[Matroska-devel] libEBML v1.4.1 released
Moritz Bunkus
mo at bunkus.online
Mon Jan 4 15:38:10 CET 2021
Hey,
here's a new releases of libEBML, v1.4.1. It fixes an issue when
encountering certain types of invalid data; libEBML might return a pointer
to memory that has just been freed, leading to potential use-after-free
errors.
Here are the download link & ChangeLog entries:
https://dl.matroska.org/downloads/libebml/libebml-1.4.1.tar.xz
https://dl.matroska.org/downloads/libebml/libebml-1.4.1.tar.xz.sha512.txt
ChangeLog:
------------------------------------------------------------
2021-01-04 Moritz Bunkus <mo at bunkus.online>
* Release v1.4.1.
2021-01-02 Moritz Bunkus <mo at bunkus.online>
* Fixed a case EbmlMaster::Read where the element returned via
UpperEltFound and FountElt points to a just-deleted element,
causing callers to think the memory returned is valid, potentially
leading to use-after-free/double-free errors. This can happen if
the specific element's Read function throws an exception when
encountering certain invalid data constellations.
------------------------------------------------------------
Have fun :)
mosu
More information about the Matroska-devel
mailing list