Gentoo Linux Security Advisory GLSA 200408-18 – xine-lib contains a bug where it is possible to overflow the vcd:// input source identifier management buffer through carefully crafted playlists. Versions 1_rc5-r2 and below are affected.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/34086/glsa-200408-18.txt
Source: https://packetstormsecurity.com/files/34086/Gentoo-Linux-Security-Advisory-200408-18.html