Slackware-10.2 ChangeLog (2005-10-10)
Mon Oct 10 15:15:24 PDT 2005
Packages
Upgraded to xine-lib-1.0.3a
- patches/packages/xine-lib-1.0.3a-i686-1.tgz
This fixes a format string bug where an attacker, if able to upload malicious
information to a CDDB server and then get a local user to play a certain
audio CD, may be able to run arbitrary code on the machine as the user
running the xine-lib linked application.
For more information, see:
http://xinehq.de/index.php/security/XSA-2005-1
(* Security fix *)