Mandriva: Updated xine-lib packages fix vulnerability in

Tags

mandriva, packages, security

Special Forums Cybersecurity Security Advisories (RSS) Mandriva: Updated xine-lib packages fix vulnerability in

06-27-2008

Registered User

26,240, 27

Join Date: Sep 2000

Last Activity: 1 August 2008, 3:09 PM EDT

Posts: 26,240

Thanks Given: 0

Thanked 27 Times in 26 Posts

Mandriva: Updated xine-lib packages fix vulnerability in

LinuxSecurity.com: A vulnerability in the Speex library was found where it did not properly validate input values read from the Speex files headers. An attacker could create a malicious Speex file that would crash an application or potentially allow the execution of arbitrary code with the privileges of the application calling the Speex library (CVE-2008-1686).

More...

Linux Bot

View Public Profile for Linux Bot

Find all posts by Linux Bot

Previous Thread | Next Thread

LEARN ABOUT DEBIAN

speexdec

SPEEXDEC(1)							   User Commands						       SPEEXDEC(1)

NAME

       speexdec - The reference implementation speex decoder.

SYNOPSIS

       speexdec [options] input_file.spx [output_file]

DESCRIPTION

       Decodes a Speex file and produce a WAV file or raw file

   input_file can be:
       filename.spx
	      regular Speex file

       -      stdin

   output_file can be:
       filename.wav
	      Wav file

       filename.*
	      Raw PCM file (any extension other that .wav)

       -      stdout

       (nothing)
	      Will be played to soundcard

OPTIONS

       --enh  Enable perceptual enhancement (default)

       --no-enh
	      Disable perceptual enhancement

       --force-nb
	      Force decoding in narrowband

       --force-wb
	      Force decoding in wideband

       --force-uwb
	      Force decoding in ultra-wideband

       --mono Force decoding in mono

       --stereo
	      Force decoding in stereo

       --rate n
	      Force decoding at sampling rate n Hz

       --packet-loss n
	      Simulate n % random packet loss

       -V     Verbose mode (show bit-rate)

       -h, --help
	      This help

       -v, --version
	      Version information

       --pf   Deprecated, use --enh instead

       --no-pf
	      Deprecated, use --no-enh instead

       More information is available from the Speex site: http://www.speex.org

       Please report bugs to the mailing list `speex-dev@xiph.org'.

COPYRIGHT

       Copyright (C) 2002 Jean-Marc Valin

speexdec version 1.1						  September 2003						       SPEEXDEC(1)