Tweet
So... this came up on my google news, couldn't find it reported on winamp forum so... sorry if you guys know this already, but it's kinda big.
ZDNet article
Secunia Advisory
Actual Exploit
ZDNet article
Secunia Advisory
Actual Exploit
-
-
Yes, we know about it and it's already been fixed :-)
Here is the patched in_mp3.dll for 5.12
*edited by deppy. this url will be removed once a new client with this fix has been released.
(place in_mp3.dll in the Winamp\Plugins folder)
There'll be a 5.13 released shortly, which will be exactly the same as 5.12 but with the patched in_mp3 included.
There'll be a separate patched in_mp3.dll included with the next public release of 5.2 beta, also hopefully today.
Note: we've already moved/deleted a few similar threads which reported this issue, but I'm going to leave this one active, seeing as there's now a patch available.
[Edit: 2nd Feb] in_mp3 now removed [/Edit] -
phew cool, thanks
Comment
-
A patched 5.13 is now available:
Comment
-
Originally posted by DJ Egg
Here is the patched in_mp3.dll for 5.12
*edited by deppy. this url will be removed once a new client with this fix has been released.Hmm, the URL still works, and it's a different version then the releases 5.13 version.There'll be a 5.13 released shortly, which will be exactly the same as 5.12 but with the patched in_mp3 included.
Just to let you know, cheers.Comment
Comment