diff options
| -rw-r--r-- | ChangeLog | 4 |
1 files changed, 4 insertions, 0 deletions
@@ -24,6 +24,10 @@ xine-lib (1.1.10.1) 2008-02-07 - Array index vulnerability which may allow remote attackers to execute arbitrary code via a crafted FLAC tag, causing a stack buffer overflow. (CVE-2008-0486) + - Buffer overflow in the Matroska demuxer (demuxers/demux_matroska.c) + which may allow remote attackers to cause a denial of service (crash) + or possibly execute arbitrary code via a Matroska file with invalid + frame sizes. (CVE-2008-1161) * Fix a RealPlayer codec detection bug. * Improve detection of MP3 streams with ID3v2 tags. Don't trust the tag size. |