English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 102521 CVE descriptions
and 54701 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-2945
2008-04-08 23:42:20
--------------------------------------------------------------------------------

Name        : xine-lib
Product     : Fedora 7
Version     : 1.1.11.1
Release     : 1.fc7
URL         : http://xinehq.de/
Summary     : Xine library
Description :
This package contains the Xine library. Xine is a free multimedia player.
It can play back various media. It also decodes multimedia files from local
disk drives, and displays multimedia streamed over the Internet. It
interprets many of the most common multimedia formats available - and some
of the most uncommon formats, too.  --with/--without rpmbuild options
(some default values depend on target distribution): aalib, caca, directfb,
imagemagick, freetype, antialiasing (with freetype), pulseaudio, xcb.

--------------------------------------------------------------------------------
Update Information:

This updates xine-lib to 1.1.11.1, which fixes the following security
vulnerabilities: CVE-2008-0073 array indexing (fixed in 1.1.11), CVE-2008-1482
integer overflow (fixed in 1.1.11.1). It also provides a versioned xine-lib
(plugin-abi) so 3rd party packages installing plugins can use it instead of
requiring a version of xine-lib.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #438663 - CVE-2008-1482 xine-lib Integer overflow flaws
        https://bugzilla.redhat.com/show_bug.cgi?id=438663
  [ 2 ] Bug #438182 - CVE-2008-0073 xine-lib: sdpplin_parse() Array Indexing Vulnerability
        https://bugzilla.redhat.com/show_bug.cgi?id=438182
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update xine-lib' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-announce

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2017 E-Soft Inc. All rights reserved.