diff options
Diffstat (limited to 'ChangeLog')
| -rw-r--r-- | ChangeLog | 10 |
1 files changed, 9 insertions, 1 deletions
@@ -1,5 +1,4 @@ xine-lib (1.1.11) unreleased - * Fix a RealPlayer codec detection bug. * Reworked the plugin directory naming so that external plugins don't have to be rebuilt for every release. We now use a naming scheme based on the API/ABI versioning, checking older directories - with this release, the @@ -7,6 +6,15 @@ xine-lib (1.1.11) unreleased future release, 1.19 will still be available for external plugins. (Any directories not 1.* won't be looked in.) +xine-lib (1.1.10.1) 2008-02-07 + * Security fixes: + - Array index vulnerability which may allow remote attackers to execute + arbitrary code via a crafted FLAC tag, causing a stack buffer overflow. + (CVE-2008-0486) + * Fix a RealPlayer codec detection bug. + * Improve detection of MP3 streams with ID3v2 tags. Don't trust the tag + size. + xine-lib (1.1.10) 2008-01-26 * Security fixes: - Buffer overflow which allows a remote attacker to execute arbitrary |