Bug 96923 - media-video/{helix|real}player heap overflow
|
Bug#:
96923
|
Product: Gentoo Security
|
Version: unspecified
|
Platform: All
|
|
OS/Version: Other
|
Status: RESOLVED
|
Severity: major
|
Priority: P2
|
|
Resolution: FIXED
|
Assigned To: security@gentoo.org
|
Reported By: jaervosz@gentoo.org
|
|
Component: Vulnerabilities
|
|
|
URL:
http://service.real.com/help/faq/security/050623_player/EN/
|
|
Summary: media-video/{helix|real}player heap overflow
|
|
Keywords:
|
|
Status Whiteboard: A2 [glsa] jaervosz
|
|
Opened: 2005-06-23 23:18 0000
|
A vulnerability exists when handling RealText that can result in a heap
overflow.
Upgrade to realplayer-10.0.5 and helixplayer-1.0.5 is necessary.
It doesn't seems to be released yet (also if Real's security advisory states
else).
Ok committed 1.0.5 and 10.0.5. Little problem: I can't test helixplayer here
as it's x86-only so I dropped the keywords until someone can test it.
Thx Diego,
x86 please test and mark
helixplayer-1.0.5 ~x86
realplayer-10.0.5 x86
x86 testing: see above comment.
x86/someone please test and mark stable ASAP.
Tested realplayer-10.0.5 and marked stable on x86 on request from jaervosz.
Thx everyone, ready for GLSA
