Support / Security / Advisories / Corporate Server 3.0 / MDKSA-2005:228

Package name: xine-lib
Date: 2005-12-14
Advisory ID: MDKSA-2005:228
Affected versions: CS3.0 i586 , 2006.0 i586 , 2006.0 x86_64 , CS3.0 x86_64

Problem description

Simon Kilvington discovered a vulnerability in FFmpeg libavcodec,
which can be exploited by malicious people to cause a DoS (Denial
of Service) and potentially to compromise a user's system.

The vulnerability is caused due to a boundary error in the
"avcodec_default_get_buffer()" function of "utils.c" in libavcodec.
This can be exploited to cause a heap-based buffer overflow when a
specially-crafted 1x1 ".png" file containing a palette is read.

Xine-lib is built with a private copy of ffmpeg containing this
same code. (Corporate Server 2.1 is not vulnerable)

The updated packages have been patched to prevent this problem.

Updated packages

CS3.0 i586

 eb66ad363e7225f165cdbd67f6e26065  corporate/3.0/RPMS/libxine1-1-0.rc3.6.7.C30mdk.i586.rpm
 6c89df1070e6b26f35d75a48cb7405ad  corporate/3.0/RPMS/libxine1-devel-1-0.rc3.6.7.C30mdk.i586.rpm
 6e583c278819c349670a5a305fff766c  corporate/3.0/RPMS/xine-aa-1-0.rc3.6.7.C30mdk.i586.rpm
 e77f19f13166e42fd3df09fd9b9eba15  corporate/3.0/RPMS/xine-arts-1-0.rc3.6.7.C30mdk.i586.rpm
 89d7298da642be02345cdf98d33daf00  corporate/3.0/RPMS/xine-dxr3-1-0.rc3.6.7.C30mdk.i586.rpm
 1947fd6e09255382a3c797b81ba41200  corporate/3.0/RPMS/xine-esd-1-0.rc3.6.7.C30mdk.i586.rpm
 c39de7583826f7987a96f392daaad4ea  corporate/3.0/RPMS/xine-flac-1-0.rc3.6.7.C30mdk.i586.rpm
 9eb882a4d1925a5e75de338294d5fee3  corporate/3.0/RPMS/xine-gnomevfs-1-0.rc3.6.7.C30mdk.i586.rpm
 be189966eee8bb042e3066c9d96f0b4f  corporate/3.0/RPMS/xine-plugins-1-0.rc3.6.7.C30mdk.i586.rpm
 cf0248a3252c55af1e15b01efae50298  corporate/3.0/SRPMS/xine-lib-1-0.rc3.6.7.C30mdk.src.rpm

2006.0 i586

 106bddc3b9cb60714c00c9ca0709f24f  2006.0/RPMS/libxine1-1.1.0-9.2.20060mdk.i586.rpm
 080965d48571a7c6a21f5509b9edc6bb  2006.0/RPMS/libxine1-devel-1.1.0-9.2.20060mdk.i586.rpm
 1b5cab0dea7da6a896f076f40057b04f  2006.0/RPMS/xine-aa-1.1.0-9.2.20060mdk.i586.rpm
 749413958bae867d0e401cf3fb7ad2d4  2006.0/RPMS/xine-arts-1.1.0-9.2.20060mdk.i586.rpm
 6dacf41d2ebea975675eeec3daaa5ed2  2006.0/RPMS/xine-dxr3-1.1.0-9.2.20060mdk.i586.rpm
 1c0a5a698ffd77dac839cdd70e3a568b  2006.0/RPMS/xine-esd-1.1.0-9.2.20060mdk.i586.rpm
 ce3a5ecb960a91faafd6376eb1d79bfb  2006.0/RPMS/xine-flac-1.1.0-9.2.20060mdk.i586.rpm
 cff6a28e36785bb64f5cde6911d03a49  2006.0/RPMS/xine-gnomevfs-1.1.0-9.2.20060mdk.i586.rpm
 8cffb6762d014113bdcb78f3b7c682f9  2006.0/RPMS/xine-image-1.1.0-9.2.20060mdk.i586.rpm
 22a248a5660f5098dcbd0731a92ba7e0  2006.0/RPMS/xine-plugins-1.1.0-9.2.20060mdk.i586.rpm
 4a3ce0b28a549de15f9668f0236bf50c  2006.0/RPMS/xine-polyp-1.1.0-9.2.20060mdk.i586.rpm
 f5f118f2bbfb1bdd4f9a940450050e53  2006.0/RPMS/xine-smb-1.1.0-9.2.20060mdk.i586.rpm
 424b1913ecb7aa0f96b19c71500f65a3  2006.0/SRPMS/xine-lib-1.1.0-9.2.20060mdk.src.rpm

