Summary: | media-libs/xine-lib - multiple heap overflows in MMS and Real RTSP streaming clients | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Carsten Lohrke (RETIRED) <carlo> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | media-video |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | All | ||
Whiteboard: | A2 [glsa] koon | ||
Package list: | Runtime testing required: | --- |
Description
Carsten Lohrke (RETIRED)
2005-04-21 14:22:59 UTC
xine-lib-1.0-r2 committed with combined patch fixing the problem. Arches please test and mark stable. Stable on ppc. amd64 done stable on x86 stable on ppc64 arm/ia64 stable Stable on alpha. Stable on hppa. sparc will need a backport of this fix. Against our current stable 1_rc6-r1 rtsp applies cleanly but mms doesn't. 1.0 doesn't work for sparc as it is, and i haven't tested 1.0.1 yet, which doesn't seem to be present in portage yet. I've backported the fix to 1_rc6 and I'm building the package to be sure it works fine at least on amd64. I'll submit 1_rc6-r2 asap. rc6-rc2 sparc happy. Thanks Diego. ehmm that would be rc6-r2, but i think you've got the idea :) GLSA 200504-27 |