-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Update Advisory _______________________________________________________________________ Package name: xine-lib Advisory ID: MDKSA-2005:180 Date: October 11th, 2005 Affected versions: 10.1, 10.2, 2006.0, Corporate 3.0 ______________________________________________________________________ Problem Description: When playing an Audio CD, a xine-lib based media application contacts a CDDB server to retrieve metadata like the title and artist's name. During processing of this data, a response from the server, which is located in memory on the stack, is passed to the fprintf() function as a format string. An attacker can set up a malicious CDDB server and trick the client into using this server instead of the pre- configured one. Alternatively, any user and therefore the attacker can modify entries in the official CDDB server. Using this format string vulnerability, attacker-chosen data can be written to an attacker-chosen memory location. This allows the attacker to alter the control flow and to execute malicious code with the permissions of the user running the application. This problem was reported by Ulf Harnhammar from the Debian Security Audit Project. The updated packages have been patched to correct this problem. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2967 http://xinehq.de/index.php/security/XSA-2005-1 ______________________________________________________________________ Updated Packages: Mandrivalinux 10.1: 3f07ca856ac1574af04fbe1b27ee965e 10.1/RPMS/libxine1-1-0.rc5.9.3.101mdk.i586.rpm 023408c3ee89298c373a3a6927a3061e 10.1/RPMS/libxine1-devel-1-0.rc5.9.3.101mdk.i586.rpm f15dbebfea2af1a970b7d2efd9294553 10.1/RPMS/xine-aa-1-0.rc5.9.3.101mdk.i586.rpm 964bf0c612fdd2ad9f4d3f0189db4c5d 10.1/RPMS/xine-arts-1-0.rc5.9.3.101mdk.i586.rpm 942189b2e906e9318bb729841499714c 10.1/RPMS/xine-dxr3-1-0.rc5.9.3.101mdk.i586.rpm d87d3f48cf4378de0cd66a763df69a22 10.1/RPMS/xine-esd-1-0.rc5.9.3.101mdk.i586.rpm f015327c624aa069668a8faddc7989da 10.1/RPMS/xine-flac-1-0.rc5.9.3.101mdk.i586.rpm fe16081d5be8ae716f139e7cc7971738 10.1/RPMS/xine-gnomevfs-1-0.rc5.9.3.101mdk.i586.rpm b595c492e3d38c394a05bef235a8b50e 10.1/RPMS/xine-plugins-1-0.rc5.9.3.101mdk.i586.rpm ae824a8ad57afa4af74d14ac36aec48f 10.1/SRPMS/xine-lib-1-0.rc5.9.3.101mdk.src.rpm Mandrivalinux 10.1/X86_64: c56c742c25b4e7ef55363bc433ada6b6 x86_64/10.1/RPMS/lib64xine1-1-0.rc5.9.3.101mdk.x86_64.rpm 8174e6c20c36883482a8c92ac7a32dd4 x86_64/10.1/RPMS/lib64xine1-devel-1-0.rc5.9.3.101mdk.x86_64.rpm 3f07ca856ac1574af04fbe1b27ee965e x86_64/10.1/RPMS/libxine1-1-0.rc5.9.3.101mdk.i586.rpm c4b594b75216ec745901c2bc910aa854 x86_64/10.1/RPMS/xine-aa-1-0.rc5.9.3.101mdk.x86_64.rpm 0aa452c0c36a9a7eae6bc8276c585133 x86_64/10.1/RPMS/xine-arts-1-0.rc5.9.3.101mdk.x86_64.rpm bf3e6970c3b37d80eee58be3804aaef1 x86_64/10.1/RPMS/xine-dxr3-1-0.rc5.9.3.101mdk.x86_64.rpm 419d4acc74bd3368f4ad7e841b71583f