Jump to content
Compatible Support Forums
Sign in to follow this  
Followers 0
news

[Security Announce] [ MDVA-2008:148 ] pulseaudio

By news, in Upcoming News

Recommended Posts

news    28

news
Posted

This is a multi-part message in MIME format...

 

------------=_1224264916-14940-871

 

 

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

 

_______________________________________________________________________

 

Mandriva Linux Advisory MDVA-2008:148

http://www.mandriva.com/security/

_______________________________________________________________________

 

Package : pulseaudio

Date : October 17, 2008

Affected: 2009.0

_______________________________________________________________________

 

Problem Description:

 

Some issues relating to thread cancellation have been discovered in

the pulseaudio package shipped with Mandriva Linux 2009.0.

 

These issues could result in the crash of an application acting as

a pulseaudio client. This condition is greatly exacerbated when

the client is unable to connect to the pulseaudio server. Due to

the fact that libcanberra is used to play event sounds in GTK apps,

this problem could present itself when running GTK applications as

root which, under some circumstances, was unable to connect to the

user's pulseaudio daemon.

 

The problems were traced to the use of libasycns in pulseaudio and

this updated package is compiled without support for this library

(it is not essential to pulseaudio operation).

 

In addition, the version of pulseaudio shipped in Mandriva Linux

2009.0 used wallclock time to determine when a misbehaving daemon

was overloading the CPU (under which circumstances the daemon

terminated). This can cause problems when the time is changed manually

or when daylight savings kick in. This package also contains an

upstream fix to use monotonic time which does not suffer from this

limitation.

_______________________________________________________________________

 

Updated Packages:

 

Mandriva Linux 2009.0:

12633635b2129cf2a6f8bbc3c6047d4c 2009.0/i586/libpulseaudio0-0.9.10-11.1mdv2009.0.i586.rpm

13737f25178cb2beb245a1cacf54b716 2009.0/i586/libpulseaudio-devel-0.9.10-11.1mdv2009.0.i586.rpm

1ff92b8b63d752b0751f1dbbd7180ba9 2009.0/i586/libpulsecore5-0.9.10-11.1mdv2009.0.i586.rpm

3b58fc81356044c00450bf75b356320f 2009.0/i586/libpulseglib20-0.9.10-11.1mdv2009.0.i586.rpm

8e6d2426bedfb5f60a48968594f93075 2009.0/i586/libpulsezeroconf0-0.9.10-11.1mdv2009.0.i586.rpm

411827da489d8d121f2b01d30ad6bffa 2009.0/i586/pulseaudio-0.9.10-11.1mdv2009.0.i586.rpm

d72407fd2e3c744a71898a8fa0ed6b2f 2009.0/i586/pulseaudio-esound-compat-0.9.10-11.1mdv2009.0.i586.rpm

ebd6b99e3cbe19ab3b5a3692b3e2b997 2009.0/i586/pulseaudio-module-bluetooth-0.9.10-11.1mdv2009.0.i586.rpm

27d74a77b68dceebc35a39560d7a157f 2009.0/i586/pulseaudio-module-gconf-0.9.10-11.1mdv2009.0.i586.rpm

a9a708963b5601dc64c05ebc3e16ffed 2009.0/i586/pulseaudio-module-jack-0.9.10-11.1mdv2009.0.i586.rpm

acf004578c66cad201e355d606803763 2009.0/i586/pulseaudio-module-lirc-0.9.10-11.1mdv2009.0.i586.rpm

d61eb7b5c37b331cca6aa8c5fc1325d2 2009.0/i586/pulseaudio-module-x11-0.9.10-11.1mdv2009.0.i586.rpm

ce06c8fac515d1edde566efe863750df 2009.0/i586/pulseaudio-module-zeroconf-0.9.10-11.1mdv2009.0.i586.rpm

8ba95806b7d516510cc5ace7d4964c96 2009.0/i586/pulseaudio-utils-0.9.10-11.1mdv2009.0.i586.rpm

b6731cfa1df648c0c717679e0975b4e1 2009.0/SRPMS/pulseaudio-0.9.10-11.1mdv2009.0.src.rpm

 

