drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Pufferüberläufe in xine-lib
Name: |
Pufferüberläufe in xine-lib
|
|
ID: |
MDKSA-2005:094 |
|
Distribution: |
Mandriva |
|
Plattformen: |
Mandriva 10.1, Mandriva Corporate 3.0, Mandriva 10.2 |
|
Datum: |
Do, 2. Juni 2005, 13:00 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1195
http://xinehq.de/index.php/security/XSA-2004-8 |
|
Applikationen: |
Xine |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Update Advisory _______________________________________________________________________
Package name: xine-lib Advisory ID: MDKSA-2005:094 Date: May 26th, 2005
Affected versions: 10.1, 10.2, Corporate 3.0 ______________________________________________________________________
Problem Description:
Two buffer overflow vulnerabilities were discovered in the MMS and Real RTSP stream handlers in the Xine libraries. If an attacker can trick a user to connect to a malicious MMS or RTSP video/audio stream source with any application using this library, they could crash the client and possibly even execute arbitrary code with the privileges of the user running the player program. The updated packages have been patched to correct these problems. _______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1195 http://xinehq.de/index.php/security/XSA-2004-8 ______________________________________________________________________
Updated Packages: Mandrakelinux 10.1: 550971e0c9533747e55b9c0615113318 10.1/RPMS/libxine1-1-0.rc5.9.2.101mdk.i586.rpm 94b15aaa55c4e1d0f64eaca7b92ea796 10.1/RPMS/libxine1-devel-1-0.rc5.9.2.101mdk.i586.rpm de1841e813240ced01c32d442a34b438 10.1/RPMS/xine-aa-1-0.rc5.9.2.101mdk.i586.rpm 11e3fb3498c3e48b59ecf8b9c5b91763 10.1/RPMS/xine-arts-1-0.rc5.9.2.101mdk.i586.rpm 511cc370bfb927bfd2a779b46f45eff1 10.1/RPMS/xine-dxr3-1-0.rc5.9.2.101mdk.i586.rpm 399dbca3192848a831b016d485ec3712 10.1/RPMS/xine-esd-1-0.rc5.9.2.101mdk.i586.rpm 5144e03cc71cae5a3000d2a16479656b 10.1/RPMS/xine-flac-1-0.rc5.9.2.101mdk.i586.rpm 87b7393df91d513a4f26983709f055bc 10.1/RPMS/xine-gnomevfs-1-0.rc5.9.2.101mdk.i586.rpm b8c494c6287c4386885c39f1d313cbb2 10.1/RPMS/xine-plugins-1-0.rc5.9.2.101mdk.i586.rpm a42d3f1faaf62a6305560085bd4f28ff 10.1/SRPMS/xine-lib-1-0.rc5.9.2.101mdk.src.rpm
Mandrakelinux 10.1/X86_64: 582cb1e8064eddeccc161c52cab94c81 x86_64/10.1/RPMS/lib64xine1-1-0.rc5.9.2.101mdk.x86_64.rpm cd0e88ba513858e3f42d744628489da3 x86_64/10.1/RPMS/lib64xine1-devel-1-0.rc5.9.2.101mdk.x86_64.rpm 835f21902bb1178c4759a0a606331561 x86_64/10.1/RPMS/xine-aa-1-0.rc5.9.2.101mdk.x86_64.rpm e0d6de701af47189b3f77e36b02ed039 x86_64/10.1/RPMS/xine-arts-1-0.rc5.9.2.101mdk.x86_64.rpm 52aa63a93484875ba4742ac5f79eefd8 x86_64/10.1/RPMS/xine-dxr3-1-0.rc5.9.2.101mdk.x86_64.rpm 98d6c89b038fe484578485d04bc00e31 x86_64/10.1/RPMS/xine-esd-1-0.rc5.9.2.101mdk.x86_64.rpm 4d732b3c0b110493b2525a7c8e5c3248 x86_64/10.1/RPMS/xine-flac-1-0.rc5.9.2.101mdk.x86_64.rpm 7701b26552a780e7d6ebecfcd3fea3f5 x86_64/10.1/RPMS/xine-gnomevfs-1-0.rc5.9.2.101mdk.x86_64.rpm ca981d9b388e4c8cf94510a8efb87acd x86_64/10.1/RPMS/xine-plugins-1-0.rc5.9.2.101mdk.x86_64.rpm a42d3f1faaf62a6305560085bd4f28ff x86_64/10.1/SRPMS/xine-lib-1-0.rc5.9.2.101mdk.src.rpm
