Paketname
xine-lib
Datum
2008-02-15
Advisory ID
MDVSA-2008:046
Betroffene Versionen
2008.0 x86_64 , 2008.0 i586 , 2007.1 i586 , 2007.1 x86_64

Problembeschreibung

An array index vulnerability found in the FLAC audio demuxer might
allow remote attackers to execute arbitrary code via a crafted FLAC
tag, which triggers a buffer overflow. Although originally an MPlayer
issue, it also affects xine-lib due to code similarity.

The updated packages have been patched to prevent this issue.

Aktualisierte Pakete

2008.0 x86_64

 ac5c1cf34cf85bd33c60a9707aa851d4  2008.0/x86_64/lib64xine-devel-1.1.8-4.3mdv2008.0.x86_64.rpm
 2b995c0f69aa471d4700e5721b67a8af  2008.0/x86_64/lib64xine1-1.1.8-4.3mdv2008.0.x86_64.rpm
 cace153adb4181e62fdf6b9cbc715ab9  2008.0/x86_64/xine-aa-1.1.8-4.3mdv2008.0.x86_64.rpm
 d5c963ebc4814b1642937959531de6bf  2008.0/x86_64/xine-caca-1.1.8-4.3mdv2008.0.x86_64.rpm
 a20718c6f1abe8c06afb98ae52f36208  2008.0/x86_64/xine-dxr3-1.1.8-4.3mdv2008.0.x86_64.rpm
 fd4f65b926b4d9d3e5f734bfce8b7cbb  2008.0/x86_64/xine-esd-1.1.8-4.3mdv2008.0.x86_64.rpm
 e9f18928c5ed86e531545b98f721102b  2008.0/x86_64/xine-flac-1.1.8-4.3mdv2008.0.x86_64.rpm
 0cad217d2138a6f6597db02714a5c0e8  2008.0/x86_64/xine-gnomevfs-1.1.8-4.3mdv2008.0.x86_64.rpm
 3d2a618e0cc44cf47c0556ce6cc09bd9  2008.0/x86_64/xine-image-1.1.8-4.3mdv2008.0.x86_64.rpm
 14baefc41749868298378b2d637c62b0  2008.0/x86_64/xine-jack-1.1.8-4.3mdv2008.0.x86_64.rpm
 ef3bc2769f717ac9bc6f8a1f6c801f30  2008.0/x86_64/xine-plugins-1.1.8-4.3mdv2008.0.x86_64.rpm
 8296113a6b5db2f3846dd2c28755f583  2008.0/x86_64/xine-pulse-1.1.8-4.3mdv2008.0.x86_64.rpm
 37745a135e8fafd10e31731048d5b58a  2008.0/x86_64/xine-sdl-1.1.8-4.3mdv2008.0.x86_64.rpm
 5493e7511c3b601ffcc0632a8beab66c  2008.0/x86_64/xine-smb-1.1.8-4.3mdv2008.0.x86_64.rpm 
 bc6508f3f527de2c25039bc3bff359d4  2008.0/SRPMS/xine-lib-1.1.8-4.3mdv2008.0.src.rpm

2008.0 i586

 a006ee314a3487abda9f87844a418283  2008.0/i586/libxine-devel-1.1.8-4.3mdv2008.0.i586.rpm
 50300dd0ede82d905faa0148864ce5c3  2008.0/i586/libxine1-1.1.8-4.3mdv2008.0.i586.rpm
 f7354400019aa522a9b4c9183cdcbf01  2008.0/i586/xine-aa-1.1.8-4.3mdv2008.0.i586.rpm
 d9246649fabf1ec7d5ded73fc69389de  2008.0/i586/xine-caca-1.1.8-4.3mdv2008.0.i586.rpm
 17cfc011b27bbee2ded3e57840892f3e  2008.0/i586/xine-dxr3-1.1.8-4.3mdv2008.0.i586.rpm
 b3bc62b1d9704e4c387b9dc05ca78c21  2008.0/i586/xine-esd-1.1.8-4.3mdv2008.0.i586.rpm
 bfc01255d453d4b024a3b219077d1410  2008.0/i586/xine-flac-1.1.8-4.3mdv2008.0.i586.rpm
 76c62017cdd33345889c1582caf3b827  2008.0/i586/xine-gnomevfs-1.1.8-4.3mdv2008.0.i586.rpm
 512904d1519640475146f19449398d05  2008.0/i586/xine-image-1.1.8-4.3mdv2008.0.i586.rpm
 b854ed87d8b85e43c766d47267e61ef1  2008.0/i586/xine-jack-1.1.8-4.3mdv2008.0.i586.rpm
 b3b83be2f3b0a1e5125921b17bef5b21  2008.0/i586/xine-plugins-1.1.8-4.3mdv2008.0.i586.rpm
 781983b84a24bcd23ea7ed087b42d1bf  2008.0/i586/xine-pulse-1.1.8-4.3mdv2008.0.i586.rpm
 e7f7b472e8fd8bf30bc448fee29ae94d  2008.0/i586/xine-sdl-1.1.8-4.3mdv2008.0.i586.rpm
 00d5184581be159ba607b277d4b3326d  2008.0/i586/xine-smb-1.1.8-4.3mdv2008.0.i586.rpm 
 bc6508f3f527de2c25039bc3bff359d4  2008.0/SRPMS/xine-lib-1.1.8-4.3mdv2008.0.src.rpm

