Openwall Project   /home  Owl  JtR  Pro  crypt  pam_passwdqc  tcb  phpass  scanlogd  popa3d  msulogin  /  Linux  BIND  /  advisories  presentations  /  services  donations  /  wordlists  passwords  /  news  community  lists  wiki  CVSweb  mirrors  signatures
bringing security into open environments
 
Password Recovery Resources on the Net
[<prev] [next>] [thread-next>] [month] [year] [list] 
Date: Tue, 19 Aug 2008 16:12:15 +0200
From: Marcus Meissner <meissner@...e.de>
To: oss-security@...ts.openwall.com
Subject: swfdec 0.6.8 stable update

Hi,

Wonder if we should track updates for swfdec. The 0.6.8 announcement
looks like it at least fixes several Denial of Service problems:

http://lists.freedesktop.org/archives/swfdec/2008-July/001801.html

	swfdec-0.6.8 ("Mario Rush")
	http://swfdec.freedesktop.org/download/swfdec/0.6/swfdec-0.6.8.tar.gz
	MD5: 740caf52068556ffe151703342fb634b

	Changes:
	- fix a crash when decoding 1x1 JPEG images
	- fix a crash in XMLSocket.send
	- fix crashes when FLV decoding was aborted
	- fix a crash in exception handling code
	- fix some infinite loops with prototype loops
	- fix crasher when handling broken dates
	- fix crashers with native constructors found in testing
	- compatibility fixes: compile with gold linker, make includes work from C++

(SUSE at least is shipping swfdec.)

Ciao, Marcus

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Hosted by DataForce ISP - Powered by Openwall GNU/*/Linux