From a9cbcc9a321b8baaf71b9a19d2b8ffde4390c6f9 Mon Sep 17 00:00:00 2001 From: Simon Farnsworth Date: Wed, 23 Jul 2008 11:13:20 +0100 Subject: Xv deinterlacing was looking at the input image size, not the output image size. This works fine on some chipsets, but on others, it causes image corruption. --- ChangeLog | 3 +++ 1 file changed, 3 insertions(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index b70acf6b0..868ee38e6 100644 --- a/ChangeLog +++ b/ChangeLog @@ -3,6 +3,9 @@ xine-lib (1.1.15) 2008-??-?? * V4L: Don't segfault if asked for an input that doesn't exist * Recognise AMR audio (normally found in 3GP files). * Recognise Snow video. + * Xv deinterlacing didn't take the size of the deinterlaced image into + account; on some chipsets, this would cause image corruption, while on + others, there would be no problem. xine-lib (1.1.14) 2008-06-29 * DVB changes: -- cgit v1.2.3 From a5d25b426a852306d74c4e4ecf39b1e3de289945 Mon Sep 17 00:00:00 2001 From: Simon Farnsworth Date: Mon, 28 Jul 2008 17:14:41 +0100 Subject: Preallocate after we know how large the frames will be (fixes a buffer overrun) --- ChangeLog | 2 ++ 1 file changed, 2 insertions(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 868ee38e6..f0066718d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -6,6 +6,8 @@ xine-lib (1.1.15) 2008-??-?? * Xv deinterlacing didn't take the size of the deinterlaced image into account; on some chipsets, this would cause image corruption, while on others, there would be no problem. + * V4L changes: + - Delay preallocating video frames until we know how large they'll be xine-lib (1.1.14) 2008-06-29 * DVB changes: -- cgit v1.2.3 From 785fb4931f9d50716810cb4cc2355133fb37b462 Mon Sep 17 00:00:00 2001 From: Simon Farnsworth Date: Mon, 28 Jul 2008 17:17:39 +0100 Subject: Only set the tuner if we're going to use it (fixes baseband video inputs) --- ChangeLog | 2 ++ 1 file changed, 2 insertions(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index f0066718d..274b18dda 100644 --- a/ChangeLog +++ b/ChangeLog @@ -8,6 +8,8 @@ xine-lib (1.1.15) 2008-??-?? others, there would be no problem. * V4L changes: - Delay preallocating video frames until we know how large they'll be + - Only try and set the tuner if we're going to use it. Setting the tuner + when using baseband video (CVBS, S-Video) breaks the input. xine-lib (1.1.14) 2008-06-29 * DVB changes: -- cgit v1.2.3 From 5be02c29c6239586e40a5d3296001302b5d6ab1a Mon Sep 17 00:00:00 2001 From: Darren Salt Date: Wed, 6 Aug 2008 22:09:07 +0100 Subject: Fix crashes with fuzzed Windows Media files. --HG-- extra : transplant_source : %92%2C%CB%01S%25N%22%E1%00%FB%19%B0%CE5%1BU%F9%F6%0A --- ChangeLog | 1 + 1 file changed, 1 insertion(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 274b18dda..8597e588f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -10,6 +10,7 @@ xine-lib (1.1.15) 2008-??-?? - Delay preallocating video frames until we know how large they'll be - Only try and set the tuner if we're going to use it. Setting the tuner when using baseband video (CVBS, S-Video) breaks the input. + * Fix crashes with fuzzed Windows Media files. xine-lib (1.1.14) 2008-06-29 * DVB changes: -- cgit v1.2.3 From a3feefee20a86e152fa29531d9bb2eaa70e586bf Mon Sep 17 00:00:00 2001 From: Darren Salt Date: Wed, 6 Aug 2008 22:13:35 +0100 Subject: Fix crashes with MP3 files with metadata consisting only of separators. --HG-- extra : transplant_source : %24%60%04%A8n%E9%86%FD%B6e8%F9%9C%88%A6%8FR%C2%BBP --- ChangeLog | 1 + 1 file changed, 1 insertion(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 8597e588f..b3dc760ff 100644 --- a/ChangeLog +++ b/ChangeLog @@ -10,6 +10,7 @@ xine-lib (1.1.15) 2008-??-?? - Delay preallocating video frames until we know how large they'll be - Only try and set the tuner if we're going to use it. Setting the tuner when using baseband video (CVBS, S-Video) breaks the input. + * Fix crashes with MP3 files with metadata consisting only of separators. * Fix crashes with fuzzed Windows Media files. xine-lib (1.1.14) 2008-06-29 -- cgit v1.2.3 From afa345a236a04cb2526fa9350b1767fdd9972fcf Mon Sep 17 00:00:00 2001 From: Darren Salt Date: Thu, 7 Aug 2008 14:03:52 +0100 Subject: Fix crashes with fuzzed Ogg files. (CVE-2008-3231) --HG-- extra : transplant_source : %9F%E8R%D8%94R%9CJ%7F%5E%A7%DB%29%0DK%CD%CA%AD%7F%08 --- ChangeLog | 2 ++ 1 file changed, 2 insertions(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index b3dc760ff..0482c3b93 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,4 +1,6 @@ xine-lib (1.1.15) 2008-??