Please support VectorLinux!

Author Topic: 080915 xine-lib-1.1.14 vulnerability [VL 6.0 & VL 5.9]  (Read 2845 times)

caitlyn

  • Packager
  • Vectorian
  • ****
  • Posts: 2876
    • The Linux Works
080915 xine-lib-1.1.14 vulnerability [VL 6.0 & VL 5.9]
« on: September 19, 2008, 09:00:09 am »
A vulnerability exists in xine-lib-1.1.14 which could allow a DoS via corrupted Ogg files (CVE-2008-3231) and possibly buffer overflows. 

A new package for xine-lib-1.1.15 is in the testing repository for veclinux-current (VL 6.0) and has been in patches for VL 5.9 for some time now.  Both are available via gslapt or slapt-get.
eMachines EL-1300G desktop, 1.6GHz AMD Athlon 2650e CPU, 4GB RAM, nVidia GeForce 6150 SE video
CentOS 6.5 (will try VL64-7.1 soon)

Toshiba Satellite A135-S4727,  Intel Pentium T2080 / 1.73 GHz, 2GB RAM, Intel GMA 950

HP Mini 110 netbook, 1.6GHz Intel Atom CPU, 2GB RAM, Intel 950 video, VL 7.1