The remote host is missing an update to xine-lib announced via advisory FEDORA-2009-0483.
Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update xine-lib' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-0483
Update Information: This updates xine-lib to the upstream 1.1.16 release. This fixes several bugs, including the security issues CVE-2008-5234 vector 1, CVE-2008-5236, CVE-2008-5237, CVE-2008-5239, CVE-2008-5240 vectors 3 & 4 and CVE-2008-5243. See http://sourceforge.net/project/shownotes.php?release_id=652075&group_id=9655 for the full list of changes. In addition, the Fedora xine-lib package now includes the demuxers for the MPEG container format, which are not patent-encumbered. (The decoders for actual MPEG video and audio data are still excluded due to software patents.) ChangeLog: * Wed Jan 7 2009 Rex Dieter - 1.1.16-1 - xine-lib-1.1.16, plugin ABI 1.25 - --with-external-libdvdnav, include mpeg demuxers (#213597) * Fri Dec 12 2008 Rex Dieter - 1.1.15-4 - rebuild for pkgconfig deps
Updated on 2015-03-25
CVE CVE-2008-5234, CVE-2008-5236, CVE-2008-5237, CVE-2008-5239, CVE-2008-5240, CVE-2008-5243
CVSS Base Score: 10.0