VectorLinux

General Announcements => Security Advisories => Topic started by: caitlyn on September 19, 2008, 10:00:09 am

Title: 080915 xine-lib-1.1.14 vulnerability [VL 6.0 & VL 5.9]
Post by: caitlyn on September 19, 2008, 10:00:09 am
A vulnerability exists in xine-lib-1.1.14 which could allow a DoS via corrupted Ogg files (CVE-2008-3231) and possibly buffer overflows. 

A new package for xine-lib-1.1.15 is in the testing repository for veclinux-current (VL 6.0) and has been in patches for VL 5.9 for some time now.  Both are available via gslapt or slapt-get.