2007.1 i586

 92b105e8e45cc7c628cfea03b65e5ebc  2007.1/i586/libxine1-1.1.4-6.5mdv2007.1.i586.rpm
 8c10ae324cb8e3b02fe142cae8d86b23  2007.1/i586/libxine1-devel-1.1.4-6.5mdv2007.1.i586.rpm
 bb26522243e95621a475b886ebedacca  2007.1/i586/xine-aa-1.1.4-6.5mdv2007.1.i586.rpm
 5d01cf04b75ba1ad6a4b8e85448e7b78  2007.1/i586/xine-arts-1.1.4-6.5mdv2007.1.i586.rpm
 08be3876d609ee70b0966eaaa395085b  2007.1/i586/xine-caca-1.1.4-6.5mdv2007.1.i586.rpm
 b0702ce5b6e2bd2bc12c8a4b42e8ee30  2007.1/i586/xine-dxr3-1.1.4-6.5mdv2007.1.i586.rpm
 a1dd806006624254b89f9bc6c756bd2c  2007.1/i586/xine-esd-1.1.4-6.5mdv2007.1.i586.rpm
 b0218b6ae17e7874a0949055f1271365  2007.1/i586/xine-flac-1.1.4-6.5mdv2007.1.i586.rpm
 f7b59004050060fd3ebb83bbedc7d16a  2007.1/i586/xine-gnomevfs-1.1.4-6.5mdv2007.1.i586.rpm
 38ab5fb451a81ffcce9357a3884eeaff  2007.1/i586/xine-image-1.1.4-6.5mdv2007.1.i586.rpm
 ef5bbbf902ebf0b51a56a908ff79712c  2007.1/i586/xine-jack-1.1.4-6.5mdv2007.1.i586.rpm
 0add0fbbf3e70a84739e17d66b1c851d  2007.1/i586/xine-plugins-1.1.4-6.5mdv2007.1.i586.rpm
 50c7fda320ef57b995686477a5fbbfc4  2007.1/i586/xine-pulse-1.1.4-6.5mdv2007.1.i586.rpm
 f942f35a3d5b637b20f4b9e08c4912b8  2007.1/i586/xine-sdl-1.1.4-6.5mdv2007.1.i586.rpm
 7aa83070759e8ff44153f6422c5204dd  2007.1/i586/xine-smb-1.1.4-6.5mdv2007.1.i586.rpm 
 0d47a2b57fa073f8618bf57b149a9f42  2007.1/SRPMS/xine-lib-1.1.4-6.5mdv2007.1.src.rpm

2007.1 x86_64

 25893aeb0c101954c541a2f4f9c9c1da  2007.1/x86_64/lib64xine1-1.1.4-6.5mdv2007.1.x86_64.rpm
 1fb04166eecb9a1ab1e011a0f1ababb4  2007.1/x86_64/lib64xine1-devel-1.1.4-6.5mdv2007.1.x86_64.rpm
 3e48a4aafaa97bd47cb7c0bbb7ba1237  2007.1/x86_64/xine-aa-1.1.4-6.5mdv2007.1.x86_64.rpm
 bd2347ff386d44948c88c67485fb1b5a  2007.1/x86_64/xine-arts-1.1.4-6.5mdv2007.1.x86_64.rpm
 a509d9ebab2bf1941934d2cba759e770  2007.1/x86_64/xine-caca-1.1.4-6.5mdv2007.1.x86_64.rpm
 ba1b934caece9ae950e565d9a097b40e  2007.1/x86_64/xine-dxr3-1.1.4-6.5mdv2007.1.x86_64.rpm
 95297e819a47fdcae07625741d5eabeb  2007.1/x86_64/xine-esd-1.1.4-6.5mdv2007.1.x86_64.rpm
 8e8a92caa399113211cfd95336429ead  2007.1/x86_64/xine-flac-1.1.4-6.5mdv2007.1.x86_64.rpm
 90aa9c3977c15458fe0c0ac98b1dabb2  2007.1/x86_64/xine-gnomevfs-1.1.4-6.5mdv2007.1.x86_64.rpm
 28070563c3b364760a6fd9a93a0a64bd  2007.1/x86_64/xine-image-1.1.4-6.5mdv2007.1.x86_64.rpm
 1309d3ffbdaabeaf28f8476f94fb8105  2007.1/x86_64/xine-jack-1.1.4-6.5mdv2007.1.x86_64.rpm
 c268f6d3a92ebee7d444470d9948bd2c  2007.1/x86_64/xine-plugins-1.1.4-6.5mdv2007.1.x86_64.rpm
 46f6800167c1c8766cfa168e94a5ab89  2007.1/x86_64/xine-pulse-1.1.4-6.5mdv2007.1.x86_64.rpm
 88adcbb90e87e260eb79a1f6d4c11adc  2007.1/x86_64/xine-sdl-1.1.4-6.5mdv2007.1.x86_64.rpm
 fb5ef2d8db31b0c6da3db2401963d1f8  2007.1/x86_64/xine-smb-1.1.4-6.5mdv2007.1.x86_64.rpm 
 0d47a2b57fa073f8618bf57b149a9f42  2007.1/SRPMS/xine-lib-1.1.4-6.5mdv2007.1.src.rpm

Referenzen