[vlc-devel] VLC 0.8.6g source release

Rémi Denis-Courmont rdenis at simphalempin.com
Sun May 18 14:05:57 CEST 2008


	Dear VideoLAN users,

The VideoLAN Team is pleased to announce the release of
VLC media player 0.8.6g.

This is a maintainance release addressing security and stability issues; no 
new features were added. See the news below.

This release includes important security fixes, see also:
http://www.videolan.org/security/sa0804.html
http://www.videolan.org/security/sa0805.html

N.B.: This is a source code release. Updated binary installers for Windows and 
MacOSX will be made available within the coming days.

Changes between 0.8.6f and 0.8.6g:
----------------------------------

Security updates:
 * Removed VLC variable settings from Mozilla and ActiveX (CVE-2007-6683)
 * Removed loading plugins from the current directory (CVE-2008-2147)
 * Updated libpng on Windows and Mac OS X (CVE-2008-1382)
 * Fixed libid3tag denial of service (CVE-2008-2109)
 * Fixed libvorbis vulnerabilities (CVE-2008-1419, CVE-2008-1420,
                                    CVE-2008-1423)

Various bugfixes:
 * Fixed various memory leaks, improving stability when running as a server
 * Fixed compilation with recent versions of FFmpeg
 * Correctly parses SAP announcements from MPEG-TS
 * Fixed AAC resampling
 * The Fullscreen Controller appears correctly on Mac OS X,
   if the 'Always-on-top' video option was selected.

-- 
Rémi Denis-Courmont
http://www.remlab.net/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
URL: <http://mailman.videolan.org/pipermail/vlc-devel/attachments/20080518/444a552d/attachment.sig>


More information about the vlc-devel mailing list