[vlc-commits] NEWS: more information about security issues

[Jean-Baptiste Kempf]

vlc/vlc-1.1 | branch: master | Jean-Baptiste Kempf <jb at videolan.org> | Thu Jan 27 15:36:51 2011 +0100| [98c9762c5d3a6c6f103bc7d7b81597bf0c1d4228] | committer: Jean-Baptiste Kempf

NEWS: more information about security issues

> http://git.videolan.org/gitweb.cgi/vlc/vlc-1.1.git/?a=commit;h=98c9762c5d3a6c6f103bc7d7b81597bf0c1d4228
---

 NEWS |    5 +++--
 1 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/NEWS b/NEWS
index 96b411c..a26da79 100644
--- a/NEWS
+++ b/NEWS
@@ -20,9 +20,10 @@ Decoders:
  * Support for MPC SV7 and SV8 on Windows and Mac OS X (Unix was already working)
  * Enabled FluidSynth MIDI playback plugin on Mac OS X
  * Faster VP8/Webm decoding with recent codecs libraries
+ * Fix heap corruption in CD+G decoder - CVE-2011-0021 / VideoLAN-SA-1101
 
 Demuxers:
- * Fix Buffer overflow in Real demuxer CVE-2010-3907 / VideoLAN-SA-1007
+ * Fix Buffer overflow in Real demuxer - CVE-2010-3907 / VideoLAN-SA-1007
  * Fix some asf/wmv seeking issues, notably when seek didn't go to a keyframe
  * Support for 24-bits PCM over RTP (audio/L24)
 
@@ -31,7 +32,7 @@ Subtitles and renderer:
  * Mark more freetype options as safe
  * Mac OS X: fixed fontconfig cache creation
  * Fix heap corruption in subtitle decoders, potentially exploitable,
-   discovered by Harry Sintonen - sintonen at iki.fi
+   discovered by Harry Sintonen - sintonen at iki.fi - CVE-2011-0522
 
 Visualization:
  * Fix projectM visualization for Linux in all locales