Linux Security
    Linux Security
    Linux Security

    Debian: New xine-lib packages fix denial of service

    Date 06 Jul 2006
    5078
    Posted By LinuxSecurity Advisories
    Federico L. Bossi Bonin discovered a buffer overflow in the HTTP Plugin in xine-lib, the xine video/media player library, taht could allow a remote attacker to cause a denial of service.
    - --------------------------------------------------------------------------
    Debian Security Advisory DSA 1105-1                    This email address is being protected from spambots. You need JavaScript enabled to view it.
    https://www.debian.org/security/                             Martin Schulze
    July 7th, 2006                          https://www.debian.org/security/faq
    - --------------------------------------------------------------------------
    
    Package        : xine-lib
    Vulnerability  : buffer overflow
    Problem type   : remote
    Debian-specific: no
    CVE ID         : CVE-2006-2802
    BugTraq ID     : 18187
    Debian Bug     : 369876
    
    Federico L. Bossi Bonin discovered a buffer overflow in the HTTP
    Plugin in xine-lib, the xine video/media player library, taht could
    allow a remote attacker to cause a denial of service.
    
    For the old stable distribution (woody) this problem has been fixed in
    version 0.9.8-2woody5.
    
    For the stable distribution (sarge) this problem has been fixed in
    version 1.0.1-1sarge3.
    
    For the unstable distribution (sid) this problem has been fixed in
    version 1.1.1-2.
    
    We recommend that you upgrade your libxine packages.
    
    
    Upgrade Instructions
    - --------------------
    
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    
    If you are using the apt-get package manager, use the line for
    sources.list as given at the end of this advisory:
    
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    
    
    Debian GNU/Linux 3.0 alias woody
    - --------------------------------
    
      Source archives:
    
        https://security.debian.org/pool/updates/main/x/xine-lib/xine-lib_0.9.8-2woody5.dsc
          Size/MD5 checksum:      761 113ef134a39e2f37bc6395dc2e43b538
        https://security.debian.org/pool/updates/main/x/xine-lib/xine-lib_0.9.8-2woody5.diff.gz
          Size/MD5 checksum:     2339 194c32b8c93f5e85c873454412f63552
        https://security.debian.org/pool/updates/main/x/xine-lib/xine-lib_0.9.8.orig.tar.gz
          Size/MD5 checksum:  1766178 d8fc9b30e15b50af8ab7552bbda7aeda
    
      Alpha architecture:
    
        https://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody5_alpha.deb
          Size/MD5 checksum:   261022 3314df47933eadc0af5b5cf4a36afdfe
        https://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody5_alpha.deb
          Size/MD5 checksum:   816024 897664eee06d09f43375f5320be1f17b
    
      ARM architecture:
    
        https://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody5_arm.deb
          Size/MD5 checksum:   302960 9dee75c3d13aabb5e83978e0d75ec4ce
        https://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody5_arm.deb
          Size/MD5 checksum:   671494 dafc6c14181802dd56c887583bbf5140
    
      Intel IA-32 architecture:
    
        https://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody5_i386.deb
          Size/MD5 checksum:   260788 3a98e4d713d1c341fe69a717c8de0072
        https://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody5_i386.deb
          Size/MD5 checksum:   807996 1dd6e453aa93c420a145dd5397ee99bd
    
      Intel IA-64 architecture:
    
        https://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody5_ia64.deb
          Size/MD5 checksum:   260864 46ae5bb7b3256421dd7291e7c8898369
        https://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody5_ia64.deb
          Size/MD5 checksum:   953654 887b267a44c50e00f8bf9e2190852ca8
    
      HP Precision architecture:
    
        https://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody5_hppa.deb
          Size/MD5 checksum:   260968 aa1ee745d7c5c6b9a8271c64f0a587a0
        https://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody5_hppa.deb
          Size/MD5 checksum:   846792 60ed39365a0c67db2d4fba67d2ba1583
    
      Motorola 680x0 architecture:
    
        https://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody5_m68k.deb
          Size/MD5 checksum:   292718 2a87b508bcc610a01abf8c9c3773d40d
        https://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody5_m68k.deb
          Size/MD5 checksum:   617706 67075fef400071473fa948e5dd89b8fc
    
      Big endian MIPS architecture:
    
        https://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody5_mips.deb
          Size/MD5 checksum:   299478 5b0c49b3745472f71725dd052b60d712
        https://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody5_mips.deb
          Size/MD5 checksum:   653086 0044bef2d6ebeb01385d1a20a716046a
    
      Little endian MIPS architecture:
    
        https://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody5_mipsel.deb
          Size/MD5 checksum:   299568 79851707d297d94d74b613d5abaa6b3a
        https://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody5_mipsel.deb
          Size/MD5 checksum:   655030 0868f2d006c6b5282c8880a8460fed77
    
      PowerPC architecture:
    
        https://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody5_powerpc.deb
          Size/MD5 checksum:   261278 fc16e5e2889afdd2c73491714575d53f
        https://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody5_powerpc.deb
          Size/MD5 checksum:   742454 6c2be22417b910c45c0bb113a4f7707b
    
      IBM S/390 architecture:
    
        https://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody5_s390.deb
          Size/MD5 checksum:   302404 9d54d7d12b431358f99fe688e2999cb5
        https://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody5_s390.deb
          Size/MD5 checksum:   662920 5da8cbae8d02f579e8150dde1b07c4f8
    