x86_64/10.1/RPMS/xine-esd-1-0.rc5.9.3.101mdk.x86_64.rpm a934d38fc6bc894afcd51fc443c5387a x86_64/10.1/RPMS/xine-flac-1-0.rc5.9.3.101mdk.x86_64.rpm c71f58dd79bbd7a67ade68f9f0c47537 x86_64/10.1/RPMS/xine-gnomevfs-1-0.rc5.9.3.101mdk.x86_64.rpm 9d2dbdaf3887b90af8f6f275956fba25 x86_64/10.1/RPMS/xine-plugins-1-0.rc5.9.3.101mdk.x86_64.rpm ae824a8ad57afa4af74d14ac36aec48f x86_64/10.1/SRPMS/xine-lib-1-0.rc5.9.3.101mdk.src.rpm Mandrivalinux 10.2: b59bd74be8211752b1f8b14eaaeb4caf 10.2/RPMS/libxine1-1.0-8.2.102mdk.i586.rpm 7df88b45784d86b120232238e80c2ae9 10.2/RPMS/libxine1-devel-1.0-8.2.102mdk.i586.rpm 22f9a1ef543d6e6b8b409e995c05f549 10.2/RPMS/xine-aa-1.0-8.2.102mdk.i586.rpm 6b288c5aec71967bb93031d1d6781f18 10.2/RPMS/xine-arts-1.0-8.2.102mdk.i586.rpm e94fbd981fa69cdf4205f73620d65d58 10.2/RPMS/xine-dxr3-1.0-8.2.102mdk.i586.rpm 4ac7f54e7442efeac8a8f27ea94cce31 10.2/RPMS/xine-esd-1.0-8.2.102mdk.i586.rpm 93fb8780846b76c53743f74113c5d789 10.2/RPMS/xine-flac-1.0-8.2.102mdk.i586.rpm 79cf02e9f22be6638927dec066926b5d 10.2/RPMS/xine-gnomevfs-1.0-8.2.102mdk.i586.rpm fb9103583e2eb19ad301d6a3042fad86 10.2/RPMS/xine-plugins-1.0-8.2.102mdk.i586.rpm bd90a1fe71bd91383caf9ea5d87e2abc 10.2/RPMS/xine-polyp-1.0-8.2.102mdk.i586.rpm 4067888181bc7c025901b054ec7c8fd6 10.2/RPMS/xine-smb-1.0-8.2.102mdk.i586.rpm 3d1f4d92c41f977edf895388f4784337 10.2/SRPMS/xine-lib-1.0-8.2.102mdk.src.rpm Mandrivalinux 10.2/X86_64: 772e4a1a0aac6006474768a0601545a3 x86_64/10.2/RPMS/lib64xine1-1.0-8.2.102mdk.x86_64.rpm c72a8b14fbe656c62f8368fbc9449931 x86_64/10.2/RPMS/lib64xine1-devel-1.0-8.2.102mdk.x86_64.rpm f6123a88fc6b3c7edd68dccbc75efc8d x86_64/10.2/RPMS/xine-aa-1.0-8.2.102mdk.x86_64.rpm 9768022de3f23e61649671a76de6d4a3 x86_64/10.2/RPMS/xine-arts-1.0-8.2.102mdk.x86_64.rpm 6636acc15686f32d827c367ae0e0af83 x86_64/10.2/RPMS/xine-dxr3-1.0-8.2.102mdk.x86_64.rpm bd80ab843edcb769edbe95bee307848e x86_64/10.2/RPMS/xine-esd-1.0-8.2.102mdk.x86_64.rpm 70c16130252aca43d5cac5d30d258dbc x86_64/10.2/RPMS/xine-flac-1.0-8.2.102mdk.x86_64.rpm 19546fbd231735cdb52488c78bb3138c x86_64/10.2/RPMS/xine-gnomevfs-1.0-8.2.102mdk.x86_64.rpm e14f01a64d3080fc35ee3f7280ae9336 x86_64/10.2/RPMS/xine-plugins-1.0-8.2.102mdk.x86_64.rpm 8281c290d3e926279706b049dd4247da x86_64/10.2/RPMS/xine-polyp-1.0-8.2.102mdk.x86_64.rpm 46f8be45f38977aa67731c5da830c43b x86_64/10.2/RPMS/xine-smb-1.0-8.2.102mdk.x86_64.rpm 3d1f4d92c41f977edf895388f4784337 x86_64/10.2/SRPMS/xine-lib-1.0-8.2.102mdk.src.rpm Mandrivalinux 2006.0: ad0dd01a46c84cb5ce8a28ce5710da28 2006.0/RPMS/libxine1-1.1.0-8.1.20060mdk.i586.rpm b63c878314d9d393a43082f1940fd063 2006.0/RPMS/libxine1-devel-1.1.0-8.1.20060mdk.i586.rpm 77404b4ea4908b51843f26b4face7a21 2006.0/RPMS/xine-aa-1.1.0-8.1.20060mdk.i586.rpm efec9d133963c8c8d1d052ea8d1a811d 2006.0/RPMS/xine-arts-1.1.0-8.1.20060mdk.i586.rpm bb1f5e764c4cc933659ebe7ba2c61d88 2006.0/RPMS/xine-dxr3-1.1.0-8.1.20060mdk.i586.rpm b74cffa6e5683afb50ed015555b2afe8 