Mandriva Linux 2009.0/X86_64:

a5df3e0dd8c0dd441ab3098ff474fc1f 2009.0/x86_64/lib64pulseaudio0-0.9.10-11.1mdv2009.0.x86_64.rpm

4f829cafb53e8df9cbe226c371b5b892 2009.0/x86_64/lib64pulseaudio-devel-0.9.10-11.1mdv2009.0.x86_64.rpm

1d80e7b903949bde47637e38c8d2ed07 2009.0/x86_64/lib64pulsecore5-0.9.10-11.1mdv2009.0.x86_64.rpm

077a7e453658baf907f31505304838cc 2009.0/x86_64/lib64pulseglib20-0.9.10-11.1mdv2009.0.x86_64.rpm

aa98a5e5086a3aa371160b0730b46aec 2009.0/x86_64/lib64pulsezeroconf0-0.9.10-11.1mdv2009.0.x86_64.rpm

7f1385e58281c648a111c07548550121 2009.0/x86_64/pulseaudio-0.9.10-11.1mdv2009.0.x86_64.rpm

a40b48f0bfd0ef80fdb7fc8cafa89d71 2009.0/x86_64/pulseaudio-esound-compat-0.9.10-11.1mdv2009.0.x86_64.rpm

63d3c5573eff6e9713f3ae6d60176e7d 2009.0/x86_64/pulseaudio-module-bluetooth-0.9.10-11.1mdv2009.0.x86_64.rpm

bbc08bef5b00369265f469366fe223b7 2009.0/x86_64/pulseaudio-module-gconf-0.9.10-11.1mdv2009.0.x86_64.rpm

d7385a7e353c1b8966a4150ee69ad077 2009.0/x86_64/pulseaudio-module-jack-0.9.10-11.1mdv2009.0.x86_64.rpm

e7d70207fb255fa02dd01992544e0aec 2009.0/x86_64/pulseaudio-module-lirc-0.9.10-11.1mdv2009.0.x86_64.rpm

570894058d006f82e610a8634ef3cbfc 2009.0/x86_64/pulseaudio-module-x11-0.9.10-11.1mdv2009.0.x86_64.rpm

9ba103e31a8bed1116ab4211f6b84601 2009.0/x86_64/pulseaudio-module-zeroconf-0.9.10-11.1mdv2009.0.x86_64.rpm

7d92e4c10d26318b0da6b0354f06118e 2009.0/x86_64/pulseaudio-utils-0.9.10-11.1mdv2009.0.x86_64.rpm

b6731cfa1df648c0c717679e0975b4e1 2009.0/SRPMS/pulseaudio-0.9.10-11.1mdv2009.0.src.rpm

_______________________________________________________________________

 

To upgrade automatically use MandrivaUpdate or urpmi. The verification

of md5 checksums and GPG signatures is performed automatically for you.

 

All packages are signed by Mandriva for security. You can obtain the

GPG public key of the Mandriva Security Team by executing:

 

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 

You can view other update advisories for Mandriva Linux at:

 

http://www.mandriva.com/security/advisories

 

If you want to report vulnerabilities, please contact

 

security_(at)_mandriva.com

_______________________________________________________________________

 

Type Bits/KeyID Date User ID

pub 1024D/22458A98 2000-07-10 Mandriva Security Team

 

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.9 (GNU/Linux)

 

iD8DBQFI+KKimqjQ0CJFipgRApp7AJ9qEHDq3HBBKrsqoyoSzvVxS53DzACgpD5A

8Rm1Y0sTaIMSlGB3vtuZGoQ=

=KxRm

-----END PGP SIGNATURE-----

 

 

------------=_1224264916-14940-871

Content-Type: text/plain; name="message-footer.txt"

Content-Disposition: inline; filename="message-footer.txt"

Content-Transfer-Encoding: 8bit

 

To unsubscribe, send a email to sympa ( -at -) mandrivalinux.org

with this subject : unsubscribe security-announce

_______________________________________________________

Want to buy your Pack or Services from Mandriva?

Go to http://www.mandrivastore.com

Join the Club : http://www.mandrivaclub.com

_______________________________________________________

 

------------=_1224264916-14940-871--

 

 

Share this post

Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  
Followers 0
Go To Topic Listing Upcoming News
×