release notes and changelog for 0.6.2

(cherry picked from commit b0f8fdc411c6380ca9279c8660915f35f5df1a3c) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
author: Reinhard Tartler <siretart@tauware.de> 2011-03-18 18:01:41 +0100
committer: Michael Niedermayer <michaelni@gmx.at> 2011-03-19 17:47:14 +0100
commit: 4940d1c0aec9223d92aeead551492c81c18d8c60 (patch)
tree: 798257bfbd2f9b808aa0a5f9c6cb076c77a11bc9 /RELEASE
parent: dda2062c316091ff12e6e35e6c2f24149310d0d1 (diff)
download: ffmpeg-4940d1c0aec9223d92aeead551492c81c18d8c60.tar.gz
1 files changed, 23 insertions, 0 deletions
diff --git a/RELEASE b/RELEASE
index a8919cdf56..ddd02e03d1 100644
--- a/RELEASE
+++ b/RELEASE
@@ -121,3 +121,26 @@ HE-AAC v2 backport
 
 This release includes a backport of the AAC decoder from trunk, which
 enables proper playback of HE-AAC v2 media.
+
+
+* 0.6.2
+
+General notes
+-------------
+
+This is a maintenance-only release that addresses a small number of security
+and portability issues. Distributors and system integrators are encouraged
+to update and share their patches against this branch.
+
+Security fixes
+--------------
+
+Programming errors in container and codec implementations may lead to
+denial of service or the execution of arbitrary code if the user is
+tricked into opening a malformed media file or stream.
+
+Affected and updated have been the implementations of the following
+codecs and container formats:
+
+ - VC1 decoder (Change related to CVE-2011-0723)
+ - APE decoder (cf. http://packetstorm.linuxsecurity.com/1103-exploits/vlc105-dos.txt)
author	Reinhard Tartler <siretart@tauware.de>	2011-03-18 18:01:41 +0100
committer	Michael Niedermayer <michaelni@gmx.at>	2011-03-19 17:47:14 +0100
commit	4940d1c0aec9223d92aeead551492c81c18d8c60 (patch)
tree	798257bfbd2f9b808aa0a5f9c6cb076c77a11bc9 /RELEASE
parent	dda2062c316091ff12e6e35e6c2f24149310d0d1 (diff)
download	ffmpeg-4940d1c0aec9223d92aeead551492c81c18d8c60.tar.gz