Mandriva 1271 Published by

The Mandriva Security Team published a new security update: MDKSA-2005:228 - Updated xine-lib packages fix buffer overflow vulnerability for Mandriva Linux. Here the announcement:



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDKSA-2005:228
http://www.mandriva.com/security/
_______________________________________________________________________

Package : xine-lib
Date : December 14, 2005
Affected: 2006.0, Corporate 3.0
_______________________________________________________________________

Problem Description:

Simon Kilvington discovered a vulnerability in FFmpeg libavcodec,
which can be exploited by malicious people to cause a DoS (Denial
of Service) and potentially to compromise a user's system.

The vulnerability is caused due to a boundary error in the
"avcodec_default_get_buffer()" function of "utils.c" in libavcodec.
This can be exploited to cause a heap-based buffer overflow when a
specially-crafted 1x1 ".png" file containing a palette is read.

Xine-lib is built with a private copy of ffmpeg containing this
same code. (Corporate Server 2.1 is not vulnerable)

The updated packages have been patched to prevent this problem.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4048
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2006.0:
106bddc3b9cb60714c00c9ca0709f24f 2006.0/RPMS/libxine1-1.1.0-9.2.20060mdk.i586.rpm
080965d48571a7c6a21f5509b9edc6bb 2006.0/RPMS/libxine1-devel-1.1.0-9.2.20060mdk.i586.rpm
1b5cab0dea7da6a896f076f40057b04f 2006.0/RPMS/xine-aa-1.1.0-9.2.20060mdk.i586.rpm
749413958bae867d0e401cf3fb7ad2d4 2006.0/RPMS/xine-arts-1.1.0-9.2.20060mdk.i586.rpm
6dacf41d2ebea975675eeec3daaa5ed2 2006.0/RPMS/xine-dxr3-1.1.0-9.2.20060mdk.i586.rpm
1c0a5a698ffd77dac839cdd70e3a568b 2006.0/RPMS/xine-esd-1.1.0-9.2.20060mdk.i586.rpm
ce3a5ecb960a91faafd6376eb1d79bfb 2006.0/RPMS/xine-flac-1.1.0-9.2.20060mdk.i586.rpm
cff6a28e36785bb64f5cde6911d03a49 2006.0/RPMS/xine-gnomevfs-1.1.0-9.2.20060mdk.i586.rpm
8cffb6762d014113bdcb78f3b7c682f9 2006.0/RPMS/xine-image-1.1.0-9.2.20060mdk.i586.rpm
22a248a5660f5098dcbd0731a92ba7e0 2006.0/RPMS/xine-plugins-1.1.0-9.2.20060mdk.i586.rpm
4a3ce0b28a549de15f9668f0236bf50c 2006.0/RPMS/xine-polyp-1.1.0-9.2.20060mdk.i586.rpm
f5f118f2bbfb1bdd4f9a940450050e53 2006.0/RPMS/xine-smb-1.1.0-9.2.20060mdk.i586.rpm
424b1913ecb7aa0f96b19c71500f65a3 2006.0/SRPMS/xine-lib-1.1.0-9.2.20060mdk.src.rpm

