--------------------------------------------------------------------------- Peachtree Linux Security Notice PLSN-0003 April 20, 2005 Remote buffer overflow and possible code execution in mplayer http://www.mplayerhq.hu/homepage/design7/news.html#vuln10 http://www.mplayerhq.hu/homepage/design7/news.html#vuln11 --------------------------------------------------------------------------- The following Peachtree Linux releases are affected: Peachtre Linux release 1 ("Atlanta") Description: http://www.mplayerhq.hu/homepage/design7/news.html#vuln10: A buffer overflow vulnerability exists in the RTSP stream module, which could allow a malicious RealMedia server to execute arbitrary code. http://www.mplayerhq.hu/homepage/design7/news.html#vuln11: A buffer overflow vulnerability exists in the MMST stream module, which could allow malicious servers of MMS or TCP streams to execute arbitrary code. Packages: alpha MPlayer did not ship in rel1 for Alpha. Alpha is not affected by this vulnerability, and therefore no update is provided. i386 4e71851034e4263a12f9000bdc3c461e mplayer-1.0pre7.i686.dist ppc 901e0de5cc04cdddf94ff1cad9521776 mplayer-1.0pre7.ppc.dist Solution: Download the appropriate package for your release of Peachtree Linux. Upgrade your system to the new package: distadd -u packagename Where package name is the name of the package file from the list above. -- Peachtree Linux Security Team http://peachtree.burdell.org/
Attachment:
pgpRPzR6Fp3GF.pgp
Description: PGP signature