Slackware 10.1 Security Advisory: gxine Format String Threat Mitigated
slackware
July 22, 2005
New gxine packages are available for Slackware 10.0, 10.1, and -current to fix a format string security issue
Summary
Here are the details from the Slackware 10.1 ChangeLog: patches/packages/gxine-0.4.6-i486-1.tgz: Upgraded to gxine-0.4.6. This fixes a format string vulnerability that allows remote attackers to execute arbitrary code via a ram file with a URL whose hostname contains format string specifiers. For more information, see: https://www.cve.org/CVERecord?id=CAN-2005-1692 (* Security fix *)
Topics Covered
Where Find New Packages
Updated package for Slackware 10.0:
ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/gxine-0.4.6-i486-1.tgz
Updated package for Slackware 10.1:
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/gxine-0.4.6-i486-1.tgz
Updated package for Slackware -current:
MD5 Signatures
Slackware 10.0 package:
ed2069ed7293de0dda94fe9f28d3879c gxine-0.4.6-i486-1.tgz
Slackware 10.1 package:
8dd46180f7f34afbc54c6db12ef7b932 gxine-0.4.6-i486-1.tgz
Slackware -current package:
c1b5f88ee48cfe6ad4d08178765c5f4a gxine-0.4.6-i486-1.tgz
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Installation Instructions
Installation instructions: Upgrade the package as root: # upgradepkg gxine-0.4.6-i486-1.tgz
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!