diff options
| -rw-r--r-- | ChangeLog | 7 |
1 files changed, 6 insertions, 1 deletions
@@ -8,10 +8,16 @@ xine-lib (1.1.15) 2008-08-14 (CVE-2008-3231) This includes a libfaad update from the 1.2 branch. - Delay V4L video frame preallocation until we know how large they'll be. + (CVE-2008-5245) - Fix an exploitable ID3 heap buffer overflow. + (CVE-2008-5234, vector 2) - Check for possible buffer overflow attempts in the Real demuxer. + (CVE-2008-5235) - Use size_t for data length variables where there may be int overflows. - Add some checks for memory allocation failures. + (CVE-2008-5233) + - Fix crashes with MP3 files with metadata consisting only of separators. + (CVE-2008-5248) * Use external ffmpeg and libfaad by default. * V4L: Don't segfault if asked for an input that doesn't exist. * Recognise AMR audio (normally found in 3GP files). @@ -21,7 +27,6 @@ xine-lib (1.1.15) 2008-08-14 others, there would be no problem. * V4L: only try and set the tuner if we're going to use it. Setting the tuner when using baseband video (CVBS, S-Video) breaks the input. - * Fix crashes with MP3 files with metadata consisting only of separators. xine-lib (1.1.14) 2008-06-29 * DVB changes: |