diff options
| -rw-r--r-- | ChangeLog | 7 |
1 files changed, 5 insertions, 2 deletions
@@ -1,4 +1,8 @@ xine-lib (1.1.10) (unreleased) + * Security fixes: + - Buffer overflow which allows a remote attacker to execute arbitrary + code or crash the client program via a crafted ASF header. + (Related to CVE-2006-1664) * Update Ogg and Annodex mimetypes and extensions. * Change the default v4l device paths to /dev/video0 and /dev/radio0. * Fix support for subtitles with schemes (e.g. http://), partly broken @@ -8,10 +12,9 @@ xine-lib (1.1.10) (unreleased) end authors should be careful with xine-lib older than 1.1.10. * Backported xine-config & libxine.pc from 1.2. Consequently, xine-config now requires pkg-config. - * Sanity-check ASF header sizes. This fixes a crash in the ASF demuxer, - caused by the example exploit given for CVE-2006-1664. * Don't discard audio samples forever. Fixed streaming playback. * Fix a possible crash on channel change in the DVB plugin. + * Flash video demuxer improvements and bug fixes. xine-lib (1.1.9.1) 2008-01-11 * Security fixes: |