Mandrakelinux 10.2: 430c8823bb13725c84054f53c225db85 10.2/RPMS/libxine1-1.0-8.1.102mdk.i586.rpm b1381fe50275119d25a28dac339f7272 10.2/RPMS/libxine1-devel-1.0-8.1.102mdk.i586.rpm 5b58c4c78584519bf0b19fc9661aada7 10.2/RPMS/xine-aa-1.0-8.1.102mdk.i586.rpm de7f073c74dfd0fb3d628d3964631e4e 10.2/RPMS/xine-arts-1.0-8.1.102mdk.i586.rpm ff972b033b522c32e25193428677a2d2 10.2/RPMS/xine-dxr3-1.0-8.1.102mdk.i586.rpm 17d12fb16e3f58beb0c69ade3034712d 10.2/RPMS/xine-esd-1.0-8.1.102mdk.i586.rpm 0aaae60a3bc0037e3268f8b78cd2bb5e 10.2/RPMS/xine-flac-1.0-8.1.102mdk.i586.rpm 90b8ad60771a03730e228ee44ae24578 10.2/RPMS/xine-gnomevfs-1.0-8.1.102mdk.i586.rpm 740d9b80e2b79ded5700d9cdaec347a4 10.2/RPMS/xine-plugins-1.0-8.1.102mdk.i586.rpm 18023362e073c89066f60cbd81426b09 10.2/RPMS/xine-polyp-1.0-8.1.102mdk.i586.rpm 61ffb443bb979976ec77b82ffd4fe842 10.2/RPMS/xine-smb-1.0-8.1.102mdk.i586.rpm a5eea7f704a81f23517ae7a719bc0fe6 10.2/SRPMS/xine-lib-1.0-8.1.102mdk.src.rpm
Mandrakelinux 10.2/X86_64: 3a53fc0bb164f341f9c48f10439bb914 x86_64/10.2/RPMS/lib64xine1-1.0-8.1.102mdk.x86_64.rpm f644048646b981c918231edba554c425 x86_64/10.2/RPMS/lib64xine1-devel-1.0-8.1.102mdk.x86_64.rpm 9c015a898a61d8e62d667b595708c4c5 x86_64/10.2/RPMS/xine-aa-1.0-8.1.102mdk.x86_64.rpm 327101ebfd1c13965040cb137a5adca5 x86_64/10.2/RPMS/xine-arts-1.0-8.1.102mdk.x86_64.rpm 2256180be6b611f77b31b157db13dc0a x86_64/10.2/RPMS/xine-dxr3-1.0-8.1.102mdk.x86_64.rpm 9b51c2821a74b4033c5ef5e01459054d x86_64/10.2/RPMS/xine-esd-1.0-8.1.102mdk.x86_64.rpm 96be9cbb1ca7cab59be7cd6423a1d983 x86_64/10.2/RPMS/xine-flac-1.0-8.1.102mdk.x86_64.rpm a9fb22f91a888a3f11a1ae0072d27b39 x86_64/10.2/RPMS/xine-gnomevfs-1.0-8.1.102mdk.x86_64.rpm 14211f1b9e951174b2b5e7f9fdac4cc8 x86_64/10.2/RPMS/xine-plugins-1.0-8.1.102mdk.x86_64.rpm ca4006966fca3ce833c726cbe8507644 x86_64/10.2/RPMS/xine-polyp-1.0-8.1.102mdk.x86_64.rpm 69b8fea875be5d2c85e0dd20659c533c x86_64/10.2/RPMS/xine-smb-1.0-8.1.102mdk.x86_64.rpm a5eea7f704a81f23517ae7a719bc0fe6 x86_64/10.2/SRPMS/xine-lib-1.0-8.1.102mdk.src.rpm
Corporate 3.0: 69f5d7c07314875c6a01418d5c2b69db corporate/3.0/RPMS/libxine1-1-0.rc3.6.4.C30mdk.i586.rpm bca6392f86326b3fc1eabc56d937313b corporate/3.0/RPMS/xine-arts-1-0.rc3.6.4.C30mdk.i586.rpm 2915ce6db2655d7e352bd01568b211c7 corporate/3.0/RPMS/xine-plugins-1-0.rc3.6.4.C30mdk.i586.rpm 7074a85157522b6dcb445cd2c8ce2776 corporate/3.0/SRPMS/xine-lib-1-0.rc3.6.4.C30mdk.src.rpm
Corporate 3.0/X86_64: e5d09fd1ddfb8402f2421b0e0c497d7b x86_64/corporate/3.0/RPMS/lib64xine1-1-0.rc3.6.4.C30mdk.x86_64.rpm 96533a024652ac48d8889a112dd44d21 x86_64/corporate/3.0/RPMS/xine-arts-1-0.rc3.6.4.C30mdk.x86_64.rpm 2b0e14bf23b4d796db5e891fd4deeb0c x86_64/corporate/3.0/RPMS/xine-plugins-1-0.rc3.6.4.C30mdk.x86_64.rpm 7074a85157522b6dcb445cd2c8ce2776 x86_64/corporate/3.0/SRPMS/xine-lib-1-0.rc3.6.4.C30mdk.src.rpm _______________________________________________________________________
To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com _______________________________________________________________________
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com>
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFCnjg3mqjQ0CJFipgRAhfeAJ9E5nnKdmvhGAN11fLprknyCVl22wCeN7xC B8E4i95XoPO2GVFSFAFP+bw= =ua7N -----END PGP SIGNATURE-----
To unsubscribe, send a email to sympa@mandrivalinux.org with this subject : unsubscribe security-announce _______________________________________________________ Want to buy your Pack or Services from Mandriva? Go to http://www.mandrivastore.com Join the Club : http://www.mandrivaclub.com _______________________________________________________
|
|
|
|