Multiple buffer overflow flaws were discovered in xine-lib. The vulnerabilities are caused due to integer overflow errors when allocating memory in src/demuxers/demux_flv.c, src/demuxers/demux_qt.c, src/demuxers/demux_real.c, src/demuxers/demux_wc3movie.c, src/demuxers/ebml.c, and src/demuxers/demux_film.c. These can be exploited to cause heap-based buffer overflows via overly large fields included in e.g. FLV, MOV, RM, MVE, MKV, and CAK files. See original advisory for details: http://aluigi.altervista.org/adv/xinehof-adv.txt Gentoo: FWIW, they should _all_ be fixed in 1.2 series, I suppose backporting the relevant changes, if possible, would solve the issue. 1.2 makes good use of calloc rather than using malloc directly.
CVE name was requested.
CVE-2008-1482
http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=a3f2772fd14b57e0557ef45797ff04c768657a7e;style=gitweb
I'm working on updating F-8+ to 1.1.11.1 which should fix this issue.
xine-lib-1.1.11.1-1.fc8 has been submitted as an update for Fedora 8
xine-lib-1.1.11.1-1.fc8 has been pushed to the Fedora 8 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update xine-lib'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F8/FEDORA-2008-2849
FWIW, it was not my intention to push this to testing but directly to stable, but once again I could not convince Bodhi to do that.
xine-lib-1.1.11.1-1.fc7 has been submitted as an update for Fedora 7
xine-lib-1.1.11.1-1.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.
xine-lib-1.1.11.1-1.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.