1 |
-----BEGIN PGP SIGNED MESSAGE----- |
2 |
Hash: SHA1 |
3 |
|
4 |
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - |
5 |
Gentoo Linux Security Advisory GLSA 200409-30 |
6 |
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - |
7 |
http://security.gentoo.org/ |
8 |
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - |
9 |
|
10 |
Severity: Normal |
11 |
Title: xine-lib: Multiple vulnerabilities |
12 |
Date: September 22, 2004 |
13 |
Bugs: #64348 |
14 |
ID: 200409-30 |
15 |
|
16 |
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - |
17 |
|
18 |
Synopsis |
19 |
======== |
20 |
|
21 |
xine-lib contains several vulnerabilities potentially allowing the |
22 |
execution of arbitrary code. |
23 |
|
24 |
Background |
25 |
========== |
26 |
|
27 |
xine-lib is a multimedia library which can be utilized to create |
28 |
multimedia frontends. |
29 |
|
30 |
Affected packages |
31 |
================= |
32 |
|
33 |
------------------------------------------------------------------- |
34 |
Package / Vulnerable / Unaffected |
35 |
------------------------------------------------------------------- |
36 |
1 media-libs/xine-lib <= 1_rc5-r3 >= 1_rc6 |
37 |
|
38 |
Description |
39 |
=========== |
40 |
|
41 |
xine-lib contains two stack-based overflows and one heap-based |
42 |
overflow. In the code reading VCD disc labels, the ISO disc label is |
43 |
copied into an unprotected stack buffer of fixed size. Also, there is a |
44 |
buffer overflow in the code that parses subtitles and prepares them for |
45 |
display (XSA-2004-4). Finally, xine-lib contains a heap-based overflow |
46 |
in the DVD sub-picture decoder (XSA-2004-5). |
47 |
|
48 |
(Please note that the VCD MRL issue mentioned in XSA-2004-4 was fixed |
49 |
with GLSA 200408-18.) |
50 |
|
51 |
Impact |
52 |
====== |
53 |
|
54 |
With carefully-crafted VCDs, DVDs, MPEGs or subtitles, an attacker may |
55 |
cause xine-lib to execute arbitrary code with the permissions of the |
56 |
user. |
57 |
|
58 |
Workaround |
59 |
========== |
60 |
|
61 |
There is no known workaround at this time. |
62 |
|
63 |
Resolution |
64 |
========== |
65 |
|
66 |
All xine-lib users should upgrade to the latest version: |
67 |
|
68 |
# emerge sync |
69 |
|
70 |
# emerge -pv ">=media-libs/xine-lib-1_rc6" |
71 |
# emerge ">=media-libs/xine-lib-1_rc6" |
72 |
|
73 |
References |
74 |
========== |
75 |
|
76 |
[ 1 ] BugTraq Announcement (XSA-2004-4) |
77 |
|
78 |
http://www.securityfocus.com/archive/1/375485/2004-09-02/2004-09-08/0 |
79 |
[ 2 ] BugTraq Announcement (XSA-2004-5) |
80 |
|
81 |
http://www.securityfocus.com/archive/1/375482/2004-09-02/2004-09-08/0 |
82 |
|
83 |
Availability |
84 |
============ |
85 |
|
86 |
This GLSA and any updates to it are available for viewing at |
87 |
the Gentoo Security Website: |
88 |
|
89 |
http://security.gentoo.org/glsa/glsa-200409-30.xml |
90 |
|
91 |
Concerns? |
92 |
========= |
93 |
|
94 |
Security is a primary focus of Gentoo Linux and ensuring the |
95 |
confidentiality and security of our users machines is of utmost |
96 |
importance to us. Any security concerns should be addressed to |
97 |
security@g.o or alternatively, you may file a bug at |
98 |
http://bugs.gentoo.org. |
99 |
|
100 |
License |
101 |
======= |
102 |
|
103 |
Copyright 2004 Gentoo Foundation, Inc; referenced text |
104 |
belongs to its owner(s). |
105 |
|
106 |
The contents of this document are licensed under the |
107 |
Creative Commons - Attribution / Share Alike license. |
108 |
|
109 |
http://creativecommons.org/licenses/by-sa/1.0 |
110 |
|
111 |
-----BEGIN PGP SIGNATURE----- |
112 |
Version: GnuPG v1.2.4 (GNU/Linux) |
113 |
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org |
114 |
|
115 |
iD8DBQFBUd/zvcL1obalX08RApiKAJwNawUowXDjPV4UvqIK+BlL2Pa+mwCdEb41 |
116 |
qRvIwCq4ScPXrfk+lh5iYdg= |
117 |
=WX55 |
118 |
-----END PGP SIGNATURE----- |