-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Sun, 13 Jan 2008 16:12:48 +0100 Source: xine-lib Binary: libxine1-x libxine1-gnome libxine1-console libxine-dev libxine1 libxine1-dbg libxine1-plugins libxine1-doc libxine1-misc-plugins libxine1-ffmpeg Architecture: source i386 all Version: 1.1.8-3+lenny1 Distribution: testing-security Urgency: high Maintainer: Reinhard Tartler <siretart@tauware.de> Changed-By: Nico Golde <nion@debian.org> Description: libxine-dev - the xine video player library, development packages libxine1 - the xine video/media player library, binary files libxine1-console - libaa/libcaca/framebuffer/directfb related plugins for libxine1 libxine1-dbg - debug symbols for libxine1 libxine1-doc - the xine video player library, documentation files libxine1-ffmpeg - MPEG-related plugins for libxine1 libxine1-gnome - GNOME-related plugins for libxine1 libxine1-misc-plugins - Input, audio output and post plugins for libxine1 libxine1-plugins - the xine video/media player library, meta package libxine1-x - X desktop video output plugins for libxine1 Closes: 460551 Changes: xine-lib (1.1.8-3+lenny1) testing-security; urgency=high . * Non-maintainer upload by security team. * This update addresses the following security issue: - CVE-2008-0225: Heap-based buffer overflow in rmff_dump_cont function which allows remote attacker to execute arbitrary code via a crafted SDP Abstract attribute (Closes: #460551). Files: 9537a8c87e46e59c182cb204fd37681f 1718 libs optional xine-lib_1.1.8-3+lenny1.dsc ef235cc9e7057680aa35c315a6dd78fd 8872132 libs optional xine-lib_1.1.8.orig.tar.gz 0231f12a8600a3ed4bb17ace78f7073f 25387 libs optional xine-lib_1.1.8-3+lenny1.diff.gz 8e8eb39b46de4e6f19f8ed4774916be7 137034 doc optional libxine1-doc_1.1.8-3+lenny1_all.deb dc313d49c3cb67a367ce1887d4bcbbc9 46340 libs extra libxine1-plugins_1.1.8-3+lenny1_all.deb 8369567040767e5dc5d815c7edb9625d 326462 libdevel optional libxine-dev_1.1.8-3+lenny1_i386.deb 6d984cdfa61b72a0f2a134e62a9c6010 1588036 libs optional libxine1_1.1.8-3+lenny1_i386.deb f31bcf6f6774bf68729e9065d3fce8f6 433442 libs optional libxine1-ffmpeg_1.1.8-3+lenny1_i386.deb 9382fa62c7627dcb0f7b0e94ae4d47c0 60346 libs optional libxine1-gnome_1.1.8-3+lenny1_i386.deb b46e7fa582c745ffbbb8c127f1db1dde 104220 libs extra libxine1-console_1.1.8-3+lenny1_i386.deb 85ba8ceea10bbd1b3d91daf3f7a91f03 256630 libs optional libxine1-x_1.1.8-3+lenny1_i386.deb c9827a6ac6879c71b7caea8585ef8117 1845894 libs extra libxine1-dbg_1.1.8-3+lenny1_i386.deb cb1477cc3e8bbd49964e5bccb118d2e0 988172 libs optional libxine1-misc-plugins_1.1.8-3+lenny1_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHijPlHYflSXNkfP8RAqeHAJ4vx5u+zjxY+wwc9C/BCBvq8vH62QCeKoWo P/rFkOJHrFCTEaNTzBy6PjI= =MYCa -----END PGP SIGNATURE----- Accepted: libxine-dev_1.1.8-3+lenny1_i386.deb to pool/main/x/xine-lib/libxine-dev_1.1.8-3+lenny1_i386.deb libxine1-console_1.1.8-3+lenny1_i386.deb to pool/main/x/xine-lib/libxine1-console_1.1.8-3+lenny1_i386.deb libxine1-dbg_1.1.8-3+lenny1_i386.deb to pool/main/x/xine-lib/libxine1-dbg_1.1.8-3+lenny1_i386.deb libxine1-doc_1.1.8-3+lenny1_all.deb to pool/main/x/xine-lib/libxine1-doc_1.1.8-3+lenny1_all.deb libxine1-ffmpeg_1.1.8-3+lenny1_i386.deb to pool/main/x/xine-lib/libxine1-ffmpeg_1.1.8-3+lenny1_i386.deb libxine1-gnome_1.1.8-3+lenny1_i386.deb to pool/main/x/xine-lib/libxine1-gnome_1.1.8-3+lenny1_i386.deb libxine1-misc-plugins_1.1.8-3+lenny1_i386.deb to pool/main/x/xine-lib/libxine1-misc-plugins_1.1.8-3+lenny1_i386.deb libxine1-plugins_1.1.8-3+lenny1_all.deb to pool/main/x/xine-lib/libxine1-plugins_1.1.8-3+lenny1_all.deb libxine1-x_1.1.8-3+lenny1_i386.deb to pool/main/x/xine-lib/libxine1-x_1.1.8-3+lenny1_i386.deb libxine1_1.1.8-3+lenny1_i386.deb to pool/main/x/xine-lib/libxine1_1.1.8-3+lenny1_i386.deb xine-lib_1.1.8-3+lenny1.diff.gz to pool/main/x/xine-lib/xine-lib_1.1.8-3+lenny1.diff.gz xine-lib_1.1.8-3+lenny1.dsc to pool/main/x/xine-lib/xine-lib_1.1.8-3+lenny1.dsc
