Ubuntu Security Notice 123-1

Ubuntu Security Notice 123-1: Posted Aug 7, 2005; Authored by Ubuntu | Site ubuntu.com; Ubuntu Security Notice USN-123-1 - Two buffer overflows have been discovered in the MMS and Real RTSP stream handlers of the Xine library. By tricking a user to connect to a malicious MMS or RTSP video/audio stream source with an application that uses this library, an attacker could crash the client and possibly even execute arbitrary code with the privileges of the player application.; tags | advisory, overflow, arbitrary; systems | linux, ubuntu; advisories | CVE-2005-1195; SHA-256 | 1588ba8842777dc277d2e0428063a0849fdb931fb09087d28dbc225e7043146c; Download | Favorite | View

Ubuntu Security Notice 123-1

===========================================================
Ubuntu Security Notice USN-123-1         May 06, 2005
xine-lib vulnerabilities
CAN-2005-1195
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)
Ubuntu 5.04 (Hoary Hedgehog)

The following packages are affected:

libxine1

The problem can be corrected by upgrading the affected package to
version 1-rc5-1ubuntu2.2 (for Ubuntu 4.10) and 1.0-1ubuntu3.1 (for
Ubuntu 5.04).  In general, a standard system upgrade is sufficient to
effect the necessary changes.

Details follow:

Two buffer overflows have been discovered in the MMS and Real RTSP
stream handlers of the Xine library. By tricking a user to connect to
a malicious MMS or RTSP video/audio stream source with an application
that uses this library, an attacker could crash the client and
possibly even execute arbitrary code with the privileges of the player
application.

Updated packages for Ubuntu 4.10 (Warty Warthog):

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/x/xine-lib/xine-lib_1-rc5-1ubuntu2.2.diff.gz
      Size/MD5:   220602 e22a91dd6602a778a456ac4e75d14a67
    http://security.ubuntu.com/ubuntu/pool/main/x/xine-lib/xine-lib_1-rc5-1ubuntu2.2.dsc
      Size/MD5:      950 484c40b9a1e254d52f8c2078566cc1c1
    http://security.ubuntu.com/ubuntu/pool/main/x/xine-lib/xine-lib_1-rc5.orig.tar.gz
      Size/MD5:  7052663 703c3e68d60524598d4d9e527fe38286

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/x/xine-lib/libxine-dev_1-rc5-1ubuntu2.2_amd64.deb
      Size/MD5:   101412 224c971e640f01ca72dc2dac17e15916
    http://security.ubuntu.com/ubuntu/pool/main/x/xine-lib/libxine1_1-rc5-1ubuntu2.2_amd64.deb
      Size/MD5:  3543166 8d2ca25c0e9d364d5a2e4dedf63fba0c

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/x/xine-lib/libxine-dev_1-rc5-1ubuntu2.2_i386.deb
      Size/MD5:   101406 0cf03b13b797703d594f68d7636138de
    http://security.ubuntu.com/ubuntu/pool/main/x/xine-lib/libxine1_1-rc5-1ubuntu2.2_i386.deb
      Size/MD5:  3728804 27dc0b4c3fccefd1f03caa42e4dc6266

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/x/xine-lib/libxine-dev_1-rc5-1ubuntu2.2_powerpc.deb
      Size/MD5:   101412 931d76d961bc60ce74514348524958e5
    http://security.ubuntu.com/ubuntu/pool/main/x/xine-lib/libxine1_1-rc5-1ubuntu2.2_powerpc.deb
      Size/MD5:  3886674 b70a0603c57ad8b2ac977bdea6f9ff9f

Updated packages for Ubuntu 5.04 (Hoary Hedgehog):

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/x/xine-lib/xine-lib_1.0-1ubuntu3.1.diff.gz
      Size/MD5:     2763 a949659041b75d077a5605c5496bfd80
    http://security.ubuntu.com/ubuntu/pool/main/x/xine-lib/xine-lib_1.0-1ubuntu3.1.dsc
      Size/MD5:     1070 dffb73537640298a5ba352f4c15f30b4
    http://security.ubuntu.com/ubuntu/pool/main/x/xine-lib/xine-lib_1.0.orig.tar.gz
      Size/MD5:  7384258 96e5195c366064e7778af44c3e71f43a

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/x/xine-lib/libxine-dev_1.0-1ubuntu3.1_amd64.deb
      Size/MD5:   106364 9ed4670b90056b5983ebe4f4bec06521
    http://security.ubuntu.com/ubuntu/pool/main/x/xine-lib/libxine1_1.0-1ubuntu3.1_amd64.deb
      Size/MD5:  3566834 f79dfbbf98c7964f23a6f3e2c71a61c3

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/x/xine-lib/libxine-dev_1.0-1ubuntu3.1_i386.deb
      Size/MD5:   106362 6cdbdc86a2dbe46bfba98e34078ef29d
    http://security.ubuntu.com/ubuntu/pool/main/x/xine-lib/libxine1_1.0-1ubuntu3.1_i386.deb
      Size/MD5:  3749688 f0c5bc4161e13a973b39a86138cffa5d

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/x/xine-lib/libxine-dev_1.0-1ubuntu3.1_powerpc.deb
      Size/MD5:   106360 0d202d05bcd13bebe3518d5c61216b02
    http://security.ubuntu.com/ubuntu/pool/main/x/xine-lib/libxine1_1.0-1ubuntu3.1_powerpc.deb
      Size/MD5:  3924810 86ec380434aaab8bbd6f34c101f25a83

Top Authors In Last 30 Days

Red Hat 232 files
Ubuntu 59 files
Debian 27 files
Valentin Lobstein 11 files
LiquidWorm 11 files
nu11secur1ty 9 files
Apple 6 files
Milad Karimi 5 files
Google Security Research 5 files
Yevhenii Butenko 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,022)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,318)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,567)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,456)
UNIX (9,394)
UnixWare (187)
Windows (6,650)
Other

Ubuntu Security Notice 123-1

Ubuntu Security Notice 123-1

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Ubuntu Security Notice 123-1

Share This

Ubuntu Security Notice 123-1

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems