File Release Notes and Changelog
Release Name: 1.1.9.1
Notes: Security bug fixes. Upgrade strongly recommended. Relevant changesets: Remotely-exploitable buffer overflow (CVE-2008-0225, 1-beta1 and later): http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=4c9c8f08457a;style=raw http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=a8522d94b28d;style=raw Internal strtok_r implementation (1-rc7 and later): http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=d54ee3555e45;style=raw MD5: 3ca1e43386c01293ddc3aeaf8b5f804f xine-lib-1.1.9.1.tar.bz2 ad9a0b35b95f805ffd62119dc2dcda31 xine-lib-1.1.9.1.tar SHA1: 9ceb32b72b6eaa8e6ab03db06c3aa4a14a6e68c3 xine-lib-1.1.9.1.tar.bz2 98e99260630ee7b46cfee60dd0e06869bad90d64 xine-lib-1.1.9.1.tar (uncompressed hashes generated with the help of bzcat)
Changes: * Security fixes: - Buffer overflow which allows a remote attacker to execute arbitrary code via a crafted SDP Abstract attribute. (CVE-2008-0225) * Fix a read-past-end bug in xine-lib's internal strtok_r replacement. (Only affects systems without strtok_r.) * Fix a bug which causes video playback display errors on PPC/Darwin.
About SourceForge
Develop Software
Community
Copyright © 2010 Geeknet, Inc. All rights reserved. Terms of Use
