Login
Newsletter
Werbung
Sicherheit: Pufferüberlauf in xine-lib
Aktuelle Meldungen Distributionen
Name: Pufferüberlauf in xine-lib
ID: MDKSA-2006:224
Distribution: Mandriva
Plattformen: Mandriva Corporate 3.0, Mandriva 2007.0
Datum: Mi, 6. Dezember 2006, 09:21
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6172
Applikationen: Xine

Originalnachricht

 
This is a multi-part message in MIME format...

------------=_1165393277-16192-4286


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2006:224
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : xine-lib
 Date    : December 5, 2006
 Affected: 2007.0, Corporate 3.0
 _______________________________________________________________________
 
 Problem Description:
 
 Buffer overflow in the asmrp_eval function for the Real Media input
 plugin allows remote attackers to cause a denial of service and
 possibly execute arbitrary code via a rulebook with a large number of
 rulematches.

 Updated packages have been patched to correct this issue.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6172
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2007.0:
 b0aa36d10d1ee53184b345c4a48b6fcb 
 2007.0/i586/libxine1-1.1.2-3.2mdv2007.0.i586.rpm
 0c67ca2d47ea5594d2978573205c158f 
 2007.0/i586/libxine1-devel-1.1.2-3.2mdv2007.0.i586.rpm
 ee79849493b4b40f207e0e135dc9f4ca 
 2007.0/i586/xine-aa-1.1.2-3.2mdv2007.0.i586.rpm
 f0d942949cf3938287e3f4ec44275807 
 2007.0/i586/xine-arts-1.1.2-3.2mdv2007.0.i586.rpm
 db80c09dc6050a920aeae2e410ab4471 
 2007.0/i586/xine-dxr3-1.1.2-3.2mdv2007.0.i586.rpm
 79f07b0afcbf4682752919829bde6fcf 
 2007.0/i586/xine-esd-1.1.2-3.2mdv2007.0.i586.rpm
 51688356ab263c95b051712ed0f70def 
 2007.0/i586/xine-flac-1.1.2-3.2mdv2007.0.i586.rpm
 74cd9a178d86754b337e4b1217874863 
 2007.0/i586/xine-gnomevfs-1.1.2-3.2mdv2007.0.i586.rpm
 3f331ce5c5463512038ad69a785c9dbe 
 2007.0/i586/xine-image-1.1.2-3.2mdv2007.0.i586.rpm
 f147438cd7f07aaf70e1178bd2343133 
 2007.0/i586/xine-plugins-1.1.2-3.2mdv2007.0.i586.rpm
 7cb84dbcf336d715b04812fbedb349cf 
 2007.0/i586/xine-sdl-1.1.2-3.2mdv2007.0.i586.rpm
 860fe1ca635d076e9bfa1819e7b603cd 
 2007.0/i586/xine-smb-1.1.2-3.2mdv2007.0.i586.rpm 
 c7a995ee090abd62b6a580b53e3c3364 
 2007.0/SRPMS/xine-lib-1.1.2-3.2mdv2007.0.src.rpm

 Mandriva Linux 2007.0/X86_64:
 a1a3e704ff2f356784ad084f95d41f74 
 2007.0/x86_64/lib64xine1-1.1.2-3.2mdv2007.0.x86_64.rpm
 ee81c8526e7baf295f214338fa3d45cd 
 2007.0/x86_64/lib64xine1-devel-1.1.2-3.2mdv2007.0.x86_64.rpm
 bdb0a918df1d9239016741bde0027f3a 
 2007.0/x86_64/xine-aa-1.1.2-3.2mdv2007.0.x86_64.rpm
 6cc4cc4b46b3dbeb22364ecc15d9c7d6 
 2007.0/x86_64/xine-arts-1.1.2-3.2mdv2007.0.x86_64.rpm
 4d9ce5c5ef2814e2c18dcc60e6270322 
 2007.0/x86_64/xine-dxr3-1.1.2-3.2mdv2007.0.x86_64.rpm
 38fe8e37988df8307028778421029349 
 2007.0/x86_64/xine-esd-1.1.2-3.2mdv2007.0.x86_64.rpm
 53ccedaeef04ff9b15bcf3d63cdb8663 
 2007.0/x86_64/xine-flac-1.1.2-3.2mdv2007.0.x86_64.rpm
 b090fb7ac33b25d310dc8cfc4758062b 
 2007.0/x86_64/xine-gnomevfs-1.1.2-3.2mdv2007.0.x86_64.rpm
 51d280def3f6c87276e9b4892c807d38 
 2007.0/x86_64/xine-image-1.1.2-3.2mdv2007.0.x86_64.rpm
 fdbfa62329ac6fadba0277db33b71cff 
 2007.0/x86_64/xine-plugins-1.1.2-3.2mdv2007.0.x86_64.rpm
 af8dda72b12c9a36d7a51d3d5916bb38 
 2007.0/x86_64/xine-sdl-1.1.2-3.2mdv2007.0.x86_64.rpm
 dea73578f285ebe1b1aac769cc0a549a 
 2007.0/x86_64/xine-smb-1.1.2-3.2mdv2007.0.x86_64.rpm 
 c7a995ee090abd62b6a580b53e3c3364 
 2007.0/SRPMS/xine-lib-1.1.2-3.2mdv2007.0.src.rpm

