Commit 8ad41f66 authored by Jean-Baptiste Kempf's avatar Jean-Baptiste Kempf

Update www-test for produciotn

parent c3113344
......@@ -179,6 +179,8 @@ function draw_menus()
</div>
</div>
<div class="clearme"></div>
<a href="/videolan/events/10y/"><img alt="10 cones" src="http://images1.videolan.org/images/10years.jpg" style="border: 2px solid rgb(61, 61, 61); margin-bottom: 18px;"></a>
<?php
}
......
# Comments begin with a #
# New topics begin with a "|"
#
|1 February 2011|10 years of open source for VideoLAN|The VideoLAN project and organization are proud to celebrate with the community the <b>10<sup>th</sup> anniversary</b> of open sourcing of all VideoLAN software, that happened exactly 10 years ago.</p><p>To celebrate, small infos, stories and goodies will be posted in the next ten days on <a href="/videolan/events/10y/">this site</a>.<br /><a href="/videolan/events/10y/">Day 1</a> speaks about the <a href="/videolan/events/10y/">early history of the project</a><br />Please <b>join</b> the celebration!
|23 January 2011|VLC 1.1.6|VideoLAN and the VLC development team are proud to present VLC 1.1.6, the sixth bugfix release of the VLC 1.1.x branch.<br />Small new features, many bugfixes, updated translations and <a href="/security/sa1007.html">security issues</a> are making this release. Notable improvements include codecs, demuxers, Audio-CD support, subtitles, visualization and platform integration.<br />Source and Windows and MacOSX builds are available.<br />See the <a href="/vlc/releases/1.1.6.html">release notes</a> for more information.<br />
<b>NB:</b> The first versions for Intel-based Macs (64bit and Universal Binary) included a rtsp streaming bug, which also hindered access to the Freebox. Please re-download.
......
......@@ -28,6 +28,11 @@ pub 1024D/AC3E0879 2006-03-01
<h2>2011</h2>
<dl>
<dt>VideoLAN-SA-1102 (?)</dt>
<dd>Insufficient input validation in MKV demuxer.
<a href="sa1102.html">Details</a>
</dd>
<dt>VideoLAN-SA-1101 (CVE-2011-0021)</dt>
<dd>Heap corruption in CDG codec.
<a href="sa1101.html">Details</a>
......
......@@ -53,7 +53,7 @@ from the official VLC source code repositories.
<dd><a href="http://www.videolan.org/">http://www.videolan.org/</a>
</dd>
<dt>VLC official GIT repository</dt>
<dd><a href="http://git.videolan.org/?p=vlc.git;a=commitdiff;h=6568965770f906d34d4aef83237842a5376adb55;hp=403718957b551c3c27546b7f82b2ae9ba937652f">http://git.videolan.org/?p=vlc.git;a=commitdiff;h=6568965770f906d34d4aef83237842a5376adb55;hp=403718957b551c3c27546b7f82b2ae9ba937652f</a>
<dd><a href="http://git.videolan.org/?p=vlc.git;a=commit;h=f9b664eac0e1a7bceed9d7b5854fd9fc351b4aab">http://git.videolan.org/?p=vlc.git;a=commit;h=f9b664eac0e1a7bceed9d7b5854fd9fc351b4aab</a>
</dd>
<dt>Dan Rosenberg, VSR</dt>
<dd><a href="http://www.vsecurity.com/"
......
<?php
$title = "VideoLAN Security Advisory 1102";
$lang = "en";
$menu = array( "vlc" );
require($_SERVER["DOCUMENT_ROOT"]."include/header.php");
?>
<div id="fullwidth">
<h1>Security Advisory 1102</h1>
<pre>
Summary : Insufficient input validation in MKV demuxer
Date : January 2011
Affected versions : VLC media player 1.1.6.1 and earlier
ID : VideoLAN-SA-1102
CVE reference : Unassigned
</pre>
<h2>Details</h2>
<p>When parsing an invalid MKV (Matroska or WebM) file,
input validation are insufficient.
</p>
<h2>Impact</h2>
<p>If successful,
a malicious third party will be able to trigger execution of arbitrary code.
</p>
<h2>Threat mitigation</h2>
<p>Exploitation of this issue requires the user
to explicitly open a specially crafted file.
</p>
<h2>Workarounds</h2>
<p>The user should refrain from opening files from untrusted third parties
or accessing untrusted remote sites (or disable the VLC browser plugins),
until the patch is applied.
</p>
<p>Alternatively, the MKV demuxer plugin
(<code>libmkv_plugin.*</code>)
can be removed manually from the VLC plugin installation directory.
</p>
<h2>Solution</h2>
<p>VLC media player 1.1.7 addresses this issue.
Patches for older versions are available
from the official VLC source code repositories.
</p>
<h2>Credits</h2>
<p>This vulnerability was reported by Dan Rosenberg from VSR.
</p>
<h2>References</h2>
<dl>
<dt>The VideoLAN project</dt>
<dd><a href="http://www.videolan.org/">http://www.videolan.org/</a>
</dd>
<dt>VLC official GIT repository</dt>
<dd><a href="http://git.videolan.org/?p=vlc.git;a=commit;h=59491dcedffbf97612d2c572943b56ee4289dd07">http://git.videolan.org/?p=vlc.git;a=commit;h=59491dcedffbf97612d2c572943b56ee4289dd07</a>
</dd>
<dt>Dan Rosenberg, VSR</dt>
<dd><a href="http://www.vsecurity.com/"
>http://www.vsecurity.com/</a>
</dd>
</dl>
<h2>History</h2>
<dl>
<dt>26 January 2011</dt>
<dd>Vendor notified</dd>
<dt>29 January 2011</dt>
<dd>Fixes delivered by Matroska</dd>
<dt>30 January 2011</dt>
<dd>Patches published</dd>
<dd>Security advisory published</dd>
<dt>TBD</dt>
<dd>VLC media player 1.1.7 released</dd>
<dt>TBD</dt>
<dd>CVE ID reserved</dd>
</dl>
<address>R&eacute;mi Denis-Courmont,<br />
on behalf of the VideoLAN project</address>
</div>
<?php footer('$Id$'); ?>
<?php
$title = "10 years of open source";
$lang = "en";
$menu = array( "project", "events" );
require($_SERVER["DOCUMENT_ROOT"]."/include/header.php");
?>
<h1>10 years of Open Source</h1>
<h2>Welcome to the pages for the Celebration of our 10 years of open source</h2>
<p>We are here to celebrate the 10 years of the open sourcing of VideoLAN and VLC.</p>
<p><b>10 days</b> of surprises, ideas and stories will pop up here.</p>
<br />
<br />
<div id="left">
<h1>Day 1: a VideoLAN history</h1>
<p>Most people know <a href="/vlc"/>VLC</a>, but they don't know the history of the <a href="/videolan/">VideoLAN project</a>.</p>
<p>Well, they don't even know what VideoLAN is, and that we are not a company...</p>
<h2>1st February 2011</h2>
<p>Today is the <b>10<sup>th</sup> anniversary</b> of the switch to <a href="http://www.opensource.org/">GPL</a> of the VideoLAN project
applications...</p>
<p>But, but, but... What was <em>before</em> the GPL?</p>
<h3>1996: First VideoLAN project</h3>
<p>The network of the campus of the <a href="http://www.ecp.fr">École Centrale Paris</a>,
one of the prestigious French "<a href="http://en.wikipedia.org/wiki/Grande_ecole">Grande École</a>"
university, has always been managed by a student organisation named <a href="http://www.via.ecp.fr">
VIA Centrale Réseaux</a>.</p>
<p>In 1996, it had a very slow <a href="http://en.wikipedia.org/wiki/Token_ring">Token-Ring</a> network, but the students wanted an upgrade. They found investors
at the condition that they could justify the need for a new network...</p>
<p>Therefore, they decided to push <b>Video</b> on the network...<br />
<p>Remember, this is <b>1996</b>, were your average Pentium couldn't decode a DVD and when Youtube and Google didn't exist...</p>
<p>This <b>student project</b> achieved his goals in early 1998, and a new network came.</p>
<h3>1998: Second VideoLAN project</h3>
<p>As it was successful, it was decided to go on the project.</p>
<p>And they restarted the project from scratch, in <b>1998</b>.<br />
<p>But in the mind of <a href="http://www.opensource.org/">open source</a> and modularity.</p>
<p>This is when the <a href="/vlc/">VLC media player</a> that you know of, was <i>born</i>.<br />
If you look at the <em>first commit</em> of the repository, in <b>August 1999</b>, you'll see that the most copyright
indeed is from <b>1998</b>.</p>
<h3>2001: Open Source</h3>
<p>As <a href="/">VideoLAN</a> was a student project, the university had moral rights on the software produced.</p>
<p>Thanks to the <b>students</b> and Professor <a href="http://fr.linkedin.com/pub/jean-philippe-rey/16/b19/95a">Jean-Philippe Rey</a>,
the direction of the university allowed the switch of all code produced to GPL.</p>
<p>The <a href="http://images.videolan.org/images/paper.jpeg">letter</a> from Mr. Gourisse was signed on February 1<sup>st</sup>, <b>2001</b>.</p>
<h2>Since 2001</h2>
<p>Afterward, the project has went on, with <b>students</b> and then <b>volunteers</b> from around the world.</p>
<p>The project, has, of course, left the university and is a backed-up by a <b>volunteer non-profit organisation</b>.</p>
<p>Today, VLC averages 24 million downloads per month (including two-third of updates) and the user-base is counted in tens of million.</p>
<h2>Support us</h2>
<p>Since all the work on <a href="/vlc/">VLC</a> and other <a href="/projects">videolan projects</a> is done by <b>volunteers</b>
in their <b>free time</b>, we welcome donations to help us manage the software.</p>
<p><b>Donate <a href="/contribute.html">now!</a></b></p>
<h3>Share</h3>
<a href="http://digg.com/news/technology/videolan_10_years_of_open_source">Digg</a>
<a href="http://www.facebook.com/vlc.media.player">Facebook</a>
<a href="http://news.ycombinator.com/item?id=2165356">Hacker News</a>
<a href="http://twitter.com/videolan">Twitter</a>
</div>
<div id="right">
<?php panel_start( "grey" ); ?>
<h1><a href="/videolan/events/10y/">Day 1</a></h1>
<h1>Day 2</h1>
<h1>Day 3</h1>
<h1>Day 4</h1>
<h1>Day 5</h1>
<h1>Day 6</h1>
<h1>Day 7</h1>
<h1>Day 8</h1>
<h1>Day 9</h1>
<h1>Day 10</h1>
<?php panel_end(); ?>
</div>
<?php footer('$Id: index.php 5400 2009-07-19 15:37:21Z jb $'); ?>
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment