diff options
| author | Ralph Giles <giles@thaumas.net> | 2020-07-02 12:33:04 -0700 |
|---|---|---|
| committer | Ralph Giles <giles@thaumas.net> | 2020-07-03 18:45:57 -0700 |
| commit | 6819d9f05fc989d2b32c455f879d3243544ebc1a (patch) | |
| tree | 6a81d8531ec8f51f8756c6c968bab540ed5d40ca | |
| parent | 63aeb7ef70211bba16ad21c3f19a54a07c2c9c5c (diff) | |
| download | libvorbis-git-6819d9f05fc989d2b32c455f879d3243544ebc1a.tar.gz | |
Update CHANGES for the 1.3.7 release
Summary of commits since the last release.
Signed-off-by: Mark Harris <mark.hsj@gmail.com>
Signed-off-by: Thomas Daede <daede003@umn.edu>
| -rw-r--r-- | CHANGES | 19 |
1 files changed, 19 insertions, 0 deletions
@@ -1,3 +1,22 @@ +libvorbis 1.3.7 (2020-07-04) -- "Xiph.Org libVorbis I 20200704 (Reducing Environment)" + +* Fix CVE-2018-10393 - out-of-bounds read encoding very low sample rates. +* Fix CVE-2017-14160 - out-of-bounds read encoding very low sample rates. +* Fix handling invalid bytes per sample arguments. +* Fix handling invalid channel count arguments. +* Fix invalid free on seek failure. +* Fix negative shift reading blocksize. +* Fix accepting unreasonable float32 values. +* Fix tag comparison depending on locale. +* Fix unnecessarily linking libm. +* Fix memory leak in test_sharedbook. +* Update Visual Studio projects for ogg library filename change. +* Distribute CMake build files with the source package. +* Remove unnecessary configure --target switch. +* Add gitlab CI support. +* Add OSS-Fuzz support. +* Build system and integration updates. + libvorbis 1.3.6 (2018-03-16) -- "Xiph.Org libVorbis I 20180316 (Now 100% fewer shells)" * Fix CVE-2018-5146 - out-of-bounds write on codebook decoding. |