Add missing CVE nos.

1 files changed, 6 insertions, 3 deletions

diff --git a/ChangeLog b/ChangeLog
index 104778708..0442e5d2d 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -12,7 +12,8 @@ xine-lib (1.1.10) (unreleased)
 xine-lib (1.1.9.1) 2008-01-11
   * Security fixes:
     - Buffer overflow which allows a remote attacker to execute arbitrary
-      code via a crafted SDP Abstract attribute. (CVE-2008-0225)
+      code via a crafted SDP Abstract attribute.
+      (CVE-2008-0225, a.k.a. CVE-2008-0238)
       (Fix ported from mplayer changeset 22821)
   * Fix a read-past-end bug in xine-lib's internal strtok_r replacement.
     (Only affects systems without strtok_r.) [Bug #19]
@@ -137,8 +138,9 @@ xine-lib (1.1.6) 2007-04-17
 
 xine-lib (1.1.5) 2007-04-10
   * Security fixes:
-    - Fix heap overflow in DMO loader. (CVE-2007-1246) [Bug SF 1676925]
+    - Fix heap overflow in DMO and DirectShow loaders.
       Thanks to Kees Cook for reporting.
+      (CVE-2007-1246 & CVE-2007-1387) [Bug SF 1676925]
   * Improved PulseAudio plugin, now only one connection per instance is opened
     and the mainloop is threaded to reduce latency during playback.
   * Added XCB-based output plugins (Xv and XShm), to use in software using
@@ -258,8 +260,9 @@ xine-lib (1.1.4) 2007-01-28
 xine-lib (1.1.3) 2006-12-03
   * Security fixes:
     - Heap overflow in libmms (related to CVE-2006-2200)
-    - Buffer overrun in Real Media input plugin. [Bug SF 1603458]
+    - Buffer overrun in Real Media input plugin.
       Thanks to Roland Kay for reporting and JW for the patch.
+      (CVE-2006-6172) [Bug SF 1603458]
   * Update build system to support x86 Darwin setups, and merge patches to
     support Darwin OS better.
   * Replace custom ALSA check with pkg-config check, and make sure 0.9.0 is