Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 93939 - Gxine version bump to 0.4.5. Fixes a security problem.
Summary: Gxine version bump to 0.4.5. Fixes a security problem.
Status: RESOLVED DUPLICATE of bug 93532
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Other
: High normal (vote)
Assignee: Gentoo Security
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2005-05-25 06:49 UTC by Tero Grundström
Modified: 2005-05-25 07:35 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Tero Grundström 2005-05-25 06:49:28 UTC 
From the ChangeLog of gxine-0.4.5:

This release of gxine contains a fix for a security problem.
In all 0.4.x releases prior to 0.4.5, there is a remotely-exploitable
missing-format-string vulnerability in some message dialogue boxes.

For more details, see:
  http://seclists.org/lists/bugtraq/2005/May/0256.html

* SECURITY FIX (pst.advisory 2005-21)
  Remotely-exploitable missing-format-string vulnerability in some
  message dialogue boxes.


Reproducible: Always
Steps to Reproduce:
1.
2.
3.
Comment 1 Diego Elio Pettenò (RETIRED) gentoo-dev 2005-05-25 07:35:38 UTC 
Fixed already before 0.4.5 was released. 

*** This bug has been marked as a duplicate of 93532 ***