      Sun Sparc architecture:
    
        https://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody5_sparc.deb
          Size/MD5 checksum:   261104 30717fe03e13e5dfbd5adbf4dafd93eb
        https://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody5_sparc.deb
          Size/MD5 checksum:   803816 fe08139ea1b35f3e7d5b7bcb8de20dd3
    
    
    Debian GNU/Linux 3.1 alias sarge
    - --------------------------------
    
      Source archives:
    
        https://security.debian.org/pool/updates/main/x/xine-lib/xine-lib_1.0.1-1sarge3.dsc
          Size/MD5 checksum:     1062 998afa8ddece7f06aac69cb8787b8bea
        https://security.debian.org/pool/updates/main/x/xine-lib/xine-lib_1.0.1-1sarge3.diff.gz
          Size/MD5 checksum:     3230 6b65bdac09c698d6dcfc9c01f417714b
        https://security.debian.org/pool/updates/main/x/xine-lib/xine-lib_1.0.1.orig.tar.gz
          Size/MD5 checksum:  7774954 9be804b337c6c3a2e202c5a7237cb0f8
    
      Alpha architecture:
    
        https://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge3_alpha.deb
          Size/MD5 checksum:   107646 53ba83cd587bed30cdbd5dd96a241e43
        https://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge3_alpha.deb
          Size/MD5 checksum:  4829370 83e8d3ed71f20b06d4edcd1a97247903
    
      AMD64 architecture:
    
        https://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge3_amd64.deb
          Size/MD5 checksum:   107640 9be42e567a232db85ade634a8875cea1
        https://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge3_amd64.deb
          Size/MD5 checksum:  3933392 03aaaf4b88fd5cc99ab7048e386a81eb
    
      ARM architecture:
    
        https://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge3_arm.deb
          Size/MD5 checksum:   107698 857f520bcc947238b6a1732239508e29
        https://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge3_arm.deb
          Size/MD5 checksum:  3878442 e505d7fd20cff3d6965e0e55640e5da0
    
      Intel IA-32 architecture:
    
        https://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge3_i386.deb
          Size/MD5 checksum:   107702 56fb77a0b6f0d01b3eb7cff160b7fc2e
        https://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge3_i386.deb
          Size/MD5 checksum:  4204886 3fb1c5b93a8bd2857f8da12f95a0c144
    
      Intel IA-64 architecture:
    
        https://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge3_ia64.deb
          Size/MD5 checksum:   107648 e5540cc5bbe66e9565fc412d7d37a23d
        https://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge3_ia64.deb
          Size/MD5 checksum:  5620728 800474cd0356d391f8ac843104de8057
    
      HP Precision architecture:
    
        https://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge3_hppa.deb
          Size/MD5 checksum:   107676 8f22e952357456fe6f92217a6305a54b
        https://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge3_hppa.deb
          Size/MD5 checksum:  3600400 aff888a7efd1cc00072cc3bdd1c88a70
    
      Motorola 680x0 architecture:
    
        https://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge3_m68k.deb
          Size/MD5 checksum:   107720 97d1027b157b256611e234ce20c76337
        https://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge3_m68k.deb
          Size/MD5 checksum:  3175260 ee6cef5deb75f0396b13013602f30b90
    
      Big endian MIPS architecture:
    
        https://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge3_mips.deb
          Size/MD5 checksum:   107654 639d0ee2c65047864b5c726dfba30fcf
        https://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge3_mips.deb
          Size/MD5 checksum:  4066606 b7beb0cb4615f6ca98b4fbff3be16c06
    
      Little endian MIPS architecture:
    
        https://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge3_mipsel.deb
          Size/MD5 checksum:   107678 ba9bb94702fcf451db6dde218e23bc21
        https://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge3_mipsel.deb
          Size/MD5 checksum:  4125476 fc4b6816829beff3ba2fbd175e7e1384
    
      PowerPC architecture:
    
        https://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge3_powerpc.deb
          Size/MD5 checksum:   107686 0ce2a02a85fd72b5bb24213fc025f864
        https://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge3_powerpc.deb
          Size/MD5 checksum:  4305544 68c2be929520c8a45439d36ef8d0a2ca
    
      IBM S/390 architecture:
    
        https://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge3_s390.deb
          Size/MD5 checksum:   107652 63c9659dc1e004412faf09d9feafee08
        https://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge3_s390.deb
          Size/MD5 checksum:  3880838 b747276fe66ef57341430e10adc32fee
    
      Sun Sparc architecture:
    
        https://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge3_sparc.deb
          Size/MD5 checksum:   107666 045189d3cd49c72f4e4bf26ea391fec1
        https://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge3_sparc.deb
          Size/MD5 checksum:  4360438 15333a715e57287c63f2f2f36b40ec80
    
    
      These files will probably be moved into the stable distribution on
      its next update.
    
    - ---------------------------------------------------------------------------------
    For apt-get: deb https://security.debian.org/ stable/updates main
    For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    

    LinuxSecurity Poll

    I agree with Linus Torvalds - Apple's new M1-powered laptops should run on Linux.

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    /main-polls/45-i-agree-with-linus-torvalds-apple-s-new-m1-powered-laptops-should-run-on-linux?task=poll.vote&format=json
    45
    radio
    [{"id":"158","title":"True","votes":"18","type":"x","order":"1","pct":3.5,"resources":[]},{"id":"159","title":"False","votes":"496","type":"x","order":"2","pct":96.5,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

    Please vote first in order to view vote results.


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.