Integer overflow in the 4xm demuxer (demuxers/demux_4xm.c) in
xine-lib 184.108.40.206 allows remote attackers to cause a denial of
service (crash) and possibly execute arbitrary code via a 4X movie
file with a large current_track value, a similar issue to
The release notes say:
"This release contains one new security fix.
It also contains some corrections of previous security fixes."
* Build fixes related to ImageMagick 6.4 & later.
* Fix an error in Matroska PTS calculation.
* Some front ends hang due to the hang fixes in 1.1.16. Fix
this by removing a break statement.
* Fix broken size checks in various input plugins
* More malloc checking (ref. CVE-2008-5240).
* Fix race conditions in gapless_switch
(ref. kde bug #180339)
* Fix a possible integer overflow in the 4XM demuxer.
Arches, please test and mark stable:
Target keywords : "alpha amd64 arm hppa ia64 ppc ppc64 sparc x86"
*** Bug 258374 has been marked as a duplicate of this bug. ***
While this is good to have it stable I would have prefered seeing it handled in bug #249041 where it seems my comments got ignored and would appreciate if you could sort this mess out, thanks.
Stable for HPPA.
GLSA together with bug 234777 and bug 249041.
GLSA filed including bug 234777, bug 249041, bug 260069, and bug 265250.