Fix a buffer overflow in the RTSP header-handling code.

CVE-2008-0225; ported from mplayer changeset 22821.
author: Darren Salt <linux@youmustbejoking.demon.co.uk> 2008-01-11 13:49:08 +0000
committer: Darren Salt <linux@youmustbejoking.demon.co.uk> 2008-01-11 13:49:08 +0000
commit: f3e691cf556bd4ad1338f222ffcf5eaecafd6a24 (patch)
tree: e2caa09dab36cbf448d998255688c51d570eb14c /ChangeLog
parent: ff41358936294b3522429eaecc15edeba1bc1880 (diff)
download: xine-lib-f3e691cf556bd4ad1338f222ffcf5eaecafd6a24.tar.gz
xine-lib-f3e691cf556bd4ad1338f222ffcf5eaecafd6a24.tar.bz2
1 files changed, 3 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index 89c0beddb..ab355ba75 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,4 +1,7 @@
 xine-lib (1.1.9.1) (unreleased)
+  * Security fixes:
+    - Fix a buffer overflow in RTSP header-handling code. (CVE-2008-0225)
+      (Fix ported from mplayer changeset 22821)
   * Fix a read-past-end bug in xine-lib's internal strtok_r replacement.
     (Only affects systems without strtok_r.) [Bug #19]
author	Darren Salt <linux@youmustbejoking.demon.co.uk>	2008-01-11 13:49:08 +0000
committer	Darren Salt <linux@youmustbejoking.demon.co.uk>	2008-01-11 13:49:08 +0000
commit	f3e691cf556bd4ad1338f222ffcf5eaecafd6a24 (patch)
tree	e2caa09dab36cbf448d998255688c51d570eb14c /ChangeLog
parent	ff41358936294b3522429eaecc15edeba1bc1880 (diff)
download	xine-lib-f3e691cf556bd4ad1338f222ffcf5eaecafd6a24.tar.gz xine-lib-f3e691cf556bd4ad1338f222ffcf5eaecafd6a24.tar.bz2