[vlc-commits] Update NEWS from 2.2.x branch

Jean-Baptiste Kempf git at videolan.org
Thu Nov 23 10:36:33 CET 2017 

vlc | branch: master | Jean-Baptiste Kempf <jb at videolan.org> | Thu Nov 23 10:36:26 2017 +0100| [fc063b5195e11e03ac773874432757cbeef2693b] | committer: Jean-Baptiste Kempf

Update NEWS from 2.2.x branch

> http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=fc063b5195e11e03ac773874432757cbeef2693b
---

 NEWS | 54 +++++++++++++++++++++++++++++++++++++++++++++++++++---
 1 file changed, 51 insertions(+), 3 deletions(-)

diff --git a/NEWS b/NEWS
index 5c912657c1..ddd1626f37 100644
--- a/NEWS
+++ b/NEWS
@@ -314,17 +314,65 @@ Removed modules
  * RAOP stream output module
 
 
-Changes between 2.2.5 and 2.2.5.1:
+Changes between 2.2.7 and 2.2.8:
+--------------------------------
+
+Demuxers:
+ * Fix AVI invalid pointer dereferences
+
+Translations updates
+
+
+Changes between 2.2.6 and 2.2.7:
 --------------------------------
 
+Decoders:
+ * Fix flac heap write overflow on format change
+ * Fix crash in libavcodec module (heap write out-of band) (CVE-2017-10699)
+ * Fix infinite loop in sami subtitle
+ * Fix AAC 7.1 channels detection
+
+Demuxers:
+ * Fix potential crash in ASX parser
+ * Fix AVI read/write overflow
+
+Mac OS X:
+ * Fix compatibility with macOS High Sierra
+ * Fix regression in ASS subtitle decoding
+ * Fix crash during automatic update. Some users might need to manually
+   update to the newest version.
+
+Video Output:
+ * Fix Direct3D9 output with odd offsets
+
+Misc:
+ * Fix crash in MTP
+ * Support libupnp 1.8
+
+Translations updates
+
+
+Changes between 2.2.5.1 and 2.2.6:
+----------------------------------
+
+Video output:
+ * Fix systematic green line on nvidia
+ * Fix direct3d SPU texture offsets handling
+
+Demuxer:
+ * Fix heap buffer overflows (CVE-2017-8310, 8311, 8312, 8313)
+
+Changes between 2.2.5 and 2.2.5.1:
+----------------------------------
+
 Security hardening for DLL hijacking environments
 
 Translations updates
 
 Misc:
  * Update for Soundcloud, liveleak and Youtube scripts
- * Fix potential out-of-band dereference in flac decoder
- * Fix potential out-of-band reads in mpeg packetizers
+ * Fix potential out-of-band dereference in flac decoder (CVE-2017-9300)
+ * Fix potential out-of-band reads in mpeg packetizers (CVE-2017-9301)
  * Fix infinite loop in subtitles demuxer
  * Fix incorrect memory free in ogg demuxer
  * Fix potential out-of-band reads in subtitle decoders and demuxers

More information about the vlc-commits mailing list