35,866
No. Whatever Launch~1.exe is/was, it's got nothing to do with the default Winamp distro/installation.
DJ Egg is online now   Reply With Quote
Old 1st February 2006, 23:29   #28
cunninlynguist
Junior Member
 
Join Date: Feb 2006
Location: Suisse
Posts: 8
lol...identical timing
cunninlynguist is offline   Reply With Quote
Old 1st February 2006, 23:40   #29
DJ Egg
Techorator
Winamp & Shoutcast Team
 
Join Date: Jun 2000
Posts: 35,866
Yeah, you edited yours just as I was posting mine, heh.

But hey, you're making it sound like Winamp is the one & only program/player affected by security issues. Virtually every program has potential flaws/vulnerabilities (Windows, IE, Firefox, WMP, Real, etc, to name but a few of the major ones that I can think of offhand) and you can be guaranteed that the 'script kiddies' out there will always strive to find them.

The main thing is that, as in this particular case, Winamp's security issues get fixed super quickly. An amazing 6 hr turnaround on the latest one was pretty good going, don't you think?


"it's not a surprise to me that people are migrating away from winamp"

They all come back in the end ;-)
DJ Egg is online now   Reply With Quote
Old 1st February 2006, 23:45   #30
CraigF
Passionately Apathetic
Administrator
 
CraigF's Avatar
 
Join Date: May 2000
Location: Hell
Posts: 5,435
Security flaws exist in all software, its just fact.

With regards to what information you were looking for about this security issue, im not sure what you're after exactly. Ask your questions and i'll try to answer them.

CraigF is offline   Reply With Quote
Old 2nd February 2006, 00:38   #31
cunninlynguist
Junior Member
 
Join Date: Feb 2006
Location: Suisse
Posts: 8
i just find the lack of detail quite unsatisfying. i never quite understood how someone would get in through a dll file.
ok, say I still had winamp 5.1* running and i go to a url with the exploit activated, what happens next? does any data get placed on my pc in form of a virus, trojan or similar? is there anything i need to find and delete in the registry or somewhere else? or is updating to 5.3 enough? i just felt left in the dark when it came to more details. i was just a little paranoid because my pc has been running fine for ages and today it started acting up, and viola, I see that winamp has a critical security issue, and winamp was running all day today on my pc.

i am quite aware of security issues in other software products, especially windows software (i could write a book on that), i just didn't expect it in a media player.

like i said: i love winamp, and i WANT to keep using it because i am comfortable with it and it has brought me no problems in the past, just a little more info next time would be nice. like what exactly happens when the exploit is executed. All i could find is that noone has been exploited as of yet, and I didn't want to be the first! if the exploit had been executed before i updated to 5.3 then just updating to 5.3 probably would not solve the problem, or am I wrong?
cunninlynguist is offline   Reply With Quote
Old 2nd February 2006, 10:07   #32
CraigF
Passionately Apathetic
Administrator
 
CraigF's Avatar
 
Join Date: May 2000
Location: Hell
Posts: 5,435
Ok sure, I can try and explain things a little more.

On 30th of Jan a user posted notification to the forums at approx lunchtime GMT of a full disclosure security issue. I forwarded this notification to the appropriate people immediately.

At that point those of us online and in communication at the time began a process of testing and analysis to see what versions were effected and what winamp component the problem was within. Remember that Winamp development is based in the USA, approx 5 hours behind GMT.

To sidetrack a little, the specific reported bug was announced as being a playlist loading issue, and a remote vulnerability. While accurate, some confusion can arise from the phrase "remote vulnerability". The vulnerability is a local one. It occurs when Winamp loads a malformed playlist file. Sadly, Winamp sets its self up to automatically load up and run playlists from your Internet browser. Hence, it becomes a remote issue. Not by casual internet traffic, but by a user visiting a website deliberately trying to send a malformed playlist to you.

This is obviously the attack vector that secunia et al were considering when deeming the vulnerability a remote exploit, and due to winamps default config/install, they are accurate in reporting it as such.

Obviously, as part of analysis, a lot of attention was given to other potential vectors. I wont go into details, but my immediate concerns with regards to shoutcast were quickly put at ease. The bug remained as reported.

