Red Hat Bugzilla – Bug 455752
xine: 1.1.15 update
Last modified: 2008-09-14 13:06:43 EDT
please, do it before fedora 10.
This release (1.1.15) contains some security fixes, notably a DoS via corrupted Ogg files (CVE-2008-3231), some related fixes, and fixes for a few possible buffer overflows: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3231
The other changes include recognition of AMR audio and Snow video.
Complete changelog: http://sourceforge.net/project/shownotes.php?release_id=619869&group_id=9655
Looks indeed like we'll want to upgrade to this new version ASAP, also for F9 and possibly F8 (backporting security fixes might be the other option for F8). Unfortunately, Koji is down at the moment, so we can't build anything.
I'll take a look.
* Fri Aug 15 2008 Rex Dieter <firstname.lastname@example.org> - 1.1.15-1
- xine-lib-1.1.15 (rh#455752, CVE-2008-3231)
- f9+: Obsoletes: xine-lib-arts
- move -pulseaudio into main pkg
All ready to commit/build, waiting for buildsys to come back online.
xine-lib-1.1.15-1.fc9 has been submitted as an update for Fedora 9.
xine-lib-1.1.15-1.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report.