Paketname
mplayer
Datum
2008-10-29
Advisory ID
MDVSA-2008:219
Betroffene Versionen
2009.0 x86_64 , 2008.0 i586 , 2009.0 i586 , CS3.0 x86_64 , 2008.0 x86_64 , CS3.0 i586 , 2008.1 x86_64 , 2008.1 i586

Problembeschreibung

A vulnerability that was discovered in xine-lib that allowed remote
RTSP servers to execute arbitrary code via a large streamid SDP
parameter also affects MPlayer (CVE-2008-0073).

Several integer overflows were discovered by Felipe Andres Manzano
in MPlayer's Real video stream demuxing code. These vulnerabilities
could allow an attacker to cause a crash or possibly execute arbitrary
code by supplying a malicious crafted video file (CVE-2008-3827).

The updated packages have been patched to fix these issues.
Note that CVE-2008-3827 was already corrected in the Mandriva Linux
2009 packages.

Aktualisierte Pakete

2009.0 x86_64

 7810ac4e7341376361e905fa9ee794d0  2009.0/x86_64/mencoder-1.0-1.rc2.18.1mdv2009.0.x86_64.rpm
 605a3d14860548d2b746a97e5b361840  2009.0/x86_64/mplayer-1.0-1.rc2.18.1mdv2009.0.x86_64.rpm
 989c07ab807f905e3503352f4c463d40  2009.0/x86_64/mplayer-doc-1.0-1.rc2.18.1mdv2009.0.x86_64.rpm
 5ef94d6df57d0112265a36e186106aa8  2009.0/x86_64/mplayer-gui-1.0-1.rc2.18.1mdv2009.0.x86_64.rpm 
 03294c164da39856a04c0962f687b1f6  2009.0/SRPMS/mplayer-1.0-1.rc2.18.1mdv2009.0.src.rpm

2008.0 i586

 51dc665f4e6c46a8e7d3af31e3f46ef1  2008.0/i586/libdha1.0-1.0-1.rc1.20.5mdv2008.0.i586.rpm
 1280ed0edc0d95cc9c7bcbea8638567c  2008.0/i586/mencoder-1.0-1.rc1.20.5mdv2008.0.i586.rpm
 b0b57f31b91c6d71262299caa2d2e4d4  2008.0/i586/mplayer-1.0-1.rc1.20.5mdv2008.0.i586.rpm
 0fec9a77e3a126e7ee688364b3fa946a  2008.0/i586/mplayer-doc-1.0-1.rc1.20.5mdv2008.0.i586.rpm
 aabb1872c10f85a3601fbd10a59b61ad  2008.0/i586/mplayer-gui-1.0-1.rc1.20.5mdv2008.0.i586.rpm 
 9db331c8ef0344fa6d8619b3aea8885a  2008.0/SRPMS/mplayer-1.0-1.rc1.20.5mdv2008.0.src.rpm

2009.0 i586

 6a22452cc4c6ff51ee7405771e84ecf2  2009.0/i586/mencoder-1.0-1.rc2.18.1mdv2009.0.i586.rpm
 88e08e27ff6768a2fd6293f642ad79f4  2009.0/i586/mplayer-1.0-1.rc2.18.1mdv2009.0.i586.rpm
 e7d7d2660992f17113b15b7920aa5513  2009.0/i586/mplayer-doc-1.0-1.rc2.18.1mdv2009.0.i586.rpm
 77c749336b795767e890aa35ee6a2422  2009.0/i586/mplayer-gui-1.0-1.rc2.18.1mdv2009.0.i586.rpm 
 03294c164da39856a04c0962f687b1f6  2009.0/SRPMS/mplayer-1.0-1.rc2.18.1mdv2009.0.src.rpm

CS3.0 x86_64

 13323f1bfdddcb7df1137cc0bcd3c80f  corporate/3.0/x86_64/lib64postproc0-1.0-0.pre3.14.17.C30mdk.x86_64.rpm
 6239bc27da1d94a1f177017d3bf4b45f  corporate/3.0/x86_64/lib64postproc0-devel-1.0-0.pre3.14.17.C30mdk.x86_64.rpm
 c6675375ce4aa469014a2585a0edf858  corporate/3.0/x86_64/mencoder-1.0-0.pre3.14.17.C30mdk.x86_64.rpm
 f64d577f9a3e039099bb42d27ec5ed13  corporate/3.0/x86_64/mplayer-1.0-0.pre3.14.17.C30mdk.x86_64.rpm
 b2c2434b16586f99b3f763b95c03a7bb  corporate/3.0/x86_64/mplayer-gui-1.0-0.pre3.14.17.C30mdk.x86_64.rpm 
 787610bc369fdf37e73722692b59bca0  corporate/3.0/SRPMS/mplayer-1.0-0.pre3.14.17.C30mdk.src.rpm

