[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[plamo:29073] Re: xine-lib,CUPS(CUPS-1.3.7アップロード)
-
From:名倉昭一
-
Date:Sun, 6 Apr 2008 17:32:43 +0900 (JST)
- Subject: [plamo:29073] Re: xine-lib,CUPS(CUPS-1.3.7アップロード)
- From: 名倉昭一<nagura-s@xxxxxxxxxxxx>
- Date: Sun, 06 Apr 2008 17:32:40 +0900
名倉@自己レス です。
> > 加藤泰文です.
> >
> > 関係ありそうな (未確認ですが) セキュリティホール情報を.
> >
> > xine-lib "sdpplin_parse()" Array Indexing Vulnerability
> > http://secunia.com/advisories/28694/
> >
> > CUPS CGI Buffer Overflow Vulnerability
> > http://secunia.com/advisories/29431/
> >
> > どちらも新しいバージョンが出ている,ってことはなさそうです.
>
> xine は 1.1.11が出ています。 以下xineホームページのコピー
>
> Latest News
> 19.03.2008 xine-lib 1.1.11
> A new xine-lib version is now available.
> This release contains a security fix (array index vulnerability, CVE-2008-0073).
> There are also a few bug fixes; we've also made sure that it's compilable against
> current ffmpeg SVN as well as older versions.
> Please check the release notes for details.
> Download it from our download page.
>
> CUPSは1.3.5で見つかったようですが?最新版は1.3.6なので????様子見。
> >
> > --
> > ==============================================
> > (((( 加藤泰文
> > ○-○ karma @ jazz.email.ne.jp
> > ==============================================
> > (Web Page) http://www.ne.jp/asahi/ka/to/
> > ==============================================
30.03.2008 xine-lib 1.1.11.1
A new xine-lib version is now available.
This release contains a security fix (integer overflow, possibly leading to buffer overflow, CVE-2008-1482).
There are also a few bug fixes, and yet another copy-and-paste announcement.
Please check the release notes for details.
Download it from our download page.
There's a known bug in Quicktime & ISO Media container handling. This patch fixes it.
xine は 1.1.11.1までいってるようですが
CUPSの印刷確認しましたので
CUPS-1.3.7-i386-P1.tgz をPlamo-test/for-4.2xに置きました。
Plamo-4.22RC1(qvwm + seamonkey-1.1.9) な ECS 741Gx-m + EPSON PM740C で
JR東海トップページを印刷し全角文字印字を確認しました。
以下はCUPS-1.3.7 CHANGES.txtの抜粋です。
root@mb860:/u5/plamopack/cups/cups-1.3.7# cat CHANGES.txt
CHANGES.txt - 2008-04-01
------------------------
CHANGES IN CUPS V1.3.7
- CVE-2008-0047: cgiCompileSearch buffer overflow (STR #2729)
- CVE-2008-1373: CUPS GIF image filter overflow (STR #2765)
- Updated the "make check" tests to do a more thorough
automated test.
- Follow-Ups
-
- [plamo:29076] Re: xine-lib(xine_lib-1.1.11.1アップロード),CUPS, 名倉昭一
[検索ページ]
[メール一覧]
Plamo ML 公開システム