author: Josef El-Rayes <josef@FreeBSD.org> 2004-12-29 17:34:50 +0000
committer: Josef El-Rayes <josef@FreeBSD.org> 2004-12-29 17:34:50 +0000
commit: c572cbb7c205acfc3ab18d75f4f78e2f9b501735 (patch)
tree: b696dea694dd60fac23d809f2a97b99bb81a2d34
parent: a57f22e3ab0bc81722153743869d9ec4cf343fa2 (diff)
1 files changed, 8 insertions, 1 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index f0e4433442de..356664b1e0b4 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -289,6 +289,10 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 	<name>mplayer-gtk2-esound</name>
 	<range><lt>0.99.5_5</lt></range>
       </package>
+      <package>
+	<name>libxine</name>
+	<range><le>1.0.r5_3</le></range>
+      </package>
     </affects>
     <description>
       <body xmlns="http://www.w3.org/1999/xhtml">
@@ -302,10 +306,13 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 	  <li>Potential buffer overflow in mp3lib</li>
 	</ul>
 	<p>These vulnerabilities could allow a remote attacker to
-	  execute arbitrary code as the user running MPlayer.</p>
+	  execute arbitrary code as the user running MPlayer. The
+	  problem in the pnm streaming code also affects xine.</p>
       </body>
     </description>
     <references>
+      <cvename>CAN-2004-1187</cvename>
+      <cvename>CAN-2004-1188</cvename>
       <url>http://mplayerhq.hu/homepage/design7/news.html#mplayer10pre5try2</url>
       <mlist msgid="IDSERV04yz5b6KZmcK80000000c@exchange.idefense.com">http://marc.theaimsgroup.com/?l=bugtraq&amp;m=110322526210300</mlist>
       <mlist msgid="IDSERV04FVjCRGryWtI0000000f@exchange.idefense.com">http://marc.theaimsgroup.com/?l=bugtraq&amp;m=110322829807443</mlist>
author	Josef El-Rayes <josef@FreeBSD.org>	2004-12-29 17:34:50 +0000
committer	Josef El-Rayes <josef@FreeBSD.org>	2004-12-29 17:34:50 +0000
commit	c572cbb7c205acfc3ab18d75f4f78e2f9b501735 (patch)
tree	b696dea694dd60fac23d809f2a97b99bb81a2d34
parent	a57f22e3ab0bc81722153743869d9ec4cf343fa2 (diff)