2008.0 x86_64

 4bfbbbcfbb168aabb9c9c0f2d235544f  2008.0/x86_64/mencoder-1.0-1.rc1.20.5mdv2008.0.x86_64.rpm
 53d2c556b15602598c8ac1030400339c  2008.0/x86_64/mplayer-1.0-1.rc1.20.5mdv2008.0.x86_64.rpm
 1b4005cff9e527b203bf14b1dab992f4  2008.0/x86_64/mplayer-doc-1.0-1.rc1.20.5mdv2008.0.x86_64.rpm
 1cafef5feb13f271739ea75b6bf4c809  2008.0/x86_64/mplayer-gui-1.0-1.rc1.20.5mdv2008.0.x86_64.rpm 
 9db331c8ef0344fa6d8619b3aea8885a  2008.0/SRPMS/mplayer-1.0-1.rc1.20.5mdv2008.0.src.rpm

CS3.0 i586

 7aba7c8c6ae90b9340414f7923f22d81  corporate/3.0/i586/libdha0.1-1.0-0.pre3.14.17.C30mdk.i586.rpm
 6a71bfd88f1ca36312586e92bd0ee400  corporate/3.0/i586/libpostproc0-1.0-0.pre3.14.17.C30mdk.i586.rpm
 243e93dc1c3070fb06475d66250a2b3c  corporate/3.0/i586/libpostproc0-devel-1.0-0.pre3.14.17.C30mdk.i586.rpm
 c1c6bb9988b5faab6ee4b4385e595e37  corporate/3.0/i586/mencoder-1.0-0.pre3.14.17.C30mdk.i586.rpm
 3a5cd649c516e06839924ad9e38d8c57  corporate/3.0/i586/mplayer-1.0-0.pre3.14.17.C30mdk.i586.rpm
 c3c12dbbddf11db8c49a6e95f167b4c8  corporate/3.0/i586/mplayer-gui-1.0-0.pre3.14.17.C30mdk.i586.rpm 
 787610bc369fdf37e73722692b59bca0  corporate/3.0/SRPMS/mplayer-1.0-0.pre3.14.17.C30mdk.src.rpm

2008.1 x86_64

 e359c3798640174bc3e81f6e8c266930  2008.1/x86_64/mencoder-1.0-1.rc2.10.4mdv2008.1.x86_64.rpm
 2c19ff0f70d461470c098e2bdf27aa31  2008.1/x86_64/mplayer-1.0-1.rc2.10.4mdv2008.1.x86_64.rpm
 f0a56b1b742ea8f34dfe4fa6eb7ae80f  2008.1/x86_64/mplayer-doc-1.0-1.rc2.10.4mdv2008.1.x86_64.rpm
 a1acd0e41fb4313c420b7cff3760a5b2  2008.1/x86_64/mplayer-gui-1.0-1.rc2.10.4mdv2008.1.x86_64.rpm 
 a154696596b1cda1988ecc95a1c4ba87  2008.1/SRPMS/mplayer-1.0-1.rc2.10.4mdv2008.1.src.rpm

2008.1 i586

 69b752937c0b6d6f0d6a2f8d9d97038f  2008.1/i586/mencoder-1.0-1.rc2.10.4mdv2008.1.i586.rpm
 3e665f6eb39e9edfce4997d5307fe2e8  2008.1/i586/mplayer-1.0-1.rc2.10.4mdv2008.1.i586.rpm
 95194876362039bd4e97208e24f79f6b  2008.1/i586/mplayer-doc-1.0-1.rc2.10.4mdv2008.1.i586.rpm
 8f71502b3943e4549cdf544650113f43  2008.1/i586/mplayer-gui-1.0-1.rc2.10.4mdv2008.1.i586.rpm 
 a154696596b1cda1988ecc95a1c4ba87  2008.1/SRPMS/mplayer-1.0-1.rc2.10.4mdv2008.1.src.rpm

Referenzen