[ MDVSA-2008:020 ] - Updated xine-lib packages fix remote code execution vulnerabilities

security@xxxxxxxxxxxx · Tue, 22 Jan 2008 17:12:24 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2008:020
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : xine-lib
 Date    : January 22, 2008
 Affected: 2007.1, 2008.0, Corporate 3.0
 _______________________________________________________________________

 Problem Description:

 Two vulnerabilities discovered in xine-lib allow remote execution of
 arbitrary code:

 Heap-based buffer overflow in the rmff_dump_cont function in
 input/libreal/rmff.c in xine-lib 1.1.9 and earlier allows remote
 attackers to execute arbitrary code via the SDP Abstract attribute,
 related to the rmff_dump_header function and related to disregarding
 the max field. (CVE-2008-0225)

 Multiple heap-based buffer overflows in the rmff_dump_cont function
 in input/libreal/rmff.c in xine-lib 1.1.9 allow remote attackers
 to execute arbitrary code via the SDP (1) Title, (2) Author, or
 (3) Copyright attribute, related to the rmff_dump_header function,
 different vectors than CVE-2008-0225. (CVE-2008-0238)

 Besides those security issues, the xine-lib provided in Mandriva
 Linux 2008.0 and 2007.1 did not automatically use Real binary
 codecs, when the user had them installed in /usr/lib64/real
 on x86_64 architecture. Also, xine-lib of Mandriva Linux
 2007.1 did not automatically use the Real codecs from
 /usr/lib/RealPlayer10GOLD/codecs, which is provided by RealPlayer
 package of Mandriva Powerpack editions.

 The updated packages fix these issues.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0225
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0235
 http://qa.mandriva.com/show_bug.cgi?id=36353
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2007.1:
 0425cb3f41748d28153cce1ccb12dea3  2007.1/i586/libxine1-1.1.4-6.4mdv2007.1.i586.rpm
 a52282954feb98515dda02bf0d12824c  2007.1/i586/libxine1-devel-1.1.4-6.4mdv2007.1.i586.rpm
 ae5cb1f5ed8edcad70c1a2959ae5b792  2007.1/i586/xine-aa-1.1.4-6.4mdv2007.1.i586.rpm
 dad128f433aad362b0caef2b0e1611ab  2007.1/i586/xine-arts-1.1.4-6.4mdv2007.1.i586.rpm
 a612268c4d7abe207a26e056625940e0  2007.1/i586/xine-caca-1.1.4-6.4mdv2007.1.i586.rpm
 9b80f2cec010dd4a35273d809990434d  2007.1/i586/xine-dxr3-1.1.4-6.4mdv2007.1.i586.rpm
 0ac7b2249890f120e74a99dc41c01ac9  2007.1/i586/xine-esd-1.1.4-6.4mdv2007.1.i586.rpm
 483162a8549d0538da374d7248181c2d  2007.1/i586/xine-flac-1.1.4-6.4mdv2007.1.i586.rpm
 32d1831d72330bbe9912d29187996558  2007.1/i586/xine-gnomevfs-1.1.4-6.4mdv2007.1.i586.rpm
 0f72fb4106db4754f00c7bff05caed51  2007.1/i586/xine-image-1.1.4-6.4mdv2007.1.i586.rpm
 2921a034e5f262c44338424e2d47d1ae  2007.1/i586/xine-jack-1.1.4-6.4mdv2007.1.i586.rpm
 834c09f6c31e75e8b95b6739d9c71f1b  2007.1/i586/xine-plugins-1.1.4-6.4mdv2007.1.i586.rpm
 399151a0f4fa108db7d36fb00daf9ec2  2007.1/i586/xine-pulse-1.1.4-6.4mdv2007.1.i586.rpm
 c89083751fdf9c05cc47faeea581de6d  2007.1/i586/xine-sdl-1.1.4-6.4mdv2007.1.i586.rpm
 0a06dfc5a64ec3bdfd8374640d87b1cf  2007.1/i586/xine-smb-1.1.4-6.4mdv2007.1.i586.rpm 
 80b87916c772a9b7f960a7c091561a61  2007.1/SRPMS/xine-lib-1.1.4-6.4mdv2007.1.src.rpm

