CVE-2009-0698 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0698): Integer overflow in the 4xm demuxer (demuxers/demux_4xm.c) in xine-lib 1.1.16.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a 4X movie file with a large current_track value, a similar issue to CVE-2009-0385.
The release notes say: "This release contains one new security fix. It also contains some corrections of previous security fixes." Changes: * Build fixes related to ImageMagick 6.4 & later. * Fix an error in Matroska PTS calculation. * Some front ends hang due to the hang fixes in 1.1.16. Fix this by removing a break statement. * Fix broken size checks in various input plugins (ref. CVE-2008-5239). * More malloc checking (ref. CVE-2008-5240). * Fix race conditions in gapless_switch (ref. kde bug #180339) * Fix a possible integer overflow in the 4XM demuxer. (TKADV2009-004.txt) Arches, please test and mark stable: =media-libs/xine-lib-1.1.16.2 Target keywords : "alpha amd64 arm hppa ia64 ppc ppc64 sparc x86"
*** Bug 258374 has been marked as a duplicate of this bug. ***
While this is good to have it stable I would have prefered seeing it handled in bug #249041 where it seems my comments got ignored and would appreciate if you could sort this mess out, thanks.
amd64/x86 stable
Sparc stable.
ppc64 done
alpha/arm/ia64 stable
ppc done
Stable for HPPA.
GLSA together with bug 234777 and bug 249041.
GLSA filed including bug 234777, bug 249041, bug 260069, and bug 265250.
GLSA 201006-04