 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.63380 |
| Category: | Fedora Local Security Checks |
| Title: | Fedora Core 10 FEDORA-2009-1525 (xine-lib) |
| Summary: | The remote host is missing an update to xine-lib;announced via advisory FEDORA-2009-1525.;Note: This VT has been deprecated and is therefore no longer functional. |
| Description: | Summary: The remote host is missing an update to xine-lib announced via advisory FEDORA-2009-1525. Note: This VT has been deprecated and is therefore no longer functional. Vulnerability Insight: This package contains the Xine library. It can be used to play back various media, decode multimedia files from local disk drives, and display multimedia streamed over the Internet. It interprets many of the most common multimedia formats available - and some uncommon formats, too. Update Information: This release contains one new security fix (CVE-2008-5240) and corrections of previous security fixes. It also includes fixes for race conditions in gapless_switch (ref. kde bug #180339) ChangeLog: * Tue Feb 10 2009 Rex Dieter - 1.1.16.2-1 - xine-lib-1.1.16.2 * Mon Feb 9 2009 Rex Dieter - 1.1.16.1-4 - gapless-race-fix patch (kdebug#180339) * Sat Feb 7 2009 Rex Dieter - 1.1.16.1-3 - safe-audio-pause patch (kdebug#180339) * Mon Jan 26 2009 Rex Dieter - 1.1.16.1-2 - Provides: xine-lib(plugin-abi)%{?_isa} = %{abiver} - touchup Summary/Description * Fri Jan 23 2009 Rex Dieter - 1.1.16.1-1 - xine-lib-1.1.16.1 - include avsync patch (#470568) * Sun Jan 18 2009 Rex Dieter - 1.1.16-2 - drop deepbind patch (#480504) - caca support (EPEL) * Wed Jan 7 2009 Kevin Kofler - 1.1.16-1.1 - patch for old libcaca in F9- * Wed Jan 7 2009 Rex Dieter - 1.1.16-1 - xine-lib-1.1.16, plugin ABI 1.25 - --with-external-libdvdnav, include mpeg demuxers (#213597) * Fri Dec 12 2008 Rex Dieter - 1.1.15-4 - rebuild for pkgconfig deps Solution: Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update xine-lib' at the command line. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2008-5240 BugTraq ID: 30797 http://www.securityfocus.com/bid/30797 Bugtraq: 20080822 [oCERT-2008-008] multiple heap overflows in xine-lib (Google Search) http://www.securityfocus.com/archive/1/495674/100/0/threaded https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00385.html https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00174.html https://www.redhat.com/archives/fedora-package-announce/2009-January/msg00555.html http://www.mandriva.com/security/advisories?name=MDVSA-2009:020 http://www.ocert.org/analysis/2008-008/analysis.txt http://www.osvdb.org/47742 http://secunia.com/advisories/31827 http://secunia.com/advisories/33544 http://securityreason.com/securityalert/4648 SuSE Security Announcement: SUSE-SR:2009:004 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html XForce ISS Database: xinelib-demuxmatroska-dos(44653) https://exchange.xforce.ibmcloud.com/vulnerabilities/44653 |
| Copyright | Copyright (C) 2009 E-Soft Inc. |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |