[MPlayer-cvslog] r29184 - branches/1.0rc1/libmpdemux/demux_vqf.c

compn tempn at twmi.rr.com
Thu Apr 16 01:40:16 CEST 2009


On Thu, 16 Apr 2009 00:38:31 +0200 (CEST), siretart wrote:
>Author: siretart
>Date: Thu Apr 16 00:38:30 2009
>New Revision: 29184
>
>Log:
>SA33136: MPlayer TwinVQ Processing Buffer Overflow Vulnerability
>Thanks to T. Klein, G. Iuculano, R. Döffinger. cf http://bugs.debian.org/508803
>Fixes CVE-2008-5616.

shouldnt one bump the minor version number in such fixes?
like 1.0rc1.1 or 1.0rc1try2 ?
how will we tell good rc1 vqf from bad rc1 vqf ?

not that this matters much as we dont support rc1 anyways.
(btw are you planning to patch rc2 too?)

-compn


More information about the MPlayer-cvslog mailing list