Package: xine-lib Severity: grave Tags: security Justification: user security hole
A format string vulnerability in xine-lib's CDDB response parsing has been found. Exploitation is quite unlikely, as it would require a rogue CDDB server, but it should be fixed nevertheless, as the fix is trivial. Please see http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0196.html for details and a patch. Cheers, Moritz -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.14-rc1 Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
