[MPlayer-DOCS] [homepage]: r2956 - trunk/src/news.src.en

rtogni subversion at mplayerhq.hu
Wed Jun 6 00:19:09 CEST 2007 

Author: rtogni
Date: Wed Jun  6 00:19:08 2007
New Revision: 2956

Log:
Typos and grammar fixes suggested by Corey Hickey and The Wanderer


Modified:
   trunk/src/news.src.en

Modified: trunk/src/news.src.en
==============================================================================
--- trunk/src/news.src.en	(original)
+++ trunk/src/news.src.en	Wed Jun  6 00:19:08 2007
@@ -17,7 +17,7 @@
 
 <p>
 A stack overflow was found and reported by Stefan Cornelius of Secunia
-Researchin in the code used to handle cddb queries. Two other similar issues
+Research in the code used to handle cddb queries. Two other similar issues
 were found by Reimar Döffinger while fixing the issue. The vulnerability is
 identified with CVE-2007-2948 and
 <a href="http://secunia.com/advisories/24302/">SAID 24302</a>.
@@ -35,8 +35,8 @@
 <p>
 High (arbitrary remote code execution under the user ID running the player)
 when getting disk information from a malicious cddb entry, null if you do not
-use this feature. Please note that is possible to overwrite entries in the cddb
-database, so an attack can be performed also via a non-compromised server.
+use this feature. Please note that it is possible to overwrite entries in the
+cddb database, so an attack can also be performed via a non-compromised server.
 At the time the buffer overflow was fixed there was no known exploit in the
 wild.
 </p>
@@ -53,21 +53,22 @@
 </p>
 
 <p>
-If case you can't upgrade or apply the suggested patch, these are some possible
+In case you can't upgrade or apply the suggested patch, these are some possible
 workarounds:
 <ul>
-	<li>Don't use cddb:// urls (be careful also with playlists)</li>
+	<li>Don't use cddb:// URLs (be careful also with playlists)</li>
 	<li>Redirect freedb.freedb.org to 127.0.0.1 (e.g. via hosts file)</li>
 	<li>Recompile with --disable-cddb</li>
 </ul>
 </p>
 
 <p>
-Please note that we are not releasing an updated tarball with this fix at this
+Please note that we are not releasing an updated tarball with this fix at the
 moment.<br>
 If you need to stay with 1.0rc1, get the MPlayer 1.0rc1 tarball,
-apply the patch with the fix and recompile MPlayer; else upgrade to SVN.<br>
-If you decide to stay with rc1, don't forget to apply also this
+apply the patch with the fix and recompile MPlayer. If possible, however, we
+recommend that you upgrade to SVN.<br>
+If you decide to stay with rc1, don't forget to also apply this
 <a href="http://www.mplayerhq.hu/MPlayer/patches/asmrules_fix_20061231.diff">older fix.</a>
 If you mantain a binary package for MPlayer, please name the updated version
 MPlayer 1.0rc1try3.

More information about the MPlayer-DOCS mailing list