 Mandriva Linux 2007.1/X86_64:
 114aa8a5fabe21a77ad2c373882d2bcc  2007.1/x86_64/lib64xine1-1.1.4-6.4mdv2007.1.x86_64.rpm
 517955bedb1bf7f7331b2c347176e51b  2007.1/x86_64/lib64xine1-devel-1.1.4-6.4mdv2007.1.x86_64.rpm
 9c4eac581fec386b37dc40d91a67b97f  2007.1/x86_64/xine-aa-1.1.4-6.4mdv2007.1.x86_64.rpm
 4badbf05f0479a7ad7c8bf6b418a4a3e  2007.1/x86_64/xine-arts-1.1.4-6.4mdv2007.1.x86_64.rpm
 38c0674c9177ce623c94ad186b678833  2007.1/x86_64/xine-caca-1.1.4-6.4mdv2007.1.x86_64.rpm
 510cff5d0631a5f3786309b8d8b67f94  2007.1/x86_64/xine-dxr3-1.1.4-6.4mdv2007.1.x86_64.rpm
 679c966a211a82ee2c37316e415822ad  2007.1/x86_64/xine-esd-1.1.4-6.4mdv2007.1.x86_64.rpm
 2be3f89b1b785f80f8c52c9a3cd37870  2007.1/x86_64/xine-flac-1.1.4-6.4mdv2007.1.x86_64.rpm
 a31ca7b52d73f4eff789da480aa34468  2007.1/x86_64/xine-gnomevfs-1.1.4-6.4mdv2007.1.x86_64.rpm
 6fd513da3d06beaeb92773503d5be8e9  2007.1/x86_64/xine-image-1.1.4-6.4mdv2007.1.x86_64.rpm
 cd8ab4bd74ac79cf834df9a3fc47a461  2007.1/x86_64/xine-jack-1.1.4-6.4mdv2007.1.x86_64.rpm
 558285bf5c75356cee16a27ec39673a4  2007.1/x86_64/xine-plugins-1.1.4-6.4mdv2007.1.x86_64.rpm
 3acbd43c49616d623ac428897718ed1a  2007.1/x86_64/xine-pulse-1.1.4-6.4mdv2007.1.x86_64.rpm
 41a557e9f2bca3ee704839aa09b7e258  2007.1/x86_64/xine-sdl-1.1.4-6.4mdv2007.1.x86_64.rpm
 2e10a1e2e9a78c5f8e91100faea96a6c  2007.1/x86_64/xine-smb-1.1.4-6.4mdv2007.1.x86_64.rpm 
 80b87916c772a9b7f960a7c091561a61  2007.1/SRPMS/xine-lib-1.1.4-6.4mdv2007.1.src.rpm

 Mandriva Linux 2008.0:
 b8ddd27f6bccd9536a424a745807ba20  2008.0/i586/libxine-devel-1.1.8-4.2mdv2008.0.i586.rpm
 37542d747bb7e2affe94a01e8126177d  2008.0/i586/libxine1-1.1.8-4.2mdv2008.0.i586.rpm
 5f61e5940289928b29e12700685bacb4  2008.0/i586/xine-aa-1.1.8-4.2mdv2008.0.i586.rpm
 6c909003ae673741e6182b87872818ce  2008.0/i586/xine-caca-1.1.8-4.2mdv2008.0.i586.rpm
 16ca047ed41868bb42721a901d19d76c  2008.0/i586/xine-dxr3-1.1.8-4.2mdv2008.0.i586.rpm
 8900b1680fb7acba255289457cc340e8  2008.0/i586/xine-esd-1.1.8-4.2mdv2008.0.i586.rpm
 f3f9c4dca23d10e5f69cfaf43eb108df  2008.0/i586/xine-flac-1.1.8-4.2mdv2008.0.i586.rpm
 6d5ca2b59114daec96dbb9099c54a072  2008.0/i586/xine-gnomevfs-1.1.8-4.2mdv2008.0.i586.rpm
 3a6704452c5525bd439e10be58377c73  2008.0/i586/xine-image-1.1.8-4.2mdv2008.0.i586.rpm
 31ec514af2f9882106a3b63d77e71fbe  2008.0/i586/xine-jack-1.1.8-4.2mdv2008.0.i586.rpm
 c2e2126c0a20d412bef4cd7da32b1397  2008.0/i586/xine-plugins-1.1.8-4.2mdv2008.0.i586.rpm
 210aadbad67bf76cc13713da2a1040a5  2008.0/i586/xine-pulse-1.1.8-4.2mdv2008.0.i586.rpm
 263c4a276310d933291a8ed514e9d6db  2008.0/i586/xine-sdl-1.1.8-4.2mdv2008.0.i586.rpm
 1a89980df7aa1a78e75ee2133ea69b0f  2008.0/i586/xine-smb-1.1.8-4.2mdv2008.0.i586.rpm 
 993efeefd9eb64b9e667b057e4392052  2008.0/SRPMS/xine-lib-1.1.8-4.2mdv2008.0.src.rpm

