Updated mikmod packages that fix a security issue are now available.
This update has been rated as having low security impact by the CentOS
Security Response Team.
MikMod is a well known MOD music file player for UNIX-based systems.
A buffer overflow bug was found in mikmod during the processing of archive
filenames. An attacker could create a malicious archive that when opened by
mikmod could result in arbitrary code execution. The Common Vulnerabilities
and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0427
to this issue.
Users of mikmod are advised to upgrade to these erratum packages, which
contain backported security patches and are not vulnerable to these issues.