Slackware 11.0 SSA:2007-109-02 Critical: Xine-Lib Buffer Overflow

slackware

April 20, 2007

New xine-lib packages are available for Slackware 10.0, 10.1, 10.2, 11.0, and -current to fix security issues

Summary

Here are the details from the Slackware 11.0 ChangeLog: Upgraded to xine-lib-1.1.6. This fixes overflows in xine-lib in some little-used media formats in xine-lib < 1.1.5 and other bugs in xine-lib < 1.1.6. The overflows in xine-lib < 1.1.5 could definitely cause an application using xine-lib to crash, and it is theorized that a malicious media file could be made to run arbitrary code in the context of the user running the application. For more information, see: https://www.cve.org/CVERecord?id=CVE-2007-1246 (* Security fix *)

Topics Covered

security advisory buffer overflow critical threat slackware xine-lib

Where Find New Packages

HINT: Getting slow download speeds from ftp.slackware.com? Give slackware.osuosl.org a try. This is another primary FTP site for Slackware that can be considerably faster than downloading from ftp.slackware.com.
Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating additional FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated package for Slackware 10.0:
Updated package for Slackware 10.1:
Updated package for Slackware 10.2:
Updated package for Slackware 11.0:
Updated package for Slackware -current:

MD5 Signatures

Slackware 10.0 package: a4fac5c1692d7e3e693d33485d8f238b xine-lib-1.1.6-i686-1_slack10.0.tgz
Slackware 10.1 package: f1b482bc314e827946be08249a7a1f67 xine-lib-1.1.6-i686-1_slack10.1.tgz
Slackware 10.2 package: 84cef008726751072a0ebcfeb861e4fa xine-lib-1.1.6-i686-1_slack10.2.tgz
Slackware 11.0 package: a9001ed332e1f09c53e2de90b9ff652a xine-lib-1.1.6-i686-1_slack11.0.tgz
Slackware -current package: 751958cb4eb3067130633294af25f365 xine-lib-1.1.6-i686-2.tgz

Severity

critical

Lowest

Low

Medium

High

Critical

Topics Covered

security advisory buffer overflow critical threat slackware xine-lib

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg xine-lib-1.1.6-i686-1_slack11.0.tgz

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Slackware 11.0 SSA:2007-109-02 Critical: Xine-Lib Buffer Overflow

Summary

Topics Covered

Where Find New Packages

MD5 Signatures

Topics Covered

Get the latest News and Insights

Installation Instructions

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Slackware 11.0 SSA:2007-109-02 Critical: Xine-Lib Buffer Overflow

Summary

Topics Covered

Where Find New Packages

MD5 Signatures

Topics Covered

Get the latest News and Insights

Installation Instructions

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!