generic-library/ffmpeg
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

release notes and changelog for 0.6.2

Browse Source
This commit is contained in:
Reinhard Tartler 2011-03-18 18:01:41 +01:00
parent ba1927dda9
commit b0f8fdc411
2 changed files with 30 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
Changelog
View File

@ -1,6 +1,13 @@
Entries are sorted chronologically from oldest to youngest within each release, Entries are sorted chronologically from oldest to youngest within each release,
releases are sorted from youngest to oldest. releases are sorted from youngest to oldest.
version 0.6.2:
- Fix invalid reads in VC-1 decoding (related to CVE-2011-0723)
- Do not attempt to decode APE file with no frames
(adresses http://packetstorm.linuxsecurity.com/1103-exploits/vlc105-dos.txt)
version 0.6.1: version 0.6.1:
- fix autodetection of E-AC-3 substream samples - fix autodetection of E-AC-3 substream samples

23
RELEASE
View File

@ -121,3 +121,26 @@ HE-AAC v2 backport
This release includes a backport of the AAC decoder from trunk, which This release includes a backport of the AAC decoder from trunk, which
enables proper playback of HE-AAC v2 media. enables proper playback of HE-AAC v2 media.
* 0.6.2
General notes
-------------
This is a maintenance-only release that addresses a small number of security
and portability issues. Distributors and system integrators are encouraged
to update and share their patches against this branch.
Security fixes
--------------
Programming errors in container and codec implementations may lead to
denial of service or the execution of arbitrary code if the user is
tricked into opening a malformed media file or stream.
Affected and updated have been the implementations of the following
codecs and container formats:
- VC1 decoder (Change related to CVE-2011-0723)
- APE decoder (cf. http://packetstorm.linuxsecurity.com/1103-exploits/vlc105-dos.txt)