From 422e592707e4ffca39528d6e349357adb2d55c96 Mon Sep 17 00:00:00 2001 From: Darren Salt Date: Thu, 14 Aug 2008 22:16:47 +0100 Subject: xine-lib 1.1.15. --- ChangeLog | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index e2251597e..3368747fb 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,9 +1,13 @@ -xine-lib (1.1.15) 2008-??-?? +xine-lib (1.1.15) 2008-08-14 * Security fixes: - Fix crashes with various corrupted media files, including Ogg. (CVE-2008-3231) This includes a libfaad update from the 1.2 branch. - Delay V4L video frame preallocation until we know how large they'll be. + - Fix an exploitable ID3 heap buffer overflow. + - Check for possible buffer overflow attempts in the Real demuxer. + - Use size_t for data length variables where there may be int overflows. + - Add some checks for memory allocation failures. * Use external ffmpeg and libfaad by default. * V4L: Don't segfault if asked for an input that doesn't exist. * Recognise AMR audio (normally found in 3GP files). -- cgit v1.2.3