Launchpad has imported 14 comments from the remote bug at
http://bugs.gentoo.org/show_bug.cgi?id=205197.
If you reply to an imported comment from within Launchpad, your comment
will be sent to the remote bug automatically. Read more about
Launchpad's inter-bugtracker facilities at
https://help.lau
** Changed in: xine-lib (Gentoo Linux)
Importance: Unknown => Medium
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/185034
Title:
[xine-lib] [CVE-2008-0225] insufficient input sanitising during th
** Changed in: xine-lib (Ubuntu)
Status: New => Invalid
** Changed in: xine-lib (Ubuntu Dapper)
Status: New => Fix Released
** Changed in: xine-lib (Ubuntu Feisty)
Status: New => Fix Released
** Changed in: xine-lib (Ubuntu Gutsy)
Assignee: (unassigned) => Jamie Strandb
** Changed in: xine-lib (Gentoo Linux)
Status: Unknown => Fix Released
--
[xine-lib] [CVE-2008-0225] insufficient input sanitising during the handling of
RTSP streams
https://bugs.launchpad.net/bugs/185034
You received this bug notification because you are a member of Ubuntu
Bugs, which i
** Bug watch added: Gentoo Bugzilla #205197
http://bugs.gentoo.org/show_bug.cgi?id=205197
** Also affects: xine-lib (Gentoo Linux) via
http://bugs.gentoo.org/show_bug.cgi?id=205197
Importance: Unknown
Status: Unknown
--
[xine-lib] [CVE-2008-0225] insufficient input sanitising dur
Any news on those security updates for xine-lib?
--
[xine-lib] [CVE-2008-0225] insufficient input sanitising during the handling of
RTSP streams
https://bugs.launchpad.net/bugs/185034
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
See also:
MDVSA-2008:020
(http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:020)
Quoting:
"Heap-based buffer overflow in the rmff_dump_cont function in
input/libreal/rmff.c in xine-lib 1.1.9 and earlier allows remote
attackers to execute arbitrary code via the SDP Abstract attribute,
