diff options
| -rw-r--r-- | ChangeLog | 6 |
1 files changed, 5 insertions, 1 deletions
@@ -1,9 +1,13 @@ -xine-lib (1.1.15) 2008-??-?? +xine-lib (1.1.15) 2008-08-14 * Security fixes: - Fix crashes with various corrupted media files, including Ogg. (CVE-2008-3231) This includes a libfaad update from the 1.2 branch. - Delay V4L video frame preallocation until we know how large they'll be. + - Fix an exploitable ID3 heap buffer overflow. + - Check for possible buffer overflow attempts in the Real demuxer. + - Use size_t for data length variables where there may be int overflows. + - Add some checks for memory allocation failures. * Use external ffmpeg and libfaad by default. * V4L: Don't segfault if asked for an input that doesn't exist. * Recognise AMR audio (normally found in 3GP files). |