 Corporate 3.0:
 e27a1f3f0a92a65ea9673d0aa7bd9660 
 corporate/3.0/i586/libxine1-1-0.rc3.6.14.C30mdk.i586.rpm
 cef9a906baabe8c8e18bbe45762268fd 
 corporate/3.0/i586/libxine1-devel-1-0.rc3.6.14.C30mdk.i586.rpm
 5260c623ea029663a3166c8e350b6306 
 corporate/3.0/i586/xine-aa-1-0.rc3.6.14.C30mdk.i586.rpm
 aa8ed9640d1e42608f1cd531d4d00dd6 
 corporate/3.0/i586/xine-arts-1-0.rc3.6.14.C30mdk.i586.rpm
 1d311b51dc2ea55a1590ef409bfd9d9f 
 corporate/3.0/i586/xine-dxr3-1-0.rc3.6.14.C30mdk.i586.rpm
 d8602b10e1b5b0ea29959c981bf5866e 
 corporate/3.0/i586/xine-esd-1-0.rc3.6.14.C30mdk.i586.rpm
 ba65fc2fa69c85b848f7fe5728381003 
 corporate/3.0/i586/xine-flac-1-0.rc3.6.14.C30mdk.i586.rpm
 bbf13c446ebf132b6a474a9bf4a300cd 
 corporate/3.0/i586/xine-gnomevfs-1-0.rc3.6.14.C30mdk.i586.rpm
 18168e188258d645ba33103a743af3cb 
 corporate/3.0/i586/xine-plugins-1-0.rc3.6.14.C30mdk.i586.rpm 
 11ff55c81b52559ff1b08bab917d63db 
 corporate/3.0/SRPMS/xine-lib-1-0.rc3.6.14.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 fad4ae51ebdd06fe3b3f7848994bc7f0 
 corporate/3.0/x86_64/lib64xine1-1-0.rc3.6.14.C30mdk.x86_64.rpm
 0aeb5bb0a613d0fa13788c7f2c64c871 
 corporate/3.0/x86_64/lib64xine1-devel-1-0.rc3.6.14.C30mdk.x86_64.rpm
 755ab190b656fdbb9313189cce7f5a80 
 corporate/3.0/x86_64/xine-aa-1-0.rc3.6.14.C30mdk.x86_64.rpm
 ecf0b4ee0c12d1506432c297080bbb67 
 corporate/3.0/x86_64/xine-arts-1-0.rc3.6.14.C30mdk.x86_64.rpm
 8433359eaa5ec8987efe65e6ada96132 
 corporate/3.0/x86_64/xine-esd-1-0.rc3.6.14.C30mdk.x86_64.rpm
 bbb1ac4807f1e8a7960d8704c79c6134 
 corporate/3.0/x86_64/xine-flac-1-0.rc3.6.14.C30mdk.x86_64.rpm
 356f64f53ce7d552acc239cde30b60ea 
 corporate/3.0/x86_64/xine-gnomevfs-1-0.rc3.6.14.C30mdk.x86_64.rpm
 4661d21604ad2b6d2443e1ba357a9491 
 corporate/3.0/x86_64/xine-plugins-1-0.rc3.6.14.C30mdk.x86_64.rpm 
 11ff55c81b52559ff1b08bab917d63db 
 corporate/3.0/SRPMS/xine-lib-1-0.rc3.6.14.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFFdgJvmqjQ0CJFipgRAsGsAKC/hIBRO42PeuMhjv0q1Pe6S7SDigCg3Q90
6ILMjlqmpJ/U+9ga8dyvKZs=
=MYl3
-----END PGP SIGNATURE-----


------------=_1165393277-16192-4286
Content-Type: text/plain; name="message-footer.txt"
Content-Disposition: inline; filename="message-footer.txt"
Content-Transfer-Encoding: 8bit

To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva? 
Go to http://www.mandrivastore.com
Join the Club : http://www.mandrivaclub.com
_______________________________________________________

------------=_1165393277-16192-4286--
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung