diff options
| -rw-r--r-- | ChangeLog | 3 |
1 files changed, 2 insertions, 1 deletions
@@ -4,7 +4,8 @@ xine-lib (1.1.10) (unreleased) xine-lib (1.1.9.1) * Security fixes: - - Fix a buffer overflow in RTSP header-handling code. (CVE-2008-0225) + - Buffer overflow which allows a remote attacker to execute arbitrary + code via a crafted SDP Abstract attribute. (CVE-2008-0225) (Fix ported from mplayer changeset 22821) * Fix a read-past-end bug in xine-lib's internal strtok_r replacement. (Only affects systems without strtok_r.) [Bug #19] |