drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Pufferüberläufe in xine-lib
| Name: |
Pufferüberläufe in xine-lib
|
|
| ID: |
MDKSA-2005:094 |
|
| Distribution: |
Mandriva |
|
| Plattformen: |
Mandriva 10.1, Mandriva Corporate 3.0, Mandriva 10.2 |
|
| Datum: |
Do, 2. Juni 2005, 13:00 |
|
| Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1195
http://xinehq.de/index.php/security/XSA-2004-8 |
|
| Applikationen: |
Xine |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Update Advisory
_______________________________________________________________________
Package name: xine-lib
Advisory ID: MDKSA-2005:094
Date: May 26th, 2005
Affected versions: 10.1, 10.2, Corporate 3.0
______________________________________________________________________
Problem Description:
Two buffer overflow vulnerabilities were discovered in the MMS and
Real RTSP stream handlers in the Xine libraries. If an attacker can
trick a user to connect to a malicious MMS or RTSP video/audio stream
source with any application using this library, they could crash the
client and possibly even execute arbitrary code with the privileges of
the user running the player program.
The updated packages have been patched to correct these problems.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1195
http://xinehq.de/index.php/security/XSA-2004-8
______________________________________________________________________
Updated Packages:
Mandrakelinux 10.1:
550971e0c9533747e55b9c0615113318
10.1/RPMS/libxine1-1-0.rc5.9.2.101mdk.i586.rpm
94b15aaa55c4e1d0f64eaca7b92ea796
10.1/RPMS/libxine1-devel-1-0.rc5.9.2.101mdk.i586.rpm
de1841e813240ced01c32d442a34b438
10.1/RPMS/xine-aa-1-0.rc5.9.2.101mdk.i586.rpm
11e3fb3498c3e48b59ecf8b9c5b91763
10.1/RPMS/xine-arts-1-0.rc5.9.2.101mdk.i586.rpm
511cc370bfb927bfd2a779b46f45eff1
10.1/RPMS/xine-dxr3-1-0.rc5.9.2.101mdk.i586.rpm
399dbca3192848a831b016d485ec3712
10.1/RPMS/xine-esd-1-0.rc5.9.2.101mdk.i586.rpm
5144e03cc71cae5a3000d2a16479656b
10.1/RPMS/xine-flac-1-0.rc5.9.2.101mdk.i586.rpm
87b7393df91d513a4f26983709f055bc
10.1/RPMS/xine-gnomevfs-1-0.rc5.9.2.101mdk.i586.rpm
b8c494c6287c4386885c39f1d313cbb2
10.1/RPMS/xine-plugins-1-0.rc5.9.2.101mdk.i586.rpm
a42d3f1faaf62a6305560085bd4f28ff
10.1/SRPMS/xine-lib-1-0.rc5.9.2.101mdk.src.rpm
Mandrakelinux 10.1/X86_64:
582cb1e8064eddeccc161c52cab94c81
x86_64/10.1/RPMS/lib64xine1-1-0.rc5.9.2.101mdk.x86_64.rpm
cd0e88ba513858e3f42d744628489da3
x86_64/10.1/RPMS/lib64xine1-devel-1-0.rc5.9.2.101mdk.x86_64.rpm
835f21902bb1178c4759a0a606331561
x86_64/10.1/RPMS/xine-aa-1-0.rc5.9.2.101mdk.x86_64.rpm
e0d6de701af47189b3f77e36b02ed039
x86_64/10.1/RPMS/xine-arts-1-0.rc5.9.2.101mdk.x86_64.rpm
52aa63a93484875ba4742ac5f79eefd8
x86_64/10.1/RPMS/xine-dxr3-1-0.rc5.9.2.101mdk.x86_64.rpm
98d6c89b038fe484578485d04bc00e31
x86_64/10.1/RPMS/xine-esd-1-0.rc5.9.2.101mdk.x86_64.rpm
4d732b3c0b110493b2525a7c8e5c3248
x86_64/10.1/RPMS/xine-flac-1-0.rc5.9.2.101mdk.x86_64.rpm
7701b26552a780e7d6ebecfcd3fea3f5
x86_64/10.1/RPMS/xine-gnomevfs-1-0.rc5.9.2.101mdk.x86_64.rpm
ca981d9b388e4c8cf94510a8efb87acd
x86_64/10.1/RPMS/xine-plugins-1-0.rc5.9.2.101mdk.x86_64.rpm
a42d3f1faaf62a6305560085bd4f28ff
x86_64/10.1/SRPMS/xine-lib-1-0.rc5.9.2.101mdk.src.rpm
