From f3e691cf556bd4ad1338f222ffcf5eaecafd6a24 Mon Sep 17 00:00:00 2001
From: Darren Salt <linux@youmustbejoking.demon.co.uk>
Date: Fri, 11 Jan 2008 13:49:08 +0000
Subject: Fix a buffer overflow in the RTSP header-handling code.
 CVE-2008-0225; ported from mplayer changeset 22821.

---
 ChangeLog | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'ChangeLog')

diff --git a/ChangeLog b/ChangeLog
index 89c0beddb..ab355ba75 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,4 +1,7 @@
 xine-lib (1.1.9.1) (unreleased)
+  * Security fixes:
+    - Fix a buffer overflow in RTSP header-handling code. (CVE-2008-0225)
+      (Fix ported from mplayer changeset 22821)
   * Fix a read-past-end bug in xine-lib's internal strtok_r replacement.
     (Only affects systems without strtok_r.) [Bug #19]
 
-- 
cgit v1.2.3