[vlc-devel] VLC 0.8.6g source release
Rémi Denis-Courmont
rdenis at simphalempin.com
Sun May 18 14:05:57 CEST 2008
Dear VideoLAN users,
The VideoLAN Team is pleased to announce the release of
VLC media player 0.8.6g.
This is a maintainance release addressing security and stability issues; no
new features were added. See the news below.
This release includes important security fixes, see also:
http://www.videolan.org/security/sa0804.html
http://www.videolan.org/security/sa0805.html
N.B.: This is a source code release. Updated binary installers for Windows and
MacOSX will be made available within the coming days.
Changes between 0.8.6f and 0.8.6g:
----------------------------------
Security updates:
* Removed VLC variable settings from Mozilla and ActiveX (CVE-2007-6683)
* Removed loading plugins from the current directory (CVE-2008-2147)
* Updated libpng on Windows and Mac OS X (CVE-2008-1382)
* Fixed libid3tag denial of service (CVE-2008-2109)
* Fixed libvorbis vulnerabilities (CVE-2008-1419, CVE-2008-1420,
CVE-2008-1423)
Various bugfixes:
* Fixed various memory leaks, improving stability when running as a server
* Fixed compilation with recent versions of FFmpeg
* Correctly parses SAP announcements from MPEG-TS
* Fixed AAC resampling
* The Fullscreen Controller appears correctly on Mac OS X,
if the 'Always-on-top' video option was selected.
--
Rémi Denis-Courmont
http://www.remlab.net/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
URL: <http://mailman.videolan.org/pipermail/vlc-devel/attachments/20080518/444a552d/attachment.sig>
More information about the vlc-devel
mailing list