From 8f725b5644ac910294fbe28929ddc98cd1d2ad38 Mon Sep 17 00:00:00 2001
From: Darren Salt <linux@youmustbejoking.demon.co.uk>
Date: Mon, 5 Jan 2009 14:50:15 +0000
Subject: Changelog updates.

---
 ChangeLog | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index bb9c629f1..d625fd78a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,7 +1,15 @@
 xine-lib (1.1.16) 2008-??-??
   * Security fixes:
+    - Heap overflow in Quicktime atom parsing.                 (CVE-2008-5234)
+    - Multiple buffer overflows.                               (CVE-2008-5236)
+    - Multiple integer overflows.                              (CVE-2008-5237)
+    - Unchecked or incompletely-checked read function results. (CVE-2008-5239)
+    - Unchecked malloc using untrusted values.                 (CVE-2008-5240)
+    - Buffer indexing using untrusted or unchecked values.     (CVE-2008-5243)
     - Integer overflows in the ffmpeg audio decoder and the CDDA server.
     - Heap buffer overflow in the ffmpeg video decoder.
+    - Avoid segfault on invalid track type in Matroska files.
+    - Avoid underflow (compressed atoms) in the Qt demuxer.
   * Fix reported compilation failures (with C++ programs).
   * Fix CDDB access in 64-bit builds.
 
-- 
cgit v1.2.3