xine-lib security vulnerability
Tim van der Molen
tbm at home.nl
Sun Oct 16 07:00:32 PDT 2005
"By setting up a malicious CDDB server, an attacker can overwrite
arbitrary memory locations with arbitrary data." Among the affected
versions are all 1.0 releases up to and including 1.0.2, and 1.1.0.
The problem is solved in version 1.0.3a. A patch against CVS is also
available. A workaround is to delete the xineplug_inp_cdda.so file.
More information: <http://xinehq.de/index.php/security/XSA-2005-1>.
More information about the lfs-security