Test ID:	1.3.6.1.4.1.25623.1.1.10.2014.0071
Category:	Mageia Linux Local Security Checks
Title:	Mageia: Security Advisory (MGASA-2014-0071)
Summary:	The remote host is missing an update for the 'xbmc' package(s) announced via the MGASA-2014-0071 advisory.
Description:	Summary: The remote host is missing an update for the 'xbmc' package(s) announced via the MGASA-2014-0071 advisory. Vulnerability Insight: Due to flaws in the embedded copy of libDCR, a fork of dcraw.c, in the embedded copy of CxImage, opening a specially crafted photo file could trigger a division by zero, an infinite loop, or a null pointer dereference, resulting in a denial of service (CVE-2013-1438). This update fixes those flaws. XBMC is also updated to a newer bugfix-only release, version 12.3. It contains fixes to various issues, including: - several PVR related bugs - memory leaks - audio channel mapping - possible crash on progress dialog and more. Additionally, this update fixes a compatibility issue on Mageia 4 affecting AC-3 transcoding, which prevented, for example, multichannel playback of AAC 5.1 files over S/PDIF or stereo-only HDMI devices. The PVR addons have also been updated. Affected Software/OS: 'xbmc' package(s) on Mageia 3, Mageia 4. Solution: Please install the updated package(s). CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2013-1438 BugTraq ID: 62060 http://www.securityfocus.com/bid/62060 Debian Security Information: DSA-2748 (Google Search) http://www.debian.org/security/2013/dsa-2748 http://www.openwall.com/lists/oss-security/2013/08/29/3
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.