diff options
Diffstat (limited to 'ChangeLog')
| -rw-r--r-- | ChangeLog | 10 |
1 files changed, 7 insertions, 3 deletions
@@ -56,7 +56,11 @@ xine-lib (1.1.90) (Unreleased) active and thus it's no more usable. If you were using SyncFB somehow, please use DirectFB or VIDIX instead. -xine-lib (1.1.10) (unreleased) +xine-lib (1.1.10) 2008-01-26 + * Security fixes: + - Buffer overflow which allows a remote attacker to execute arbitrary + code or crash the client program via a crafted ASF header. + (Related to CVE-2006-1664) * Update Ogg and Annodex mimetypes and extensions. * Change the default v4l device paths to /dev/video0 and /dev/radio0. * Fix support for subtitles with schemes (e.g. http://), partly broken @@ -66,10 +70,10 @@ xine-lib (1.1.10) (unreleased) end authors should be careful with xine-lib older than 1.1.10. * Backported xine-config & libxine.pc from 1.2. Consequently, xine-config now requires pkg-config. - * Sanity-check ASF header sizes. This fixes a crash in the ASF demuxer, - caused by the example exploit given for CVE-2006-1664. * Don't discard audio samples forever. Fixed streaming playback. * Fix a possible crash on channel change in the DVB plugin. + * Flash video demuxer improvements and bug fixes. + * Make the V4L ALSA audio input device configurable. (This needs more work.) xine-lib (1.1.9.1) 2008-01-11 * Security fixes: |