No, I didn't test the exploit when I filed the bug. I can't reproduce the crash now, neither with xine nor gxine (gxine is in a separate package).
The file seems to be asf, and normally the xine in debian can play (or at least demux) asf. Either Debian's xine is not vulnerable because some feature is missing or the exploit is just not working for some other reason. Unfortunately I don't know which. http://bugs.gentoo.org/show_bug.cgi?id=128838 says that the gentoo guys could reproduce it with 1.1.1. Cheers, Stefan -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
