Summary: | <media-video/mplayer-1.0_rc4_p20110322-r1: SAMI Subtitle Parsing Buffer Overflow Vulnerability (CVE-2011-3625) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | media-video |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://secunia.com/advisories/45598/ | ||
Whiteboard: | B2 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2011-08-15 17:12:32 UTC
The trivial change looks to be listed at: http://mplayerhq.hu/pipermail/mplayer-cvslog/2011-May/042075.html *** Bug 385743 has been marked as a duplicate of this bug. *** +*mplayer-1.0_rc4_p20110322-r1 (06 Oct 2011) + + 06 Oct 2011; Samuli Suominen <ssuominen@gentoo.org> + +mplayer-1.0_rc4_p20110322-r1.ebuild, + +files/mplayer-1.0_rc4_p20110322-sami_subtitle_parsing.patch: + Fix security bug (SAMI Subtitle Parsing Buffer Overflow) #379297 by Agostino + Sarubbo And blocking bug 384701 because this version is required also for libpng15 compability. Thanks Samuli, Arches, please test and mark stable: =mplayer-1.0_rc4_p20110322-r1 target KEYWORDS : "alpha amd64 arm hppa ia64 ppc ppc64 sparc x86" amd64 ok + 06 Oct 2011; Steve Dibb <beandog@gentoo.org> + mplayer-1.0_rc4_p20110322-r1.ebuild: + amd64 stable, security bug 379297 amd64: ok x86 stable arm stable Stable for HPPA. ppc/ppc64 stable alpha/ia64/sparc stable Thanks, everyone. Added to existing GLSA request. (In reply to comment #4) > And blocking bug 384701 because this version is required also for libpng15 > compability. And removing now, since this is stable everywhere so it doesn't "show up" in the blockers list anymore. Sort of useless bugspam, sorry about that. This issue was resolved and addressed in GLSA 201310-13 at http://security.gentoo.org/glsa/glsa-201310-13.xml by GLSA coordinator Sean Amoss (ackle). |