Register a free account
ne nw
Crawlability Inc. Files for SEO Technology Patent
se sw

Go Back   Forum Index > Operating Systems > Linux
Reload this Page Mandriva- Advisories MDVSA-2008:046-1: Updated xine-lib package fixes arbitrary code execution vulnerability
The Software Store
Register Members List Social Groups Calendar Search Today's Posts Mark Forums Read FAQ

Linux All distros and thier applications

Reply
 
Thread Tools Display Modes
  #1  
Old 02-20-2008, 10:09 PM
Mandriva's Avatar
Mandriva Mandriva is offline
Senior Member
  
Join Date: Oct 2006
Posts: 720
Mandriva- Advisories MDVSA-2008:046-1: Updated xine-lib package fixes arbitrary code execution vulnerability
Advisories MDVSA-2008:046-1: Updated xine-lib package fixes arbitrary code execution vulnerability
An array index vulnerability found in the FLAC audio demuxer might
allow remote attackers to execute arbitrary code via a crafted FLAC
tag, which triggers a buffer overflow. Although originally an MPlayer
issue, it also affects xine-lib due to code similarity.

The updated packages have been patched to prevent this issue.

Update:

The previous update used a bad patch which made Amarok interface
very unresponsive while playing FLAC files. This new update fixes
the security issue with a better patch.
http://mandrivausers.org/index.php?showtopic=50454
http://mandrivausers.org/index.php?showtopic=50454
Thu, 21 Feb 2008 02:52:22 +0000
Reply With Quote
Sponsored Links

Reply

Bookmarks

« Previous Thread | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is On
Forum Jump


All times are GMT -5. The time now is 01:02 PM.

Contact Us - CyberAnswers - Archive - Privacy Statement - Top

234x60
Bulletin Board Custom Version by Mobo
Copyright © 2004-2007 Cyberanswers.org All rights reserved