Mandriva Linux 2006.0/X86_64:
913f831f85eb7cce65d79c46febb1973 x86_64/2006.0/RPMS/lib64xine1-1.1.0-9.2.20060mdk.x86_64.rpm
cb5cbf9e7e5e3d47818ef3fc6702b04b x86_64/2006.0/RPMS/lib64xine1-devel-1.1.0-9.2.20060mdk.x86_64.rpm
1559fb1a68019ed74047b602f14c0cc9 x86_64/2006.0/RPMS/xine-aa-1.1.0-9.2.20060mdk.x86_64.rpm
931aec226e6266e10963d68e12cc3546 x86_64/2006.0/RPMS/xine-arts-1.1.0-9.2.20060mdk.x86_64.rpm
966f1ef51f097657718d45e7611c64d8 x86_64/2006.0/RPMS/xine-dxr3-1.1.0-9.2.20060mdk.x86_64.rpm
62bce4ff948e301e81ff228925dc96af x86_64/2006.0/RPMS/xine-esd-1.1.0-9.2.20060mdk.x86_64.rpm
c9b162cfd51ab3877711245d14af4e1c x86_64/2006.0/RPMS/xine-flac-1.1.0-9.2.20060mdk.x86_64.rpm
ffacd2cef4e3c181b12f663b19e7bda7 x86_64/2006.0/RPMS/xine-gnomevfs-1.1.0-9.2.20060mdk.x86_64.rpm
199ca828d6e3314b67330c32d45cc4a3 x86_64/2006.0/RPMS/xine-image-1.1.0-9.2.20060mdk.x86_64.rpm
81cb882870abf57921c96a66edf5185e x86_64/2006.0/RPMS/xine-plugins-1.1.0-9.2.20060mdk.x86_64.rpm
74a37edf5d9b2cb28a2ce758904b113b x86_64/2006.0/RPMS/xine-polyp-1.1.0-9.2.20060mdk.x86_64.rpm
f930bcfa573f7c250f54c48564e943e1 x86_64/2006.0/RPMS/xine-smb-1.1.0-9.2.20060mdk.x86_64.rpm
424b1913ecb7aa0f96b19c71500f65a3 x86_64/2006.0/SRPMS/xine-lib-1.1.0-9.2.20060mdk.src.rpm

Corporate 3.0:
eb66ad363e7225f165cdbd67f6e26065 corporate/3.0/RPMS/libxine1-1-0.rc3.6.7.C30mdk.i586.rpm
6c89df1070e6b26f35d75a48cb7405ad corporate/3.0/RPMS/libxine1-devel-1-0.rc3.6.7.C30mdk.i586.rpm
6e583c278819c349670a5a305fff766c corporate/3.0/RPMS/xine-aa-1-0.rc3.6.7.C30mdk.i586.rpm
e77f19f13166e42fd3df09fd9b9eba15 corporate/3.0/RPMS/xine-arts-1-0.rc3.6.7.C30mdk.i586.rpm
89d7298da642be02345cdf98d33daf00 corporate/3.0/RPMS/xine-dxr3-1-0.rc3.6.7.C30mdk.i586.rpm
1947fd6e09255382a3c797b81ba41200 corporate/3.0/RPMS/xine-esd-1-0.rc3.6.7.C30mdk.i586.rpm
c39de7583826f7987a96f392daaad4ea corporate/3.0/RPMS/xine-flac-1-0.rc3.6.7.C30mdk.i586.rpm
9eb882a4d1925a5e75de338294d5fee3 corporate/3.0/RPMS/xine-gnomevfs-1-0.rc3.6.7.C30mdk.i586.rpm
be189966eee8bb042e3066c9d96f0b4f corporate/3.0/RPMS/xine-plugins-1-0.rc3.6.7.C30mdk.i586.rpm
cf0248a3252c55af1e15b01efae50298 corporate/3.0/SRPMS/xine-lib-1-0.rc3.6.7.C30mdk.src.rpm

Corporate 3.0/X86_64:
833c0e0f8468d4df40e300c0a72ac1cb x86_64/corporate/3.0/RPMS/lib64xine1-1-0.rc3.6.7.C30mdk.x86_64.rpm
7a802e66ab344aa9b151679d669b0620 x86_64/corporate/3.0/RPMS/lib64xine1-devel-1-0.rc3.6.7.C30mdk.x86_64.rpm
18132113599b1330359a045d11410d5d x86_64/corporate/3.0/RPMS/xine-arts-1-0.rc3.6.7.C30mdk.x86_64.rpm
94beaa6edc2fd1be6badef18d818dc0c x86_64/corporate/3.0/RPMS/xine-plugins-1-0.rc3.6.7.C30mdk.x86_64.rpm
cf0248a3252c55af1e15b01efae50298 x86_64/corporate/3.0/SRPMS/xine-lib-1-0.rc3.6.7.C30mdk.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFDoIkfmqjQ0CJFipgRAsJPAJ90bC8k3OUmZ0/Ov+j4ART8b4W+9wCg6kdf
HQwPF/7Y6E3vpgrdYViCUEk=
=MIpp
-----END PGP SIGNATURE-----