Accepted xine-lib 1.1.2+dfsg-6 (source amd64)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Thu, 13 Mar 2008 14:19:59 +0000
Source: xine-lib
Binary: libxine1-dbg libxine-dev libxine1
Architecture: source amd64
Version: 1.1.2+dfsg-6
Distribution: stable-security
Urgency: low
Maintainer: Siggi Langauf <siggi@debian.org>
Changed-By: Darren Salt <linux@youmustbejoking.demon.co.uk>
Description:
libxine-dev - the xine video player library, development packages
libxine1 - the xine video/media player library, binary files
libxine1-dbg - the xine video/media player library, debug data
Closes: 464696
Changes:
xine-lib (1.1.2+dfsg-6) stable-security; urgency=low
.
* Security bug fixes:
- CVE-2008-0486: Array index vulnerability which may allow remote
attackers to execute arbitrary code via a crafted FLAC tag, which
triggers a buffer overflow. (Closes: #464696)
- CVE-2008-1161: Buffer overflow which may allow remote attackers to
crash the program and/or execute arbitrary code via a crafted Matroska
file.
- CVE-2008-0073: Array indexing vulnerability in Real SDP parsing.
- Not applicable:
+ CVE-2008-1110: significantly different code.
* Backport an SDP parser check for stream identifier before stream count.
* Belatedly add myself to Uploaders.
Files:
318b9a5c7e265ceecd379c1bf78cc59d 1877 libs optional xine-lib_1.1.2+dfsg-6.dsc
41569cc160815132939b2700db086b97 23720 libs optional xine-lib_1.1.2+dfsg-6.diff.gz
ba9ab3b1f580ee330b4648a6e19189bc 117242 libdevel optional libxine-dev_1.1.2+dfsg-6_amd64.deb
7f2b4fc1c76ff16a0b2ec9c568c56dd0 3048320 libs optional libxine1_1.1.2+dfsg-6_amd64.deb
c4d7e60c377627b0ab13e9d6a3a104c7 3659052 libs extra libxine1-dbg_1.1.2+dfsg-6_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iQEVAwUBR+TRGb97/wQC1SS+AQL1Jgf/fwF6TMDZ4g+SUZI0ZfcIAcW6PWj6wNOZ
I5EOAYmQqlLAK8MeggDJPfvisqiHeUogaQ833Drt6m3Wfd1uhgTfej/xlyfrMhjA
7t9w2uLzwvFcJWcbDKxuW+nQirg7vtj8kHw0pGro9/HDZyqrFb3O31ZTNopee6k7
dk7FMEVqB4Dx3YzvQ6TDVzm4KLU3+3auaJQMVf5YAZ14uQw6kAAYRzZE7gCYvjrZ
RQfo0cr25N77wBJb4yk994CLTrmWnCvWpA/qreyfMEbugb8u+ECFIFYjYT7nCEDZ
3btklyrHCfFv9OJRCMWBDDT4CmUBcVKJgejks469DVXwZ9A3xwj1Yw==
=j89o
-----END PGP SIGNATURE-----
Accepted:
libxine-dev_1.1.2+dfsg-6_amd64.deb
to pool/main/x/xine-lib/libxine-dev_1.1.2+dfsg-6_amd64.deb
libxine1-dbg_1.1.2+dfsg-6_amd64.deb
to pool/main/x/xine-lib/libxine1-dbg_1.1.2+dfsg-6_amd64.deb
libxine1_1.1.2+dfsg-6_amd64.deb
to pool/main/x/xine-lib/libxine1_1.1.2+dfsg-6_amd64.deb
xine-lib_1.1.2+dfsg-6.diff.gz
to pool/main/x/xine-lib/xine-lib_1.1.2+dfsg-6.diff.gz
xine-lib_1.1.2+dfsg-6.dsc
to pool/main/x/xine-lib/xine-lib_1.1.2+dfsg-6.dsc
Reply to: