summaryrefslogtreecommitdiff
path: root/ChangeLog
diff options
context:
space:
mode:
Diffstat (limited to 'ChangeLog')
-rw-r--r--ChangeLog13
1 files changed, 10 insertions, 3 deletions
diff --git a/ChangeLog b/ChangeLog
index 896855926..a13e43b4a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -66,11 +66,16 @@ xine-lib (1.1.10) (unreleased)
end authors should be careful with xine-lib older than 1.1.10.
* Backported xine-config & libxine.pc from 1.2.
Consequently, xine-config now requires pkg-config.
+ * Sanity-check ASF header sizes. This fixes a crash in the ASF demuxer,
+ caused by the example exploit given for CVE-2006-1664.
+ * Don't discard audio samples forever. Fixed streaming playback.
+ * Fix a possible crash on channel change in the DVB plugin.
xine-lib (1.1.9.1) 2008-01-11
* Security fixes:
- Buffer overflow which allows a remote attacker to execute arbitrary
- code via a crafted SDP Abstract attribute. (CVE-2008-0225)
+ code via a crafted SDP Abstract attribute.
+ (CVE-2008-0225, a.k.a. CVE-2008-0238)
(Fix ported from mplayer changeset 22821)
* Fix a read-past-end bug in xine-lib's internal strtok_r replacement.
(Only affects systems without strtok_r.) [Bug #19]
@@ -195,8 +200,9 @@ xine-lib (1.1.6) 2007-04-17
xine-lib (1.1.5) 2007-04-10
* Security fixes:
- - Fix heap overflow in DMO loader. (CVE-2007-1246) [Bug SF 1676925]
+ - Fix heap overflow in DMO and DirectShow loaders.
Thanks to Kees Cook for reporting.
+ (CVE-2007-1246 & CVE-2007-1387) [Bug SF 1676925]
* Improved PulseAudio plugin, now only one connection per instance is opened
and the mainloop is threaded to reduce latency during playback.
* Added XCB-based output plugins (Xv and XShm), to use in software using
@@ -316,8 +322,9 @@ xine-lib (1.1.4) 2007-01-28
xine-lib (1.1.3) 2006-12-03
* Security fixes:
- Heap overflow in libmms (related to CVE-2006-2200)
- - Buffer overrun in Real Media input plugin. [Bug SF 1603458]
+ - Buffer overrun in Real Media input plugin.
Thanks to Roland Kay for reporting and JW for the patch.
+ (CVE-2006-6172) [Bug SF 1603458]
* Update build system to support x86 Darwin setups, and merge patches to
support Darwin OS better.
* Replace custom ALSA check with pkg-config check, and make sure 0.9.0 is
generated by cgit v1.2.3 (git 2.25.1) at 2026-04-23 07:27:51 +0000