Debian Package Tracker

From: Nico Golde <nion@debian.org>
To: <debian-testing-changes@lists.debian.org>
Subject: Accepted mplayer 1.0~rc2-7+lenny1 (source all i386)
Date: Fri, 15 Feb 2008 15:02:05 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Fri, 15 Feb 2008 12:35:24 +0100
Source: mplayer
Binary: mplayer mplayer-doc
Architecture: source all i386
Version: 1.0~rc2-7+lenny1
Distribution: testing-security
Urgency: high
Maintainer: A Mennucc1 <mennucc1@debian.org>
Changed-By: Nico Golde <nion@debian.org>
Description: 
 mplayer    - movie player for Unix-like systems
 mplayer-doc - documentation for MPlayer
Closes: 464060 464532 464533
Changes: 
 mplayer (1.0~rc2-7+lenny1) testing-security; urgency=high
 .
   * Non-maintainer upload by security team.
   * This update addresses the following security issues:
     - CVE-2008-0630: remote buffer overflow via crafted URL
      (Closes: #464532).
     - CVE-2008-0629: remote buffer overflow leading to arbitrary
       code execution via a crafted CDDB entry (Closes: #464533).
     - CVE-2008-0485: array index error in libmpdemux/demux_mov.c
       leading to code execution via crafted MOV file (Closes: #464060).
     - CVE-2008-0486: array index vulnerability in libmpdemux/demux_audio.c
       possibly leading to code execution via crafted FLAC tag.
Files: 
 e7b91dd0d640af735852b0112d69f612 1435 graphics optional mplayer_1.0~rc2-7+lenny1.dsc
 f1da15bc4accee0a5551928e31d7b779 11727998 graphics optional mplayer_1.0~rc2.orig.tar.gz
 12bee461cc224473a4d52483058ac3bb 71387 graphics optional mplayer_1.0~rc2-7+lenny1.diff.gz
 583ecd8e0d27cd9e91f8e355c643ecb4 2466212 graphics optional mplayer-doc_1.0~rc2-7+lenny1_all.deb
 323b899ca4ac3e199c00f9589129939d 5057120 graphics optional mplayer_1.0~rc2-7+lenny1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHtYGtHYflSXNkfP8RAhpnAJ4hRXN3/psRsQSSAf1dSAOD6WmF5gCeJB9m
LtAMgUpDqS6j6hJF974VHZI=
=0ixp
-----END PGP SIGNATURE-----


Accepted:
mplayer-doc_1.0~rc2-7+lenny1_all.deb
  to pool/main/m/mplayer/mplayer-doc_1.0~rc2-7+lenny1_all.deb
mplayer_1.0~rc2-7+lenny1.diff.gz
  to pool/main/m/mplayer/mplayer_1.0~rc2-7+lenny1.diff.gz
mplayer_1.0~rc2-7+lenny1.dsc
  to pool/main/m/mplayer/mplayer_1.0~rc2-7+lenny1.dsc
mplayer_1.0~rc2-7+lenny1_i386.deb
  to pool/main/m/mplayer/mplayer_1.0~rc2-7+lenny1_i386.deb
News for package mplayer
