Your message dated Fri, 26 Dec 2008 19:47:12 +0100
with message-id <20081226184712.ga24...@rangda.stickybit.se>
and subject line already fixed in testing/unstable
has caused the Debian Bug report #507184,
regarding xine-lib: CVE-2008-5246 heap overflow
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
507184: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507184
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: xine-lib
Severity: grave
Tags: security patch
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for xine-lib.
CVE-2008-5246[0]:
| Multiple heap-based buffer overflows in xine-lib before 1.1.15 allow
| remote attackers to execute arbitrary code via vectors that send ID3
| data to the (1) id3v22_interp_frame and (2) id3v24_interp_frame
| functions in src/demuxers/id3.c. NOTE: the provenance of this
| information is unknown; the details are obtained solely from third
| party information.
Your upstream fix:
http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=268c1c1639d7;style=gitweb
Btw a rather strange way to fix an integer overflow + a
strange comment.
If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.
For further information see:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5246
http://security-tracker.debian.net/tracker/CVE-2008-5246
--
Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
pgp6qCdLqL9j2.pgp
Description: PGP signature
--- End Message ---
--- Begin Message ---
Version: 1.1.14-3
hi,
this bug was fixed in the august upload of the package:
xine-lib (1.1.14-3) unstable; urgency=high
* More security fixes from upstream hg:
==> - Fix an exploitable ID3 heap buffer overflow.
- Check for possible buffer overflow attempts in the Real demuxer.
- Use size_t for data length variables where there may be int overflows.
- Add some checks for memory allocation failures.
i've verified that the patch is applied.
a note to the package maintainer: please consider using some form of
patch management system as it's quite difficult to investigate such
problems and/or prepare fixes for them.
i'll investigate the remaining xine-lib security bugs to see if the
same applies. if time permits i'll also look at what the situation is
with stable, though my focus right now is on squishing lenny/rc bugs.
sean
signature.asc
Description: Digital signature
--- End Message ---
