This bug was fixed in the package xine-lib - 1.1.11.1-1ubuntu1
---------------
xine-lib (1.1.11.1-1ubuntu1) hardy; urgency=low
* New upstream Version, merge from debian/unstable.
- Freeze exception Granted in LP: #204557
- Inclused Security fixes: LP: #195700
* Remaining Changes:
- add Replaces: libxine-main1 (<< 1.1.2+repacked1-0ubuntu1)
in libxine1-bin to make dapper->hardy upgrades work (LP #203605)
- Modify Maintainer value to match the DebianMaintainerField
specification.
xine-lib (1.1.11.1-1) unstable; urgency=high
* New upstream release.
- CVE-2008-1482: integer overflows in FLV, Qt, Real, WC3Movie, Matroska
and FILM demuxers, allowing remote attackers to trigger heap overflows
and possibly execute arbitrary code. (Closes: #472639)
xine-lib (1.1.11-1) unstable; urgency=high
* New upstream release.
- CVE-2008-0073: Array index vulnerability which may allow remote
attackers to execute arbitrary code via a crafted SDP parameter in an
RTSP stream.
- DVD reader code no longer uses UDF-provided file sizes as
authoritative. (Closes: #463177)
[Darren Salt]
* Remove the versioning from the libmagick9-dev build-dep.
* Disable the pulseaudio plugin (don't build, don't install) and remove
the build-dep on libpulse-dev for now due to instability: xine-lib has
been observed closing the stream due to audio problems.
(Closes: #471676)
[ Reinhard Tartler ]
* add support for 'parallel' keyword in DEB_BUILD_OPTIONS
-- Reinhard Tartler <[EMAIL PROTECTED]> Tue, 01 Apr 2008 09:33:39
+0200
** Changed in: xine-lib (Ubuntu)
Status: Confirmed => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-0073
--
Freeze exception for xine-lib 1.1.11
https://bugs.launchpad.net/bugs/204557
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
