It was discovered [1] that Csound contained two boundary errors that could be exploited by tricking a user into converting a malicious file, leading to a stack-based buffer overflow and the possible execution of arbitrary code. The first is in the getnum() function (util/heti_main.c) when processing a hetro file, the second is in the getnum() function (util/pv_import.c) when processing a PVOC file. This flaw is confirmed in 5.13.0 (currently in Feodra) and is fixed in upstream 5.16.6 [2]. [1] http://secunia.com/secunia_research/2012-3/ [2] http://csound.git.sourceforge.net/git/gitweb.cgi?p=csound/csound5.git;a=commitdiff;h=7d617a9551fb6c552ba16874b71266fcd90f3a6f
Created csound tracking bugs for this issue Affects: fedora-all [bug 797251]
Fedora 20 contains csound 5.19.01 which includes the fix for this flaw. Given the age of this, it seems pretty obvious that this will not get fixed in anything earlier (like Fedora 19), so closing it since it is finally fixed in the most recent (and future) Fedora versions.
It will make it to F-19, I just need to get the time to workout why it's not building there.