From 7a61cfaeba686449903c7fb6bcac28227509b71a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Reinhard=20Ni=C3=9Fl?= Date: Sat, 28 Mar 2009 20:44:44 +0100 Subject: Fix calculation of frame duration for ffmpeg-decoded formats. --- ChangeLog | 1 + 1 file changed, 1 insertion(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index aada6125c..23a751f50 100644 --- a/ChangeLog +++ b/ChangeLog @@ -7,6 +7,7 @@ xine-lib (1.1.17) 2009-??-?? pause/resume freeze with pulseaudio). * Fix build with libavutil >= 50.0.0. * Fix segfaults when playing VCDs. + * Fix calculation of frame duration for ffmpeg-decoded formats. xine-lib (1.1.16.2) 2009-02-10 * Build fixes related to ImageMagick 6.4 & later. -- cgit v1.2.3 From 97cdf31e3a618e2b4dcbd5ddf79dd8bcfc3a6533 Mon Sep 17 00:00:00 2001 From: Darren Salt Date: Thu, 2 Apr 2009 03:54:35 +0100 Subject: ID3v2 tags with zero-length content are allowed. --- ChangeLog | 1 + 1 file changed, 1 insertion(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 23a751f50..5e7b0a6b5 100644 --- a/ChangeLog +++ b/ChangeLog @@ -8,6 +8,7 @@ xine-lib (1.1.17) 2009-??-?? * Fix build with libavutil >= 50.0.0. * Fix segfaults when playing VCDs. * Fix calculation of frame duration for ffmpeg-decoded formats. + * Don't assume that ID3v2 tags with no content mean "end of ID3 data". xine-lib (1.1.16.2) 2009-02-10 * Build fixes related to ImageMagick 6.4 & later. -- cgit v1.2.3 From 7e63be8ffb88c1fe981c7cf39c535a5553e35b31 Mon Sep 17 00:00:00 2001 From: Darren Salt Date: Sun, 8 Mar 2009 16:54:39 +0000 Subject: Fix another possible 4xm demuxer integer overflow. --HG-- extra : transplant_source : U%AF%FD%B5%60%27Y%7F%B5Q%F796%F7a%98%F0k%B8%EF --- ChangeLog | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 5e7b0a6b5..49e48990f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,4 +1,7 @@ xine-lib (1.1.17) 2009-??-?? + * Security fixes: + - Fix another possible int overflow in the 4XM demuxer. + (ref. TKADV2009-004, CVE-2009-0385) * Enable libmpeg2new (if configured with --enable-libmpeg2new). This is not yet production code; the old mpeg2 decoder remains the default. * Add support for OpenBSD. @@ -18,7 +21,8 @@ xine-lib (1.1.16.2) 2009-02-10 * Fix broken size checks in various input plugins (ref. CVE-2008-5239). * More malloc checking (ref. CVE-2008-5240). * Fix race conditions in gapless_switch (ref. kde bug #180339) - * Fix a possible integer overflow in the 4XM demuxer. (TKADV2009-004.txt) + * Fix a possible integer overflow in the 4XM demuxer. + (TKADV2009-004, CVE-2009-0385) xine-lib (1.1.16.1) 2009-01-11 * Fix build with older ffmpeg, both internal and in Debian 5.0. -- cgit v1.2.3 From 1e81086a8196e09868e3726609b322f6acfabd04 Mon Sep 17 00:00:00 2001 From: Darren Salt Date: Wed, 1 Apr 2009 02:49:51 +0100 Subject: Fix an integer overflow in the Quicktime demuxer. --HG-- extra : transplant_source : %AE%D3%DCw%0F%073h%5D%C0%B5%A7%BA%2B%95%81%95bT%D6 --- ChangeLog | 1 + 1 file changed, 1 insertion(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 49e48990f..b3c593fb6 100644 --- a/ChangeLog +++ b/ChangeLog @@ -2,6 +2,7 @@ xine-lib (1.1.17) 2009-??-?? * Security fixes: - Fix another possible int overflow in the 4XM demuxer. (ref. TKADV2009-004, CVE-2009-0385) + - Fix an integer overflow in the Quicktime demuxer. * Enable libmpeg2new (if configured with --enable-libmpeg2new). This is not yet production code; the old mpeg2 decoder remains the default. * Add support for OpenBSD. -- cgit v1.2.3 From 406edde7570e42ba439b1b2177616528277fe423 Mon Sep 17 00:00:00 2001 From: Darren Salt Date: Fri, 3 Apr 2009 16:29:00 +0100 Subject: 1.1.16.3. --- ChangeLog | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index b3c593fb6..0dba0df93 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,4 +1,4 @@ -xine-lib (1.1.17) 2009-??-?? +xine-lib (1.1.16.3) 2009-04-03 * Security fixes: - Fix another possible int overflow in the 4XM demuxer. (ref. TKADV2009-004, CVE-2009-0385) -- cgit v1.2.3