Update lzo to 2.10

author: Arne Schwabe <arne@rfc2549.org> 2017-06-22 18:33:26 +0200
committer: Arne Schwabe <arne@rfc2549.org> 2017-06-22 18:33:26 +0200
commit: 6c12bd2094234edc1a129969b89cf45b1da889bd (patch)
tree: a39b3af9ad861334a844035d4d88232c8f9ed0ec /main/lzo/NEWS
parent: f35afa13da08a058bc28ca0e535e044093148e3a (diff)
1 files changed, 9 insertions, 3 deletions
diff --git a/main/lzo/NEWS b/main/lzo/NEWS
index 80da4ea3..4c2bbda0 100644
--- a/main/lzo/NEWS
+++ b/main/lzo/NEWS
@@ -2,6 +2,12 @@
 User visible changes for LZO -- a real-time data compression library
 ============================================================================
 
+Changes in 2.10 (01 Mar 2017)
+  * Improve CMake build support.
+  * Add support for pkg-config.
+  * Do not redefine "snprintf" so that the examples build with MSVC 2015.
+  * Assorted cleanups.
+
 Changes in 2.09 (04 Feb 2015)
   * Work around gcc bug #64516 that could affect architectures like
     armv4, armv5 and sparc.
@@ -16,10 +22,10 @@ Changes in 2.07 (25 Jun 2014)
     variants which could result in a possible buffer overrun when
     processing maliciously crafted compressed input data.
 
-    Fortunately this issue only affects 32-bit systems and also can only happen
+    Note that this issue only affects 32-bit systems and also can only happen
     if you use uncommonly huge buffer sizes where you have to decompress more
-    than 16 MiB (> 2^24 bytes) untrusted compressed bytes within a single
-    function call, so the practical implications are limited.
+    than 16 MiB (> 2^24 bytes) untrusted compressed bytes within a
+    *single* function call, so the practical implications are limited.
 
     POTENTIAL SECURITY ISSUE. CVE-2014-4607.
author	Arne Schwabe <arne@rfc2549.org>	2017-06-22 18:33:26 +0200
committer	Arne Schwabe <arne@rfc2549.org>	2017-06-22 18:33:26 +0200
commit	6c12bd2094234edc1a129969b89cf45b1da889bd (patch)
tree	a39b3af9ad861334a844035d4d88232c8f9ed0ec /main/lzo/NEWS
parent	f35afa13da08a058bc28ca0e535e044093148e3a (diff)