Accepted xine-lib 1.1.1-0ubuntu4 (source)
Martin Pitt
martin.pitt at ubuntu.com
Thu Dec 15 12:25:05 GMT 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Thu, 15 Dec 2005 13:13:45 +0100
Source: xine-lib
Binary: libxine1c2 libxine-dev
Architecture: source
Version: 1.1.1-0ubuntu4
Distribution: dapper
Urgency: low
Maintainer: Siggi Langauf <siggi at debian.org>
Changed-By: Martin Pitt <martin.pitt at ubuntu.com>
Description:
libxine-dev - the xine video player library, development packages
libxine1c2 - the xine video/media player library, binary files
Changes:
xine-lib (1.1.1-0ubuntu4) dapper; urgency=low
.
* SECURITY UPDATE: Fix arbitrary code execution with crafted PNG images in
embedded ffmpeg copy.
* src/libffmpeg/libavcodec/utils.c, avcodec_default_get_buffer(): Apply
upstream patch to fix buffer overflow on decoding of small PIX_FMT_PAL8
PNG files.
* References:
CVE-2005-4048
http://mplayerhq.hu/pipermail/ffmpeg-devel/2005-November/005333.html
http://www1.mplayerhq.hu/cgi-bin/cvsweb.cgi/ffmpeg/libavcodec/
utils.c.diff?r1=1.161&r2=1.162&cvsroot=FFMpeg
Files:
1abea98b73810e387f14be00a3d89f08 1142 libs optional xine-lib_1.1.1-0ubuntu4.dsc
4e444ddac73946b7bcaaf6ac19eb7daa 4725 libs optional xine-lib_1.1.1-0ubuntu4.diff.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFDoV+oDecnbV4Fd/IRApMQAKCn7m2rviafskkUWKqCzwyzVihNsACaA4Xr
DeKVyODIMrYiflMGQSv7W0Y=
=Flx5
-----END PGP SIGNATURE-----
Accepted:
xine-lib_1.1.1-0ubuntu4.diff.gz
to pool/main/x/xine-lib/xine-lib_1.1.1-0ubuntu4.diff.gz
xine-lib_1.1.1-0ubuntu4.dsc
to pool/main/x/xine-lib/xine-lib_1.1.1-0ubuntu4.dsc
More information about the dapper-changes
mailing list