Slackware 12.0 SSA:2008-092-01 Critical: Xine-Lib Integer Overflow

slackware

April 1, 2008

New xine-lib packages are available for Slackware 10.0, 10.1, 10.2, 11.0, 12.0, and -current to fix security issues

Summary

Here are the details from the Slackware 12.0 ChangeLog: Mon Mar 31 23:33:58 CDT 2008 xap/xine-lib-1.1.11.1-i686-1_slack12.0.tgz: Upgraded to xine-lib-1.1.11.1. Earlier versions of xine-lib suffer from an integer overflow which may lead to a buffer overflow that could potentially be used to gain unauthorized access to the machine if a malicious media file is played back. File types affected this time include .flv, .mov, .rm, .mve, .mkv, and .cak. For more information on this security issue, please see: https://www.cve.org/CVERecord?id=CVE-2008-1482 (* Security fix *)

Topics Covered

security advisory buffer overflow software update slackware integer overflow critical severity xine-lib

Where Find New Packages

HINT: Getting slow download speeds from ftp.slackware.com? Give slackware.osuosl.org a try. This is another primary FTP site for Slackware that can be considerably faster than downloading directly from ftp.slackware.com.
Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating additional FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated package for Slackware 10.0:
Updated package for Slackware 10.1:
Updated package for Slackware 10.2:
Updated package for Slackware 11.0:
Updated package for Slackware 12.0:
Updated package for Slackware -current:

MD5 Signatures

Slackware 10.0 package: b3b011b3f39ee9688bb91663db0ed15d xine-lib-1.1.11.1-i686-1_slack10.0.tgz
Slackware 10.1 package: 4bc2172a51944aa4937e799ae876d2f3 xine-lib-1.1.11.1-i686-1_slack10.1.tgz
Slackware 10.2 package: a10af71a22cfdf1a6456cd1a07168d17 xine-lib-1.1.11.1-i686-1_slack10.2.tgz
Slackware 11.0 package: d15917be2a476e19ecb9254fc7d21f84 xine-lib-1.1.11.1-i686-1_slack11.0.tgz
Slackware 12.0 package: c883b1ebae2955f6d8f289e9e80cf7b2 xine-lib-1.1.11.1-i686-1_slack12.0.tgz
Slackware -current package: a6d31fba0a2186975c914b839a6f8db5 xine-lib-1.1.11.1-i686-1.tgz

Severity

critical

Lowest

Low

Medium

High

Critical

Topics Covered

security advisory buffer overflow software update slackware integer overflow critical severity xine-lib

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg xine-lib-1.1.11.1-i686-1_slack12.0.tgz

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Slackware 12.0 SSA:2008-092-01 Critical: Xine-Lib Integer Overflow

Summary

Topics Covered

Where Find New Packages

MD5 Signatures

Topics Covered

Get the latest News and Insights

Installation Instructions

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Slackware 12.0 SSA:2008-092-01 Critical: Xine-Lib Integer Overflow

Summary

Topics Covered

Where Find New Packages

MD5 Signatures

Topics Covered

Get the latest News and Insights

Installation Instructions

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!