-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Sat, 19 Jan 2008 21:59:41 +0000 Source: xine-lib Binary: libxine-dev libxine1 Architecture: source i386 Version: 1.0.1-1sarge6 Distribution: oldstable-security Urgency: high Maintainer: Siggi Langauf <siggi@debian.org> Changed-By: Darren Salt <linux@youmustbejoking.demon.co.uk> Description: libxine-dev - the xine video player library, development packages libxine1 - the xine video/media player library, binary files Closes: 460551 Changes: xine-lib (1.0.1-1sarge6) oldstable-security; urgency=high . * Security bug fix: - CVE-2008-0225: Heap-based buffer overflow in rmff_dump_cont function which allows remote attacker to execute arbitrary code via a crafted SDP Abstract attribute (Closes: #460551). Files: a71bea7e3fcfb743bdc7add1c3ad2c3a 1059 libs optional xine-lib_1.0.1-1sarge6.dsc cf5b621b9730754647d46865e85d1758 5983 libs optional xine-lib_1.0.1-1sarge6.diff.gz f0970164861c2efd8ff11b2f38ebf566 107922 libdevel optional libxine-dev_1.0.1-1sarge6_i386.deb 74a7995d0ddb11d42666e010884c97f0 4206292 libs optional libxine1_1.0.1-1sarge6_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFHkzlEXm3vHE4uyloRAhqRAJ4yq+1i5ibaA4CrMCc2wKEXoL9/yACgl84M Fg8hR6xLH5MqhpvNXok9pew= =dqt2 -----END PGP SIGNATURE----- Accepted: libxine-dev_1.0.1-1sarge6_i386.deb to pool/main/x/xine-lib/libxine-dev_1.0.1-1sarge6_i386.deb libxine1_1.0.1-1sarge6_i386.deb to pool/main/x/xine-lib/libxine1_1.0.1-1sarge6_i386.deb xine-lib_1.0.1-1sarge6.diff.gz to pool/main/x/xine-lib/xine-lib_1.0.1-1sarge6.diff.gz xine-lib_1.0.1-1sarge6.dsc to pool/main/x/xine-lib/xine-lib_1.0.1-1sarge6.dsc