At this point, damage control began, responses came back from those in the states waking up, and the bug was immediately identified as being within in_mp3.dll. Obviously there are currently two supported versions of Winamp in circulation at the time (5.12 and 5.2 beta), but with 5.12 being the latest release, that was the priority.

An initial fixed version was quickly uploaded and posted to the forums for people to install, this was later copied to www.winamp.com (since it has far more bandwidth), and the community started posting notifications to all the usual sites reporting on this issue (betanews/neowin/etc) that the patch was available and where to get it.

With the initial rush out the door over, work continued on in_mp3 to tidy up any other problems that were identified, a new build of winamp was pushed (5.13), and an announcement placed on the homepage. All this occured within approx 6 hours.

If you're after a little bit more info on software security issues, the following wikipedia articles may be of some interest:

Buffer Overflow
D.E.P.
White Hat
Black Hat

CraigF is offline   Reply With Quote
Old 2nd February 2006, 16:52   #33
cunninlynguist
Junior Member
 
Join Date: Feb 2006
Location: Suisse
Posts: 8
so within that 6 hour time frame (for me 3 days till i knew of this exploit), the chances of actually having the bad luck and being on a website with the exploit in actual place are next to ZERO... i assume...?
cunninlynguist is offline   Reply With Quote
Old 2nd February 2006, 16:58   #34
CraigF
Passionately Apathetic
Administrator
 
CraigF's Avatar
 
Join Date: May 2000
Location: Hell
Posts: 5,435
correct. Now apply that same question to bugs in other software products that lie there for months unpatched.

CraigF is offline   Reply With Quote
Old 2nd February 2006, 17:12   #35
cunninlynguist
Junior Member
 
Join Date: Feb 2006
Location: Suisse
Posts: 8
cool, thanks for the more elaborate info. my paranoia has vanished *blipp*
cunninlynguist is offline   Reply With Quote
Old 2nd February 2006, 17:18   #36
Juanus
Major Dude
 
Juanus's Avatar
 
Join Date: Oct 2004
Location: Santa Monica, CA
Posts: 740
Send a message via AIM to Juanus
Lets be honest, the majority of bugs/worms/security vulnerabilities will not affect you. If you are this obsessive, then maybe "the internets" is not where you should be.

Thanks to the Winamp Dev team for doing an awesome job. Winamp definitely is one of the best pieces of software, period.
Juanus is offline   Reply With Quote
Old 2nd February 2006, 17:31   #37
cunninlynguist
Junior Member
 
Join Date: Feb 2006
Location: Suisse
Posts: 8
where am i obsessive? paranoid yes... obsessive...? no...

what would you do if your PC has been running for over two years without the slightest of problems, then suddenly, boom, PC crashes without a warning, while the only actively running application is winamp... then you find out that just three days prior the only info you find is that Winamp has critical security flaws which are not properly explained...?

I'm sure your first assumption would have been: it's Winamp's fault...

anyways, i know your reply, you're probably some tech geek that knows every millimeter of every piece of software you run, therefore something this minute would NEVER occur to you...

sorry, I'm somewhat educated in computers, but far from being a genius...
[/end rant]

[begin flaming]

...
cunninlynguist is offline   Reply With Quote
Old 2nd February 2006, 19:11   #38
CraigF
Passionately Apathetic
Administrator
 
CraigF's Avatar
 
Join Date: May 2000
Location: Hell
Posts: 5,435
Everyone is entitled to ask questions. I hope I answered those you had.

CraigF is offline   Reply With Quote
Old 2nd February 2006, 20:57   #39
cunninlynguist
Junior Member
 
Join Date: Feb 2006
Location: Suisse
Posts: 8
pretty much, thx again...
cunninlynguist is offline   Reply With Quote
Old 19th February 2006, 20:58   #40
zardoc
Junior Member
 
zardoc's Avatar
 
Join Date: Feb 2001
Location: Quebec, Canada
Posts: 24
M3u and pls Buffer Overflow

Is it true that M3U and pls with long names can cause a buffer overflow in 5.13 as stated by some sites??

Thanks,

zardoc is offline   Reply With Quote
Reply
Go Back   Winamp & Shoutcast Forums > Winamp > Winamp Discussion

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump