I know I just committed it, but this is just a hotfix to fix the security fix that caused an off-by-one and broke playing of certain FLAC files. I'm apologising as part of upstream too for not having been able to test the fix beforehand, we're having a pretty bad history for security fixes lately :/
x86 stable
Stable for HPPA.
ppc stable
alpha/ia64/sparc stable
on amd64: media-libs/xine-lib-1.1.10.1-r1 USE="X a52 aac alsa dts dvd flac gnome gtk ipv6 mad mmap modplug musepack nls opengl pulseaudio real sdl theora truetype v4l vcd vorbis xcb xv -aalib (-altivec) -arts -debug -directfb -dxr3 -esd -fbcon -imagemagick -jack -libcaca -mng -oss -samba -speex (-vidix) -wavpack (-win32codecs) -xinerama -xvmc" seems to be fine for me. i've tested it with media-video/xine-ui-0.99.5 USE="X nls readline -aalib -curl -debug -libcaca -lirc -vdr -xinerama" and (file output) * MPEG sequence, v1, system multiplex * Microsoft ASF * RIFF (little-endian) data, AVI, 704 x 480, ~30 fps, video: DivX 3 Fast-Motion, audio: MPEG-1 Layer 3 (stereo, 48000 Hz) * RIFF (little-endian) data, AVI, 576 x 352, 23.98 fps, video: DivX 3 Low-Motion, audio: MPEG-1 Layer 3 (stereo, 48000 Hz) * Apple QuickTime movie (fast start, compressed header) * Ogg data, OGM video (DivX 5) <<! with subtitles !>> * RIFF (little-endian) data, AVI, 600 x 316, 25.00 fps, video: XviD, audio:MPEG-1 Layer 3 (stereo, 48000 Hz) here: Portage 2.1.4.4 (default-linux/amd64/2007.0/desktop, gcc-4.1.2, glibc-2.6.1-r0, 2.6.23-tuxonice-r10 x86_64) ================================================================= System uname: 2.6.23-tuxonice-r10 x86_64 Intel(R) Core(TM)2 Duo CPU E6550 @ 2.33GHz Timestamp of tree: Tue, 04 Mar 2008 10:46:01 +0000 app-shells/bash: 3.2_p17-r1 dev-java/java-config: 1.3.7, 2.1.4 dev-lang/python: 2.4.4-r6 dev-python/pycrypto: 2.0.1-r6 sys-apps/baselayout: 1.12.11.1 sys-apps/sandbox: 1.2.18.1-r2 sys-devel/autoconf: 2.13, 2.61-r1 sys-devel/automake: 1.4_p6, 1.5, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10 sys-devel/binutils: 2.18-r1 sys-devel/gcc-config: 1.4.0-r4 sys-devel/libtool: 1.5.26 virtual/os-headers: 2.6.23-r3 ACCEPT_KEYWORDS="amd64" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-march=nocona -O2 -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/X11/xkb /usr/share/config" CONFIG_PROTECT_MASK="/etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/revdep-rebuild /etc/splash /etc/terminfo /etc/texmf/web2c /etc/udev/rules.d" CXXFLAGS="-march=nocona -O2 -pipe" DISTDIR="/var/portage/distfiles" FEATURES="distlocks metadata-transfer parallel-fetch sandbox sfperms strict unmerge-orphans userfetch" GENTOO_MIRRORS="ftp://gd.tuwien.ac.at/opsys/linux/gentoo/ http://mirror.uni-c.dk/pub/gentoo/ http://trumpetti.atm.tut.fi/gentoo/ " LANG="en_US.utf8" LC_ALL="en_US.utf8" LINGUAS="en de" MAKEOPTS="-j3" PKGDIR="/var/portage/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/var/portage/repos/gentoo" PORTDIR_OVERLAY="/var/portage/repos/private" SYNC="rsync://192.168.0.1/gentoo-portage" USE="3dnow 3dnowext X a52 aac acpi alsa amd64 beagle berkdb bzip2 cairo caps cddb cdparanoia cdr cli cracklib crypt cups dbus djvu dri dvd dvdr dvdread eds emboss encode evo exif fam ffmpeg firefox flac fortran gd gdbm gif gimp gnome gphoto2 gpm gstreamer gtk hal hddtemp iconv icu ipod ipv6 isdnlog java jpeg jpeg2k keyring lcms ldap libnotify lm_sensors mad matroska midi mikmod mmap mmx mmxext mono mp3 mpeg mudflap musicbrainz ncurses nls nptl nptlonly nvidia ogg opengl openmp pam pcre pdf perl plotutils png pppd pulseaudio python qt3support quicktime readline reflection ruby sdl session spell spl sse sse2 ssl ssse3 svg tcpd tetex theora threads tiff truetype unicode usb vcd vim-syntax vorbis xattr xml xorg xv xvid zlib" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CAMERAS="canon konica ptp2 kodak" ELIBC="glibc" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LINGUAS="en de" USERLAND="GNU" VIDEO_CARDS="nvidia nv" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LDFLAGS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
ppc64 stable
amd64 stable, thanks Matthias.
Diego, if this is security problem why this bug is not assigned to (or at least CC'ed) our security team? CC'ing security for their review.
Fixed in release snapshot.
Because it is not a security issue, is a regression _caused_ by the security fix.
Ah, I see. This does not affect security. Sorry for bug spam.
arm stable, closing
