Summary: | <media-libs/xine-lib-1.1.16.2 ACE (CVE-2009-0698) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Stefan Behte (RETIRED) <craig> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | maekke, media-video |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://bugs.xine-project.org/show_bug.cgi?id=205 | ||
Whiteboard: | B2 [glsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 257682 |
Description
Stefan Behte (RETIRED)
![]() ![]() The release notes say: "This release contains one new security fix. It also contains some corrections of previous security fixes." Changes: * Build fixes related to ImageMagick 6.4 & later. * Fix an error in Matroska PTS calculation. * Some front ends hang due to the hang fixes in 1.1.16. Fix this by removing a break statement. * Fix broken size checks in various input plugins (ref. CVE-2008-5239). * More malloc checking (ref. CVE-2008-5240). * Fix race conditions in gapless_switch (ref. kde bug #180339) * Fix a possible integer overflow in the 4XM demuxer. (TKADV2009-004.txt) Arches, please test and mark stable: =media-libs/xine-lib-1.1.16.2 Target keywords : "alpha amd64 arm hppa ia64 ppc ppc64 sparc x86" *** Bug 258374 has been marked as a duplicate of this bug. *** While this is good to have it stable I would have prefered seeing it handled in bug #249041 where it seems my comments got ignored and would appreciate if you could sort this mess out, thanks. amd64/x86 stable Sparc stable. ppc64 done alpha/arm/ia64 stable ppc done Stable for HPPA. GLSA together with bug 234777 and bug 249041. GLSA filed including bug 234777, bug 249041, bug 260069, and bug 265250. GLSA 201006-04 |