[Frugalware-git] homepage-ng: FSA437-xine-lib

Miklos Vajna Mon, 05 May 2008 05:29:22 -0700

Git-Url: 
http://git.frugalware.org/gitweb/gitweb.cgi?p=homepage-ng.git;a=commitdiff;h=319d22e26a701aa718c6382119efc23a3b8b42c5


commit 319d22e26a701aa718c6382119efc23a3b8b42c5
Author: Miklos Vajna <[EMAIL PROTECTED]>
Date:   Mon May 5 14:29:07 2008 +0200

FSA437-xine-lib

diff --git a/frugalware/xml/security.xml b/frugalware/xml/security.xml
index 3814aa1..54212c7 100644
--- a/frugalware/xml/security.xml
+++ b/frugalware/xml/security.xml
@@ -27,6 +27,19 @@

<fsas>
<fsa>
+               <id>437</id>
+               <date>2008-05-05</date>
+               <package>xine-lib</package>
+               <vulnerable>1.1.11-1kalgan2</vulnerable>
+               <unaffected>1.1.11-1kalgan3</unaffected>
+               <bts>http://bugs.frugalware.org/task/3010</bts>
+               
<cve>http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686</cve>
+               <desc>A vulnerability has been reported in xine-lib, which can 
potentially be exploited by malicious people to compromise a vulnerable system.
+                       The vulnerability is caused due to the use of 
vulnerable libfishsound; an input validation error when processing Speex 
headers, which can be exploited via a specially crafted Speex stream containing 
a negative "modeID" field in the header.
+
+                       Successful exploitation may allow execution of 
arbitrary code.</desc>
+       </fsa>
+       <fsa>
<id>436</id>
<date>2008-04-25</date>
<package>phpmyadmin</package>
_______________________________________________
Frugalware-git mailing list
[email protected]
http://frugalware.org/mailman/listinfo/frugalware-git

[Frugalware-git] homepage-ng: FSA437-xine-lib

Reply via email to