xine-lib update (SSA:2004-124-03)
Posted on: 05/03/2004 04:30 PM

A xine-lib update (SSA:2004-124-03) has been released for Slackware Linux:

New xine-lib packages are available for Slackware 9.1 and -current to fix a security issue where playing a specially crafted Real RTSP stream could run malicious code as the user playing the stream.

More details about this issue may be found in this advisory:

Here are the details from the Slackware 9.1 ChangeLog:
Sun May 2 17:16:41 PDT 2004
patches/packages/xine-lib-1rc4-i686-1.tgz: Upgraded to xine-lib-1-rc4.
This fixes an exploit possible when playing Real RTSP streams.
For more details, see:
(* Security fix *)

Where to find the new packages:

Updated package for Slackware 9.1:

Updated package for Slackware -current:

MD5 signatures:

Slackware 9.1 package:
78f2924f19dda0399317fb0eb34dc4da xine-lib-1rc4-i686-1.tgz

Slackware -current package:
eef1fc39ce6d88cf3b46f57084eb3dc2 xine-lib-1rc4-i686-1.tgz

Installation instructions:

Upgrade the package as root:
# upgradepkg xine-lib-1rc4-i686-1.tgz


Slackware Linux Security Team

Printed from Linux Compatible (