xine-lib/src/input, branch 1.1.16.3 xine-lib git mirror Add OpenBSD support to the CDDA, DVD & VCD input code. 2009-02-17T02:22:28+00:00 Brad Smith brad@comstyle.com 2009-02-17T02:22:28+00:00 2c0b408072017847e9cce1dd3c80d4866fe8e843 






Update documentation etc. to point at the new home page.
2009-02-17T01:02:00+00:00

Darren Salt
linux@youmustbejoking.demon.co.uk

2009-02-17T01:02:00+00:00

e554df7addfea632ef9ae4be09049f459710bbe6

--HG--
extra : transplant_source : %8D9%B3J%8E%DE%A1%81t%7E%A0%08%13%A4%AE%9C%EA.%C3%10





--HG--
extra : transplant_source : %8D9%B3J%8E%DE%A1%81t%7E%A0%08%13%A4%AE%9C%EA.%C3%10







Fix broken size checks in various input plugins (ref. CVE-2008-5239).
2009-02-10T17:17:50+00:00

Darren Salt
linux@youmustbejoking.demon.co.uk

2009-02-10T17:17:50+00:00

a0b9021d54dc9890da5f0c9bd26361db4556f6c2












Add allocation checks to the Real MDPR parsing code (ref. CVE-2008-5240).
2009-01-18T15:10:32+00:00

Darren Salt
linux@youmustbejoking.demon.co.uk

2009-01-18T15:10:32+00:00

bc748211f20d01fc344b8e7c3a5cd158668fbc62












Remove '#include "config.h"' from all public header files.
2009-01-18T00:21:47+00:00

Darren Salt
linux@youmustbejoking.demon.co.uk

2009-01-18T00:21:47+00:00

c8f8261d199af4956aeaf387b2fde41baf905f83

This requires that many other files include config.h themselves.
Also convert <config.h> to "config.h".





This requires that many other files include config.h themselves.
Also convert <config.h> to "config.h".







Avoid libtool running ldconfig (where not needed) at install time.
2009-01-17T14:30:50+00:00

Darren Salt
linux@youmustbejoking.demon.co.uk

2009-01-17T14:30:50+00:00

d462ef0ce04d5ca91cd008efecc37c2c1fa39bbb












Fix a broken size check in the pvr input plugin (ref. CVE-2008-5239).
2009-01-16T18:16:17+00:00

Darren Salt
linux@youmustbejoking.demon.co.uk

2009-01-16T18:16:17+00:00

cc96350ed25b072190267641a6af7974524b6d4e












Fixed lvalue cast error (build with newer mingw compilation tools).
2009-01-12T18:24:48+00:00

František Dvořák
valtri@civ.zcu.cz

2009-01-12T18:24:48+00:00

7e47a3180c08f2fcaa688ab33cae838d88d8ba0e












Merge security fixes.
2009-01-05T14:50:58+00:00

Darren Salt
linux@youmustbejoking.demon.co.uk

2009-01-05T14:50:58+00:00

5347abe5764b0a0ff3ef1d357ce9934a425758fa












Fix for CVE-2008-5239
2009-01-04T17:21:46+00:00

Matthias Hopf
mhopf@suse.de

2009-01-04T17:21:46+00:00

0c51806592bae19fbc4f1f6615e5b3f4cb8e7dc3

xine-lib 1.1.12, and other 1.1.15 and earlier versions, does not
properly handle (a) negative and (b) zero values during unspecified
read function calls in input_file.c, input_net.c, input_smb.c, and
input_http.c, which allows remote attackers to cause a denial of
service (crash) or possibly execute arbitrary code via vectors such as
(1) a file or (2) an HTTP response, which triggers consequences such
as out-of-bounds reads and heap-based buffer overflows.





xine-lib 1.1.12, and other 1.1.15 and earlier versions, does not
properly handle (a) negative and (b) zero values during unspecified
read function calls in input_file.c, input_net.c, input_smb.c, and
input_http.c, which allows remote attackers to cause a denial of
service (crash) or possibly execute arbitrary code via vectors such as
(1) a file or (2) an HTTP response, which triggers consequences such
as out-of-bounds reads and heap-based buffer overflows.