Accepted xine-lib 1.0-1ubuntu3.4 (source)

Martin Pitt martin.pitt at ubuntu.com
Thu Mar 9 14:26:16 GMT 2006


Accepted:
xine-lib 1.0-1ubuntu3.4 was ACCEPTED.
	Component: main Section: libs

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Thu, 15 Dec 2005 12:33:12 +0000
Source: xine-lib
Binary: libxine-dev libxine1
Architecture: source
Version: 1.0-1ubuntu3.4
Distribution: hoary-updates
Urgency: low
Maintainer: Siggi Langauf <siggi at debian.org>
Changed-By: Martin Pitt <martin.pitt at ubuntu.com>
Description: 
 libxine-dev - the xine video player library, development packages
 libxine1   - the xine video/media player library, binary files
Changes: 
 xine-lib (1.0-1ubuntu3.4) hoary-updates; urgency=low
 .
   * SECURITY UPDATE: Fix arbitrary code execution with crafted PNG images in
     embedded ffmpeg copy.
   * src/libffmpeg/libavcodec/utils.c, avcodec_default_get_buffer(): Apply
     upstream patch to fix buffer overflow on decoding of small PIX_FMT_PAL8
     PNG files.
   * References:
     CVE-2005-4048
     http://mplayerhq.hu/pipermail/ffmpeg-devel/2005-November/005333.html
     http://www1.mplayerhq.hu/cgi-bin/cvsweb.cgi/ffmpeg/libavcodec/
     utils.c.diff?r1=1.161&r2=1.162&cvsroot=FFMpeg
Files: 
 5653a9042c1025b8c10cf88a29d1f76e 1070 libs optional xine-lib_1.0-1ubuntu3.4.dsc
 2dd16cb6bb9443c400c94257de023056 4373 libs optional xine-lib_1.0-1ubuntu3.4.diff.gz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFDoWhPDecnbV4Fd/IRAm79AJ9+Mclnun12RSmoM5YMAZp0/Vsc8wCfVz8r
RpgG9DV6QavlgPVZeEm6uao=
=E2J4
-----END PGP SIGNATURE-----





More information about the hoary-changes mailing list