CVE references (backport)

415ac324 · Rémi Denis-Courmont · 56071f2b · 415ac324
Commit 415ac324 authored Jan 19, 2008 by Rémi Denis-Courmont
Hide whitespace changes
Inline Side-by-side

Showing with 8 additions and 4 deletions

NEWS NEWS +8 -4

No files found.
--- a/NEWS
+++ b/NEWS
 $Id$
+CVE IDs pending: 2008-0295, 2008-0296, 2007-6681, 2007-6682, 2007-6683
 Changes between 0.8.6d and 0.8.6e (not yet released):
 -----------------------------------------------------
@@ -45,7 +47,7 @@ Windows and Mac OS Binaries
 * FLAC Security Update (CVE-2007-4619) to prevent multiple integer overflows 
 Active X plugin:
- * Security update (VideoLAN-SA-0703)
+ * Security update (VideoLAN-SA-0703, CVE-2007-6262)
 Mac OS X Interface & Port:
 * Apple Remote support on Mac OS X 10.5 Leopard with enhanced functionality
@@ -61,7 +63,8 @@ Encoders:
 Other changes:
 * The automatic updating facility was removed
 * You now need to append --m3u-extvlcopt to your command line to enable
-   EXTVLCOPT options parsing in m3u playlists.
+   EXTVLCOPT options parsing in m3u playlists (CVE-2007-6683).
+ * RTSP server remote denial of service fixed (CVE-2007-6684).
 Changes between 0.8.6b and 0.8.6c:
@@ -76,10 +79,11 @@ Various bugfixes, notably:
 * MKV demuxer crash (related to seeking)
 CDDA / Vorbis / Theora / SAP plugins:
- * Security updates (VideoLAN-SA-0702, CVE-2007-3316)
+ * Security updates (VideoLAN-SA-0702, CVE-2007-3316, US-CERT VU#200928)
 Demuxers:
 * Fixed a problem with detecting embedded subtitles (GAB2 format) in AVI
+ * Prevent WAV file integer overflow (CVE-2007-3467 & CVE-2007-3468)
 Decoders:
 * Updated FLAC API compatibility
@@ -120,7 +124,7 @@ Changes between 0.8.6 and 0.8.6a:
 ---------------------------------
 CDDA / VCDX plugins:
- * Security updates (VideoLAN-SA-0701)
+ * Security updates (VideoLAN-SA-0701, CVE-2007-0017)
 Mac OS X Interface:
 * Fullscreen controller improvements