CVE request: Audacity <1.3.6 Buffer overflow

[Robert Buchholz <rbu () gentoo org>]

Audacity before 1.3.6 contains a buffer overflow in
String_parse::get_nonspace_quoted() in lib-src/allegro/strparse.cpp when 
importing *.gro MIDI files.

https://bugs.gentoo.org/show_bug.cgi?id=253493
http://www.milw0rm.com/exploits/7634
http://n2.nabble.com/Audacity-%22String_parse::get_nonspace_quoted()%22-Buffer-Overflow-td2139537.html
http://secunia.com/advisories/33356/
http://www.f-secure.com/vulnerabilities/SA200900191

Attachment: signature.asc
Description: This is a digitally signed message part.