Difference between revisions of "Changelog/0.8.6g"
Jump to navigation
Jump to search
(Added VideoLAN-SA's) |
|||
| Line 9: | Line 9: | ||
* Fixed libid3tag denial of service ({{CVE|2008-2109}}) | * Fixed libid3tag denial of service ({{CVE|2008-2109}}) | ||
* Fixed libvorbis vulnerabilities ({{CVE|2008-1419}}, {{CVE|2008-1420}}, {{CVE|2008-1423}}) | * Fixed libvorbis vulnerabilities ({{CVE|2008-1419}}, {{CVE|2008-1420}}, {{CVE|2008-1423}}) | ||
| + | * Fixed speex insufficient boundary check (oCERT-2008-004) | ||
== Various bugfixes == | == Various bugfixes == | ||
* Fixed various memory leaks, improving stability when running as a server | * Fixed various memory leaks, improving stability when running as a server | ||
* Fixed compilation with recent versions of [[FFmpeg]] | * Fixed compilation with recent versions of [[FFmpeg]] | ||
| − | * Correctly parses | + | * Correctly parses SAP announcements from [[MPEG]]-TS |
| − | * Fixed | + | * Fixed AAC resampling |
* The Fullscreen Controller appears correctly on [[Mac OS X]], if the 'Always-on-top' video option was selected. | * The Fullscreen Controller appears correctly on [[Mac OS X]], if the 'Always-on-top' video option was selected. | ||
Revision as of 21:45, 31 May 2008
Changes between 0.8.6f and 0.8.6g
Security updates
- Removed VLC variable settings from Mozilla and ActiveX (CVE-2007-6683, VideoLAN-SA-0804))
- Removed loading plugins from the current directory (CVE-2008-2147, VideoLAN-SA-0805))
- Updated libpng on Windows and Mac OS X (CVE-2008-1382)
- Fixed libid3tag denial of service (CVE-2008-2109)
- Fixed libvorbis vulnerabilities (CVE-2008-1419, CVE-2008-1420, CVE-2008-1423)
- Fixed speex insufficient boundary check (oCERT-2008-004)
