(will attach sample)
Created attachment 150019 [details]
file crashing xine
Any news here? we already have a pending GLSA for xine-lib (bug #213039 and bug #214270), but with a vulnerability remaining, it's pointless.
These are patches for CVE-2008-1878:
It should make sense to include these patches:
Diego, are you rolling a new release soon? Otherwise, media-video: please create an ebuild with the patches included.
Hi Diego and media-video team,
our GLSA draft about xine-lib has been ready for several days now, and we are still waiting for this bug being solved. Please tell us if you plan to include the patches for CVE-2008-1878 very shortly, or if not.
Hi, I tried to fix this issue, but it seems the upstream commit doesn't fix it (xine-lib 1.1 branch still crashes). I'm in contact with diego to resolv this.
xine-lib-1.1.12-r1 should fix the buffer overflow. There's another crash-bug, so testing the evil.mp3 will still crash xine, but there's no overflow any more.
(In reply to comment #2)
> Any news here? we already have a pending GLSA for xine-lib (bug #213039 and bug
> #214270), but with a vulnerability remaining, it's pointless.
wasn't -r1 good enough ? anyway, 1.1.13 is in the tree now.
* Security fixes:
- Buffer overflow in the NSF demuxer which may allow remote attackers to
cause a denial of service (crash) or possibly execute arbitrary code
via an NSF file with a long title or copyright message. (CVE-2008-1878)
- For extra safety against possible Integer overflows like the ones found
in CVE-2008-1482, backport more calloc usage from 1.2 branch.
* Added MIME types and .mpp for musepack.
* Fixed display of some MJPEG streams (YUVJ420P).
* Deprecate xine_xmalloc() function, see src/xine-utils/utils.c for more
information about the reason.
* Provide a useful implementation of xine_register_log_cb().
* New version of the JACK output plugin.
Arches, please test and mark stable:
Target keywords : "alpha amd64 arm hppa ia64 ppc ppc64 sparc x86"
Stable for HPPA.
ppc64 and ppc done
Stable on alpha.