Accepted xine-lib 1.0-1ubuntu3.4 (source)
Martin Pitt
martin.pitt at ubuntu.com
Thu Mar 9 14:26:16 GMT 2006
Accepted:
xine-lib 1.0-1ubuntu3.4 was ACCEPTED.
Component: main Section: libs
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Thu, 15 Dec 2005 12:33:12 +0000
Source: xine-lib
Binary: libxine-dev libxine1
Architecture: source
Version: 1.0-1ubuntu3.4
Distribution: hoary-updates
Urgency: low
Maintainer: Siggi Langauf <siggi at debian.org>
Changed-By: Martin Pitt <martin.pitt at ubuntu.com>
Description:
libxine-dev - the xine video player library, development packages
libxine1 - the xine video/media player library, binary files
Changes:
xine-lib (1.0-1ubuntu3.4) hoary-updates; urgency=low
.
* SECURITY UPDATE: Fix arbitrary code execution with crafted PNG images in
embedded ffmpeg copy.
* src/libffmpeg/libavcodec/utils.c, avcodec_default_get_buffer(): Apply
upstream patch to fix buffer overflow on decoding of small PIX_FMT_PAL8
PNG files.
* References:
CVE-2005-4048
http://mplayerhq.hu/pipermail/ffmpeg-devel/2005-November/005333.html
http://www1.mplayerhq.hu/cgi-bin/cvsweb.cgi/ffmpeg/libavcodec/
utils.c.diff?r1=1.161&r2=1.162&cvsroot=FFMpeg
Files:
5653a9042c1025b8c10cf88a29d1f76e 1070 libs optional xine-lib_1.0-1ubuntu3.4.dsc
2dd16cb6bb9443c400c94257de023056 4373 libs optional xine-lib_1.0-1ubuntu3.4.diff.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
iD8DBQFDoWhPDecnbV4Fd/IRAm79AJ9+Mclnun12RSmoM5YMAZp0/Vsc8wCfVz8r
RpgG9DV6QavlgPVZeEm6uao=
=E2J4
-----END PGP SIGNATURE-----
More information about the hoary-changes
mailing list