2006.0 x86_64

 913f831f85eb7cce65d79c46febb1973  x86_64/2006.0/RPMS/lib64xine1-1.1.0-9.2.20060mdk.x86_64.rpm
 cb5cbf9e7e5e3d47818ef3fc6702b04b  x86_64/2006.0/RPMS/lib64xine1-devel-1.1.0-9.2.20060mdk.x86_64.rpm
 1559fb1a68019ed74047b602f14c0cc9  x86_64/2006.0/RPMS/xine-aa-1.1.0-9.2.20060mdk.x86_64.rpm
 931aec226e6266e10963d68e12cc3546  x86_64/2006.0/RPMS/xine-arts-1.1.0-9.2.20060mdk.x86_64.rpm
 966f1ef51f097657718d45e7611c64d8  x86_64/2006.0/RPMS/xine-dxr3-1.1.0-9.2.20060mdk.x86_64.rpm
 62bce4ff948e301e81ff228925dc96af  x86_64/2006.0/RPMS/xine-esd-1.1.0-9.2.20060mdk.x86_64.rpm
 c9b162cfd51ab3877711245d14af4e1c  x86_64/2006.0/RPMS/xine-flac-1.1.0-9.2.20060mdk.x86_64.rpm
 ffacd2cef4e3c181b12f663b19e7bda7  x86_64/2006.0/RPMS/xine-gnomevfs-1.1.0-9.2.20060mdk.x86_64.rpm
 199ca828d6e3314b67330c32d45cc4a3  x86_64/2006.0/RPMS/xine-image-1.1.0-9.2.20060mdk.x86_64.rpm
 81cb882870abf57921c96a66edf5185e  x86_64/2006.0/RPMS/xine-plugins-1.1.0-9.2.20060mdk.x86_64.rpm
 74a37edf5d9b2cb28a2ce758904b113b  x86_64/2006.0/RPMS/xine-polyp-1.1.0-9.2.20060mdk.x86_64.rpm
 f930bcfa573f7c250f54c48564e943e1  x86_64/2006.0/RPMS/xine-smb-1.1.0-9.2.20060mdk.x86_64.rpm
 424b1913ecb7aa0f96b19c71500f65a3  x86_64/2006.0/SRPMS/xine-lib-1.1.0-9.2.20060mdk.src.rpm

CS3.0 x86_64

 833c0e0f8468d4df40e300c0a72ac1cb  x86_64/corporate/3.0/RPMS/lib64xine1-1-0.rc3.6.7.C30mdk.x86_64.rpm
 7a802e66ab344aa9b151679d669b0620  x86_64/corporate/3.0/RPMS/lib64xine1-devel-1-0.rc3.6.7.C30mdk.x86_64.rpm
 18132113599b1330359a045d11410d5d  x86_64/corporate/3.0/RPMS/xine-arts-1-0.rc3.6.7.C30mdk.x86_64.rpm
 94beaa6edc2fd1be6badef18d818dc0c  x86_64/corporate/3.0/RPMS/xine-plugins-1-0.rc3.6.7.C30mdk.x86_64.rpm
 cf0248a3252c55af1e15b01efae50298  x86_64/corporate/3.0/SRPMS/xine-lib-1-0.rc3.6.7.C30mdk.src.rpm

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4048