2006.0/RPMS/xine-esd-1.1.0-8.1.20060mdk.i586.rpm f8c48d2fc87e8f562754ce36dcf7f74a 2006.0/RPMS/xine-flac-1.1.0-8.1.20060mdk.i586.rpm b8f365ce839aa783637edd4687f89a64 2006.0/RPMS/xine-gnomevfs-1.1.0-8.1.20060mdk.i586.rpm 2fed4fcf4867293705de055f0b2095d3 2006.0/RPMS/xine-image-1.1.0-8.1.20060mdk.i586.rpm 7ee9724ef73423691f4c2622824d50e3 2006.0/RPMS/xine-plugins-1.1.0-8.1.20060mdk.i586.rpm 732ac66a4b4a8356c8afbfc6770ac6ac 2006.0/RPMS/xine-polyp-1.1.0-8.1.20060mdk.i586.rpm f4afb35e994c48af37529481df73df9c 2006.0/RPMS/xine-smb-1.1.0-8.1.20060mdk.i586.rpm f8551a36e839b1c284f157d042395477 2006.0/SRPMS/xine-lib-1.1.0-8.1.20060mdk.src.rpm Mandrivalinux 2006.0/X86_64: c9e6b7176514f797a6b4d444d630783e x86_64/2006.0/RPMS/lib64xine1-1.1.0-8.1.20060mdk.x86_64.rpm 9997e0b3a7712a94c98964d2a387d010 x86_64/2006.0/RPMS/lib64xine1-devel-1.1.0-8.1.20060mdk.x86_64.rpm 8c32b4302fe882f057cc307ef546356e x86_64/2006.0/RPMS/xine-aa-1.1.0-8.1.20060mdk.x86_64.rpm a18e2771a126b49d93d588d7ff57f22d x86_64/2006.0/RPMS/xine-arts-1.1.0-8.1.20060mdk.x86_64.rpm 188e16a6da35e64d77ef1007f770959e x86_64/2006.0/RPMS/xine-dxr3-1.1.0-8.1.20060mdk.x86_64.rpm cd4045af591254a68d48dbceb5885bc5 x86_64/2006.0/RPMS/xine-esd-1.1.0-8.1.20060mdk.x86_64.rpm 40c947de3d1df3e33a0f4c26f096b0c8 x86_64/2006.0/RPMS/xine-flac-1.1.0-8.1.20060mdk.x86_64.rpm cdd6293c4edc8751989f605eb4bb3f45 x86_64/2006.0/RPMS/xine-gnomevfs-1.1.0-8.1.20060mdk.x86_64.rpm 249af817e4dac7f580ef1d9614ec66da x86_64/2006.0/RPMS/xine-image-1.1.0-8.1.20060mdk.x86_64.rpm 4161debdffeaf757be1d97a28e9d7c02 x86_64/2006.0/RPMS/xine-plugins-1.1.0-8.1.20060mdk.x86_64.rpm 6c5c31192529ddca8794de618f4ce0f4 x86_64/2006.0/RPMS/xine-polyp-1.1.0-8.1.20060mdk.x86_64.rpm eb1a6c7e8297098dff9d2896f83f2f2f x86_64/2006.0/RPMS/xine-smb-1.1.0-8.1.20060mdk.x86_64.rpm f8551a36e839b1c284f157d042395477 x86_64/2006.0/SRPMS/xine-lib-1.1.0-8.1.20060mdk.src.rpm Corporate 3.0: e93f0caab04c2752c07faaff0f97922f corporate/3.0/RPMS/libxine1-1-0.rc3.6.5.C30mdk.i586.rpm b7cc7339b05df194eac9ef7a17878271 corporate/3.0/RPMS/xine-arts-1-0.rc3.6.5.C30mdk.i586.rpm 0e2cfe89dd82835669dcff0780923982 corporate/3.0/RPMS/xine-plugins-1-0.rc3.6.5.C30mdk.i586.rpm 8658f0c1e16ef59142cbe2c685043b26 corporate/3.0/SRPMS/xine-lib-1-0.rc3.6.5.C30mdk.src.rpm Corporate 3.0/X86_64: f43b406288771a962829e7b9686c2eba x86_64/corporate/3.0/RPMS/lib64xine1-1-0.rc3.6.5.C30mdk.x86_64.rpm aa294b88759a08022052f0bdff44ad6a x86_64/corporate/3.0/RPMS/xine-arts-1-0.rc3.6.5.C30mdk.x86_64.rpm 27247dc4bb05cef5bfbe97631b12de2e x86_64/corporate/3.0/RPMS/xine-plugins-1-0.rc3.6.5.C30mdk.x86_64.rpm 8658f0c1e16ef59142cbe2c685043b26 x86_64/corporate/3.0/SRPMS/xine-lib-1-0.rc3.6.5.C30mdk.src.rpm _______________________________________________________________________ To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFDTKgRmqjQ0CJFipgRAjRcAKDV7Nalb4u00rWeG25Tfm/0Plc0HQCfYKUA 2LWSLF4Xu7XaLivCNsmzOvA= =8Q5N -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/