Summary: | media-libs/xine-lib contains vulnerable ffmpeg (CVE-2005-4048) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Thierry Carrez (RETIRED) <koon> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | media-video |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://article.gmane.org/gmane.comp.video.ffmpeg.devel/26558 | ||
Whiteboard: | A2 [glsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 115760 | ||
Bug Blocks: |
Description
Thierry Carrez (RETIRED)
2005-12-17 05:36:00 UTC
Removing ffmpeg as more work is needed before it can be called for stable. Arches please test and mark stable, with following target KEYWORDS : * xine-lib-1.1.1-r2: alpha amd64 arm hppa ia64 ppc ppc64 sparc x86 You are advised to add the -r3 to ~ for testing if you can. Much better title. Quick change of platform in bugzilla. Sorry about the email. stable on ppc64 Stable on ppc. 1.1.1-r3 seems to work fine on sparc with patchlevel 21 and xvid-1.0.3 + ffmpeg-0.4.9_p20051216. 1.1.1-r2 doesn't do it with patchlevel 17a (much less with 17). 1.1.1-r2 sparc stable after Diego's fixes. amd64 done Stable on hppa x86 done Stable on alpha + ia64. good, this is ready for glsa I'd rather wait for ffmpeg and mplayer to be fixed and stable too to issue this one. GLSA 200601-06 Thanks everybody. |