On Sat, Mar 29, 2008 at 02:10:27PM +0100, Nico Golde wrote: > Hi A Mennucc, > * A Mennucc <[EMAIL PROTECTED]> [2008-03-29 14:00]: > > Nico Golde ha scritto: > > > Package: mplayer > > > Severity: grave > > > Tags: security patch > > > > > > This also affects mplayer since it also uses this code. > > > A patch is available on: > > > http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=12cb075fba8ea09813fc35e0c731d2a64265b637;style=raw > > > > I saw a comment of Reimar (that I am CC-ing); he wrote in the mplayer > > dev list, saying that mplayer is not affected as badly as xine; anyway > > Reimar wrote a short patch, that I will apply tomorrow > > Not sure what is meant with as badly but if you mean > http://lists.mplayerhq.hu/pipermail/mplayer-dev-eng/2008-March/056938.html > the patch fixes the same problem in a different way like the > diff from the xine-lib repository.
I did not check myself I admit, I just assumed from explanations elsewhere that the xine version was missing some checks on stream_id as well. Sorry if I misunderstood (and thus misrepresented) the issue. Greetings, Reimar Döffinger -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