 Mandriva Linux 2008.0/X86_64:
 f1399c157c7d436c73acd08ddd9081e0  2008.0/x86_64/lib64xine-devel-1.1.8-4.2mdv2008.0.x86_64.rpm
 9c60468f8fcc3b07122c5e96093e2b2c  2008.0/x86_64/lib64xine1-1.1.8-4.2mdv2008.0.x86_64.rpm
 333295378a58a2fdb0ad2a2129d29155  2008.0/x86_64/xine-aa-1.1.8-4.2mdv2008.0.x86_64.rpm
 df2ff1b09fbd75155bbc057fc9b4f073  2008.0/x86_64/xine-caca-1.1.8-4.2mdv2008.0.x86_64.rpm
 0f55f58c1d50a87b6412d70ee0708a0e  2008.0/x86_64/xine-dxr3-1.1.8-4.2mdv2008.0.x86_64.rpm
 4efc7d9ec4650984939797ba0862fa57  2008.0/x86_64/xine-esd-1.1.8-4.2mdv2008.0.x86_64.rpm
 19497ba3ee828ae5faf6d7c192546434  2008.0/x86_64/xine-flac-1.1.8-4.2mdv2008.0.x86_64.rpm
 704a84ca69404e89fe4a2906a8b4011b  2008.0/x86_64/xine-gnomevfs-1.1.8-4.2mdv2008.0.x86_64.rpm
 33c2c9e2e33d2d040548fb0489854c03  2008.0/x86_64/xine-image-1.1.8-4.2mdv2008.0.x86_64.rpm
 24bf8f274488f1cd816ae355b16db60b  2008.0/x86_64/xine-jack-1.1.8-4.2mdv2008.0.x86_64.rpm
 23cc75280d9b3fd8525fee860b845140  2008.0/x86_64/xine-plugins-1.1.8-4.2mdv2008.0.x86_64.rpm
 3027b28ad28e79dd29c811236e40013f  2008.0/x86_64/xine-pulse-1.1.8-4.2mdv2008.0.x86_64.rpm
 158a3f1d31545d014d6b5e2ea49bf421  2008.0/x86_64/xine-sdl-1.1.8-4.2mdv2008.0.x86_64.rpm
 0648b9b8c2de3e539e22025d162b4139  2008.0/x86_64/xine-smb-1.1.8-4.2mdv2008.0.x86_64.rpm 
 993efeefd9eb64b9e667b057e4392052  2008.0/SRPMS/xine-lib-1.1.8-4.2mdv2008.0.src.rpm

 Corporate 3.0:
 038d738b78fb810f3cf6cacfaaaa9d8a  corporate/3.0/i586/libxine1-1-0.rc3.6.17.C30mdk.i586.rpm
 48aedd6efe7650fdc8aa2dfd5f705c99  corporate/3.0/i586/libxine1-devel-1-0.rc3.6.17.C30mdk.i586.rpm
 05fc9c5d9e2a82136fc8e1f258dd9983  corporate/3.0/i586/xine-aa-1-0.rc3.6.17.C30mdk.i586.rpm
 2b3e1590d5f0f9e7ac8492b7882a1fdb  corporate/3.0/i586/xine-arts-1-0.rc3.6.17.C30mdk.i586.rpm
 40f43c041a7342eb18704551c9f5b06b  corporate/3.0/i586/xine-dxr3-1-0.rc3.6.17.C30mdk.i586.rpm
 a76ea3ff7d3012879f679d39956958a6  corporate/3.0/i586/xine-esd-1-0.rc3.6.17.C30mdk.i586.rpm
 1ef5808de5c84338d6832bbff07fbd04  corporate/3.0/i586/xine-flac-1-0.rc3.6.17.C30mdk.i586.rpm
 f066f57c4abc76e93bc53cc33ed752cc  corporate/3.0/i586/xine-gnomevfs-1-0.rc3.6.17.C30mdk.i586.rpm
 682b7b6c2aa9fed83b84b6148e4451a5  corporate/3.0/i586/xine-plugins-1-0.rc3.6.17.C30mdk.i586.rpm 
 d81ea6135561f0b73aea2f371b35ab77  corporate/3.0/SRPMS/xine-lib-1-0.rc3.6.17.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 a2dbfda340b2a104d4fd0b597bbf29bb  corporate/3.0/x86_64/lib64xine1-1-0.rc3.6.17.C30mdk.x86_64.rpm
 49e79c27f972696493e02b85041be88d  corporate/3.0/x86_64/lib64xine1-devel-1-0.rc3.6.17.C30mdk.x86_64.rpm
 dd4a10f43839eab85ab313f6f99799f2  corporate/3.0/x86_64/xine-aa-1-0.rc3.6.17.C30mdk.x86_64.rpm
 29a789608c6cd64ee5757bc34fe6ceb3  corporate/3.0/x86_64/xine-arts-1-0.rc3.6.17.C30mdk.x86_64.rpm
 1d24fe2cd77fd5af013127cdad877da6  corporate/3.0/x86_64/xine-esd-1-0.rc3.6.17.C30mdk.x86_64.rpm
 a5c1dbe1c1d19a31ca43ad21e5f016a4  corporate/3.0/x86_64/xine-flac-1-0.rc3.6.17.C30mdk.x86_64.rpm
 a304d6f1e0f18d0417bd8c767ebebee9  corporate/3.0/x86_64/xine-gnomevfs-1-0.rc3.6.17.C30mdk.x86_64.rpm
 4de2d9860ba8d53f5356f7f089cfb163  corporate/3.0/x86_64/xine-plugins-1-0.rc3.6.17.C30mdk.x86_64.rpm 
 d81ea6135561f0b73aea2f371b35ab77  corporate/3.0/SRPMS/xine-lib-1-0.rc3.6.17.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (GNU/Linux)

iD8DBQFHlltbmqjQ0CJFipgRAl8vAKCAQ6FRuLHrNVijRQJ/mPNHlsG8TwCgjI9h
VztNaC8myYMv3gQ+aFpo1UQ=
=+3/J
-----END PGP SIGNATURE-----