Re: Unable to play mp3 files after yesterday's dist-upgrade on Lenny

To: debian-user@lists.debian.org
Subject: Re: Unable to play mp3 files after yesterday's dist-upgrade on Lenny
From: Florian Kulzer <florian.kulzer+debian@icfo.es>
Date: Wed, 23 Jan 2008 20:54:10 +0100
Message-id: <[🔎] 20080123195410.GA24321@pc0197>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 78c462ad0801231002g3a90f163xd209e7a73ba251b2@mail.gmail.com>
References: <[🔎] 78c462ad0801211054v5ea65158we835b86fe69aae3d@mail.gmail.com> <[🔎] 20080122181903.GA13019@pc0197> <[🔎] 78c462ad0801231002g3a90f163xd209e7a73ba251b2@mail.gmail.com>

[ Please stop top-posting. It is very difficult for other people to
  follow the discussion if they have to scroll past your answers to find
  the questions and the context. ]

On Wed, Jan 23, 2008 at 23:32:19 +0530, Amogh Hooshdar wrote:
> This is the output of list plugins.
> 
> $ xine --list-plugins=demux
> This is xine (X11 gui) - a free video player v0.99.6cvs.
> (c) 2000-2007 The xine Team.
> 
>  Available xine's plugins:
>    -Demuxer:
>      anx, image, iff, yuv4mpeg2, mpeg_pes, mpeg_block, wve, idcin, ipmovie,
>      vqa, wc3movie, roq, str, film, smjpeg, fourxm, vmd, matroska, flashvideo,
>      nsv, ogg, avi, fli, pva, quicktime, aud, aiff, flac, nsf, realaudio, snd,
>      tta, voc, vox, mod, mng, real, asf, mpeg-ts, slave, mpeg, rawdv, sputext,
>      elem, yuv_frames, wavpack.

Seems like it really does not know how to demux mp3s anymore. (Version 
1.1.9-1 in Sid lists "mp3"explicitly when I run the same command.)

> Also, an upgrade was involved regarding libxine. Here are the lines:-
> 
> [UPGRADE] libxine1 1.1.8-3 -> 1.1.8-3+lenny1
> [UPGRADE] libxine1-console 1.1.8-3 -> 1.1.8-3+lenny1
> [UPGRADE] libxine1-doc 1.1.8-3 -> 1.1.8-3+lenny1
> [UPGRADE] libxine1-ffmpeg 1.1.8-3 -> 1.1.8-3+lenny1
> [UPGRADE] libxine1-gnome 1.1.8-3 -> 1.1.8-3+lenny1
> [UPGRADE] libxine1-misc-plugins 1.1.8-3 -> 1.1.8-3+lenny1
> [UPGRADE] libxine1-plugins 1.1.8-3 -> 1.1.8-3+lenny1
> [UPGRADE] libxine1-x 1.1.8-3 -> 1.1.8-3+lenny1

That is a security-related upgrade; see bug #460551. 

> Nothing about libmad0 in the log file.

I checked again and it turns out that I probably was wrong earlier: It
seems that mp3s in Lenny are handled directly by xineplug_dmx_audio.so
from package libxine1-misc-plugins. 

> So, what should I do now to fix this issue? Why do I have to
> downgrade? Wouldn't this problem be fixed in Lenny at all? Please
> suggest the best possible path from here.

It is maybe not advisable to downgrade to the vulnerable versions of the
libxine1-* packages. (When I wrote my previous mail I had not realized
yet that this is a security upgrade.) Unfortunately I do not know if
disabling mp3s was an integral part of fixing the security hole or just
a mistake that could have been avoided. The upgraded package was not
produced by the regular libxine1 maintainer.

If you don't care about the security implications then you can either
downgrade to the old version or upgrade to 1.1.9-1 from unstable, which
seems to be equally vulnerable to the exploit. If you want to be safe
then you probably have to wait for version 1.1.9-2 to become available
in unstable and trickle down to testing.

-- 
Regards,            | http://users.icfo.es/Florian.Kulzer
          Florian   |

Reply to:

References:
- Unable to play mp3 files after yesterday's dist-upgrade on Lenny
  - From: "Amogh Hooshdar" <amoghhooshdar@gmail.com>
- Re: Unable to play mp3 files after yesterday's dist-upgrade on Lenny
  - From: Florian Kulzer <florian.kulzer+debian@icfo.es>
- Re: Unable to play mp3 files after yesterday's dist-upgrade on Lenny
  - From: "Amogh Hooshdar" <amoghhooshdar@gmail.com>

Prev by Date: Re: /var/archive
Next by Date: RE: Where do you put your swap partition?
Previous by thread: Re: Unable to play mp3 files after yesterday's dist-upgrade on Lenny
Next by thread: wodim writes DVD
Index(es):
- Date
- Thread