Advisories MDKSA-2007:062: Updated xine-lib packages to address buffer overflow vulnerability

[paul]

The DS_VideoDecoder_Open function in DirectShow/DS_VideoDecoder.c in

xine-lib does not set the biSize before use in a memcpy, which allows

user-assisted remote attackers to cause a buffer overflow and possibly

execute arbitrary code.

 

Updated packages have been patched to address this issue.