Mandrakelinux 10.2:
430c8823bb13725c84054f53c225db85 10.2/RPMS/libxine1-1.0-8.1.102mdk.i586.rpm
b1381fe50275119d25a28dac339f7272
10.2/RPMS/libxine1-devel-1.0-8.1.102mdk.i586.rpm
5b58c4c78584519bf0b19fc9661aada7 10.2/RPMS/xine-aa-1.0-8.1.102mdk.i586.rpm
de7f073c74dfd0fb3d628d3964631e4e 10.2/RPMS/xine-arts-1.0-8.1.102mdk.i586.rpm
ff972b033b522c32e25193428677a2d2 10.2/RPMS/xine-dxr3-1.0-8.1.102mdk.i586.rpm
17d12fb16e3f58beb0c69ade3034712d 10.2/RPMS/xine-esd-1.0-8.1.102mdk.i586.rpm
0aaae60a3bc0037e3268f8b78cd2bb5e 10.2/RPMS/xine-flac-1.0-8.1.102mdk.i586.rpm
90b8ad60771a03730e228ee44ae24578
10.2/RPMS/xine-gnomevfs-1.0-8.1.102mdk.i586.rpm
740d9b80e2b79ded5700d9cdaec347a4
10.2/RPMS/xine-plugins-1.0-8.1.102mdk.i586.rpm
18023362e073c89066f60cbd81426b09 10.2/RPMS/xine-polyp-1.0-8.1.102mdk.i586.rpm
61ffb443bb979976ec77b82ffd4fe842 10.2/RPMS/xine-smb-1.0-8.1.102mdk.i586.rpm
a5eea7f704a81f23517ae7a719bc0fe6 10.2/SRPMS/xine-lib-1.0-8.1.102mdk.src.rpm
Mandrakelinux 10.2/X86_64:
3a53fc0bb164f341f9c48f10439bb914
x86_64/10.2/RPMS/lib64xine1-1.0-8.1.102mdk.x86_64.rpm
f644048646b981c918231edba554c425
x86_64/10.2/RPMS/lib64xine1-devel-1.0-8.1.102mdk.x86_64.rpm
9c015a898a61d8e62d667b595708c4c5
x86_64/10.2/RPMS/xine-aa-1.0-8.1.102mdk.x86_64.rpm
327101ebfd1c13965040cb137a5adca5
x86_64/10.2/RPMS/xine-arts-1.0-8.1.102mdk.x86_64.rpm
2256180be6b611f77b31b157db13dc0a
x86_64/10.2/RPMS/xine-dxr3-1.0-8.1.102mdk.x86_64.rpm
9b51c2821a74b4033c5ef5e01459054d
x86_64/10.2/RPMS/xine-esd-1.0-8.1.102mdk.x86_64.rpm
96be9cbb1ca7cab59be7cd6423a1d983
x86_64/10.2/RPMS/xine-flac-1.0-8.1.102mdk.x86_64.rpm
a9fb22f91a888a3f11a1ae0072d27b39
x86_64/10.2/RPMS/xine-gnomevfs-1.0-8.1.102mdk.x86_64.rpm
14211f1b9e951174b2b5e7f9fdac4cc8
x86_64/10.2/RPMS/xine-plugins-1.0-8.1.102mdk.x86_64.rpm
ca4006966fca3ce833c726cbe8507644
x86_64/10.2/RPMS/xine-polyp-1.0-8.1.102mdk.x86_64.rpm
69b8fea875be5d2c85e0dd20659c533c
x86_64/10.2/RPMS/xine-smb-1.0-8.1.102mdk.x86_64.rpm
a5eea7f704a81f23517ae7a719bc0fe6
x86_64/10.2/SRPMS/xine-lib-1.0-8.1.102mdk.src.rpm
Corporate 3.0:
69f5d7c07314875c6a01418d5c2b69db
corporate/3.0/RPMS/libxine1-1-0.rc3.6.4.C30mdk.i586.rpm
bca6392f86326b3fc1eabc56d937313b
corporate/3.0/RPMS/xine-arts-1-0.rc3.6.4.C30mdk.i586.rpm
2915ce6db2655d7e352bd01568b211c7
corporate/3.0/RPMS/xine-plugins-1-0.rc3.6.4.C30mdk.i586.rpm
7074a85157522b6dcb445cd2c8ce2776
corporate/3.0/SRPMS/xine-lib-1-0.rc3.6.4.C30mdk.src.rpm
Corporate 3.0/X86_64:
e5d09fd1ddfb8402f2421b0e0c497d7b
x86_64/corporate/3.0/RPMS/lib64xine1-1-0.rc3.6.4.C30mdk.x86_64.rpm
96533a024652ac48d8889a112dd44d21
x86_64/corporate/3.0/RPMS/xine-arts-1-0.rc3.6.4.C30mdk.x86_64.rpm
2b0e14bf23b4d796db5e891fd4deeb0c
x86_64/corporate/3.0/RPMS/xine-plugins-1-0.rc3.6.4.C30mdk.x86_64.rpm
7074a85157522b6dcb445cd2c8ce2776
x86_64/corporate/3.0/SRPMS/xine-lib-1-0.rc3.6.4.C30mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFCnjg3mqjQ0CJFipgRAhfeAJ9E5nnKdmvhGAN11fLprknyCVl22wCeN7xC
B8E4i95XoPO2GVFSFAFP+bw=
=ua7N
-----END PGP SIGNATURE-----
To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva?
Go to http://www.mandrivastore.com
Join the Club : http://www.mandrivaclub.com
_______________________________________________________
|
|
|
|
