Update of /cvsroot/xine/gnome-xine/debian
In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv6675/debian
Modified Files:
changelog
Log Message:
Update to 0.5.10.
Index: changelog
===================================================================
RCS file: /cvsroot/xine/gnome-xine/debian/changelog,v
retrieving revision 1.39
retrieving revision 1.40
diff -u -r1.39 -r1.40
--- changelog 7 Jan 2007 20:26:24 -0000 1.39
+++ changelog 3 Feb 2007 14:59:31 -0000 1.40
@@ -1,8 +1,21 @@
-gxine (0.5.9-1) unstable; urgency=low
+gxine (0.5.10-1) unstable; urgency=low
- * New upstream release.
+ * New upstream release (includes the security fix).
+
+ -- Darren Salt <[EMAIL PROTECTED]> Mon, 08 Jan 2007 18:39:50 +0000
+
+gxine (0.5.8-2) unstable; urgency=high
+
+ * SECURITY FIX (local exploit) (closes: #405876)
+ This version fixes a potential buffer overflow in gxine's server
+ component and in gxine_client. This overflow would occur were $HOME
+ sufficiently long - 94 bytes or more would cause socket creation or
+ connection failure, and 242 bytes or more would cause a segfault or
+ possible arbitrary code execution.
+ * Enabled the watchdog code (which will kill gxine if it gets stuck for
+ 30 seconds).
- -- Darren Salt <[EMAIL PROTECTED]> Sun, 17 Dec 2006 01:35:28 +0000
+ -- Darren Salt <[EMAIL PROTECTED]> Sun, 07 Jan 2007 19:32:05 +0000
gxine (0.5.8-1) unstable; urgency=low
-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier.
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Xine-cvslog mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/xine-cvslog
