summaryrefslogtreecommitdiff
tag namelibvdpau-1.1.1 (6410719c17ac1e0095bcc5d035cf969650ef2814)
tag date2015-08-31 14:29:34 -0700
tagged byAaron Plattner <aplattner@nvidia.com>
tagged objectcommit af517f56d6...
libvdpau versions 1.1 and earlier, when used in setuid or setgid applications,
contain vulnerabilities related to environment variable handling that could allow an attacker to execute arbitrary code or overwrite arbitrary files. See CVE-2015-5198, CVE-2015-5199, and CVE-2015-5200 for more details. This release uses the secure_getenv() function, when available, to fix these problems. On platforms where secure_getenv() is not available, libvdpau will use a fallback implementation. If you use the NVIDIA .run installer packages, please see https://devtalk.nvidia.com/default/topic/873035 for additional information. This release also adds tracing of HEVC picture structures to libvdpau_trace. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAABCAAGBQJV5MdaAAoJEBvvPYQBpohhz7AP/RTHc938ke4U6j96nYJKZ2Vk Clc9bqublgcY9OwPE5tdfoTXHdrYChiit3JCAOctrOZ+NL04qXYPmpJ9O+XlaUsB 6r2/qeVFMus0TXA5xjkjulWw3mgd6m4wztU+GLOfUzZ8g1NYsaUzV6jBpqNa+Bvx DzA1BJ7Jqe/Xk+7/FXc66Q1SAHuMlTieutcpPZr7tSV8TnNxmDDlAH30qogoAeCv 1KXNxrpEgID21DJkIL2Z+cmdkfsBb2sz3K63t0dHXyO6hnxPAM+4t+7MBPCMP3aV jiThrIJutz9hLoZJ5E/NdRZjMEHBmy8u1hanlw6E950gP0eDrSgxrtZ37KkrVGTk 7qqlztMNINR9fiVjd35q4JPFUntbimHqDeAVvb0sJA8hTpFnAn9KiThrAlEHEDsf wuvwBQN0X/HxOLQZmGQnVPB2KjTHjnCVxDfB3gv7GJLt21YBN9YVB1x6CIPY4ABH pIoDFslzA7J/OzIN9E6201VGkqkAO7o56urHiztjvtq67oCW4UkUE63VmbGVXrBd lmljmioVxOBleYl2idAHk8vD4VoqKFGZ0SJCux9StZ2tCr0KKnGtRZpWWRgx0ew6 um+bOtI2XCZYr0BFUG7KukE8hsF4Ji0tEbYsgSjFbC7U5HlR58t2QMN9OemZsVH/ bpvbvXZw6P8DWcp7OPY3 =h2rY -----END PGP SIGNATURE-----