-?? + * Security fixes: + - Fix crashes with corrupted Ogg files. (CVE-2008-3231) * Use external ffmpeg by default. * V4L: Don't segfault if asked for an input that doesn't exist * Recognise AMR audio (normally found in 3GP files). -- cgit v1.2.3 From 8d62edd3e97c028aa15ed9504f182d7dc64b59d4 Mon Sep 17 00:00:00 2001 From: Darren Salt Date: Thu, 7 Aug 2008 14:08:06 +0100 Subject: Rearrange changelog entries for 1.1.15 wrt security issues. --HG-- extra : transplant_source : %1A%0Fu%1062y%F6I%0A%AF%97%85%3Fr%F6%17%20%01W --- ChangeLog | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 0482c3b93..b5bb357f7 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,19 +1,18 @@ xine-lib (1.1.15) 2008-??-?? * Security fixes: - Fix crashes with corrupted Ogg files. (CVE-2008-3231) + - Fix crashes with fuzzed Windows Media files. + - Delay V4L video frame preallocation until we know how large they'll be. * Use external ffmpeg by default. - * V4L: Don't segfault if asked for an input that doesn't exist + * V4L: Don't segfault if asked for an input that doesn't exist. * Recognise AMR audio (normally found in 3GP files). * Recognise Snow video. * Xv deinterlacing didn't take the size of the deinterlaced image into account; on some chipsets, this would cause image corruption, while on others, there would be no problem. - * V4L changes: - - Delay preallocating video frames until we know how large they'll be - - Only try and set the tuner if we're going to use it. Setting the tuner - when using baseband video (CVBS, S-Video) breaks the input. + * V4L: only try and set the tuner if we're going to use it. Setting the tuner + when using baseband video (CVBS, S-Video) breaks the input. * Fix crashes with MP3 files with metadata consisting only of separators. - * Fix crashes with fuzzed Windows Media files. xine-lib (1.1.14) 2008-06-29 * DVB changes: -- cgit v1.2.3 From 344c697e75c3fdd1067dc90fc2edc7a19c49466b Mon Sep 17 00:00:00 2001 From: Darren Salt Date: Fri, 8 Aug 2008 11:10:30 +0100 Subject: Fix crash with corrupted AVI files (chunk size). --HG-- extra : transplant_source : Z%F0%90e%A3%94%D3%7F%D9ROC8%3C%FD%F5FO%BFU --- ChangeLog | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index b5bb357f7..0d5b46f7a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,7 +1,7 @@ xine-lib (1.1.15) 2008-??-?? * Security fixes: - - Fix crashes with corrupted Ogg files. (CVE-2008-3231) - - Fix crashes with fuzzed Windows Media files. + - Fix crashes with various corrupted media files, including Ogg. + (CVE-2008-3231) - Delay V4L video frame preallocation until we know how large they'll be. * Use external ffmpeg by default. * V4L: Don't segfault if asked for an input that doesn't exist. -- cgit v1.2.3 From e8cc3903fc5be11c0e326fc23650599dbb1d07a0 Mon Sep 17 00:00:00 2001 From: Darren Salt Date: Wed, 13 Aug 2008 14:28:30 +0100 Subject: Update to libfaad 2.6.1, fixing a crash with a corrupted AAC file. Source is the version in the 1.2 branch. --- ChangeLog | 1 + 1 file changed, 1 insertion(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 0d5b46f7a..5a974a3c5 100644 --- a/ChangeLog +++ b/ChangeLog @@ -2,6 +2,7 @@ xine-lib (1.1.15) 2008-??-?? * Security fixes: - Fix crashes with various corrupted media files, including Ogg. (CVE-2008-3231) + This includes a libfaad update from the 1.2 branch. - Delay V4L video frame preallocation until we know how large they'll be. * Use external ffmpeg by default. * V4L: Don't segfault if asked for an input that doesn't exist. -- cgit v1.2.3 From 065ab726cb977220dd65f398fa5e3543ad657ed4 Mon Sep 17 00:00:00 2001 From: Darren Salt Date: Wed, 13 Aug 2008 14:31:51 +0100 Subject: Allow (and prefer) use of external libfaad. --- ChangeLog | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 5a974a3c5..e2251597e 100644 --- a/ChangeLog +++ b/ChangeLog @@ -4,7 +4,7 @@ xine-lib (1.1.15) 2008-??-?? (CVE-2008-3231) This includes a libfaad update from the 1.2 branch. - Delay V4L video frame preallocation until we know how large they'll be. - * Use external ffmpeg by default. + * Use external ffmpeg and libfaad by default. * V4L: Don't segfault if asked for an input that doesn't exist. * Recognise AMR audio (normally found in 3GP files). * Recognise Snow video. -- cgit v1.2.3