XV Image Decoders Multiple Unspecified Input Validation Vulnerabilities

XV Image Decoders Multiple Unspecified Input Validation Vulnerabilities

Solution:
Gentoo Linux has released advisory GLSA 200504-17 dealing with this and other issues. Gentoo advises that all XV users should upgrade to the latest version by executing the following commands with superuser privileges:

emerge --sync
emerge --ask --oneshot --verbose ">=media-gfx/xv-3.10a-r11"

For more information, please see the referenced Gentoo Linux advisory.

Slackware Linux has released advisory SSA:2005-195-02, along with fixes to address various issues. Please see the referenced advisory for further information.

John Bradley XV 3.10 a

Slackware xv-3.10a-i386-4.tgz
Slackware 8.1
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/x v-3.10a-i386-4.tgz

Slackware xv-3.10a-i386-4.tgz
Slackware 9.0
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/x v-3.10a-i386-4.tgz

Slackware xv-3.10a-i486-4.tgz
Slackware 10.0
ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/ xv-3.10a-i486-4.tgz

Slackware xv-3.10a-i486-4.tgz
Slackware 10.1
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/ xv-3.10a-i486-4.tgz

Slackware xv-3.10a-i486-4.tgz
Slackware 9.1
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/x v-3.10a-i486-4.tgz

Slackware xv-3.10a-i486-4.tgz
Slackware -current
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/ xv-3.10a-i486-4.tgz