VDB

GCVE-110-MAGEIA-2014-71

GCVE-110-MAGEIA-2014-71
Advisory Published
Vulnetix · Advisory published February 16, 2014
Due to flaws in the embedded copy of libDCR, a fork of dcraw.c, in the embedded copy of CxImage, opening a specially crafted photo file could trigger a division by zero, an infinite loop, or a null pointer dereference, resulting in a denial of service (CVE-2013-1438). This update fixes those flaws. XBMC is also updated to a newer bugfix-only release, version 12.3. It contains fixes to various issues, including: - several PVR related bugs - memory leaks - audio channel mapping - possible crash on progress dialog and more. Additionally, this update fixes a compatibility issue on Mageia 4 affecting AC-3 transcoding, which prevented, for example, multichannel playback of AAC 5.1 files over S/PDIF or stereo-only HDMI devices. The PVR addons have also been updated.

Affected Products

VendorProductVersionsPlatforms
Mageialibguestfs0 (affected), 1.24.5-1.1.mga4 (unaffected)
Mageiaxbmc0 (affected), 12.3-1.1.mga3 (unaffected), 0 (affected), 12.3-1.1.mga3 (unaffected)
Mageiaxbmc0 (affected), 12.3-1.1.mga4 (unaffected), 0 (affected), 12.3-1.1.mga4 (unaffected)

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›