-
ffmpeg (3:0.cvs20070307-5ubuntu4.2) gutsy-security; urgency=low
* SECURITY UPDATE: denial of service via a malformed Ogg Media (OGM) file
- debian/patches/100_security_CVE-2008-4610.diff: properly check return
codes in libavcodec/vp3.c.
- CVE-2008-4610
* SECURITY UPDATE: buffer overflow caused by an incorrect DCA_MAX_FRAME_SIZE
value
- debian/patches/101_security_CVE-2008-4867.diff: set DCA_MAX_FRAME_SIZE to
a correct value in libavcodec/dca.c.
- CVE-2008-4867
* SECURITY UPDATE: arbitrary code execution via a malformed 4X movie file
(LP: #323620)
- debian/patches/102_security_CVE-2009-0385.diff: validate current_track
value in libavformat/4xm.c.
- CVE-2009-0385
-- Marc Deslauriers <email address hidden> Fri, 13 Mar 2009 13:20:07 -0400
-
ffmpeg (3:0.cvs20070307-5ubuntu4.1) gutsy-security; urgency=low
* SECURITY UPDATE: crash from crafted STR file.
* Add debian/patches/400_str_file_crash.diff: backported upstream fixes.
* References
CVE-2008-3162
-- Kees Cook <email address hidden> Wed, 23 Jul 2008 13:28:45 -0700
-
ffmpeg (3:0.cvs20070307-5ubuntu4) gutsy; urgency=low
* make ffmpeg-config not add -ldts and -la52 to LDFLAGS. fixes FTBFS in
unrelated packages.
-- Reinhard Tartler <email address hidden> Sun, 03 Jun 2007 18:21:33 +0200
-
ffmpeg (3:0.cvs20070307-5ubuntu3) gutsy; urgency=low
* remove dependency on libdts-dev and liba52-dev from libavcodec-dev
* remove incorrect VCS information
-- Reinhard Tartler <email address hidden> Sat, 02 Jun 2007 15:09:03 +0200
-
ffmpeg (3:0.cvs20070307-5ubuntu2) gutsy; urgency=low
* Fix FTBFS. was too agressive with removing libdts support, breaking
the shared library build on amd64.
-- Reinhard Tartler <email address hidden> Wed, 30 May 2007 22:06:55 +0200
-
ffmpeg (3:0.cvs20070307-5ubuntu1) gutsy; urgency=low
* merge debian changes
* remove liba52 support for now (not in main ATM)
* remove libdts support for now (not in main ATM)
-- Reinhard Tartler <email address hidden> Wed, 30 May 2007 15:59:41 +0200
-
ffmpeg (3:0.cvs20070307-4ubuntu1) gutsy; urgency=low
* fakesync for debian
* added back epoch
* tighten build dependency on x264, the version from feisty causes ftbfs
ffmpeg (0.cvs20070307-4) experimental; urgency=low
* added myself to uploaders
* 020_fix_libswscale_pic_code:
+ added, avoid some MMX code to avoid PIC code
[ Sam Hocevar ]
* fixed path in library installation.
ffmpeg (0.cvs20070307-3) experimental; urgency=low
* debian/patches/015_build_imgresample.diff:
+ Build imgresample functions even with swscaler activated, or legacy
applications will stop working.
* debian/patches/053_rm_demux_crash.diff:
+ New patch: fix a double free with corrupted rm files (Closes: #379922).
* debian/patches/054_h264_mmx_chroma_mc_crash.diff:
+ New patch: workaround for a buffer overflow in the MMX H264 chroma
motion compensation until upstream fixes it properly (Closes: #404176).
* debian/patches/300_c++_compliant_headers.diff:
+ Define INT64_C() when the system headers don't provide it, for instance
when building C++ code.
* debian/control:
+ Set pkg-multimedia-maintainers as main maintainer.
+ Updated VCS fields.
* debian/rules:
+ Huge cleanup.
ffmpeg (0.cvs20070307-2) experimental; urgency=low
* debian/rules:
+ Activate x264 support now that it is in unstable.
* debian/control:
+ Build-depend on libx264-dev.
ffmpeg (0.cvs20070307-1) experimental; urgency=low
[ Sam Hocevar ]
* New upstream snapshot (Closes: #403330, #404788).
* This snapshot fixes numerous file parsing crashes (Closes: #404176,
Closes: #407003, #396282, #365006, #403398).
* debian/patches/010_proper_rpath.diff:
+ New patch. Link objects with the libraries that we generate, not the
ones installed on the system.
* debian/patches/010_shared_library_versioning.diff:
+ Strip unneeded prefix from .pc files (Closes: #404758).
* debian/patches/011_link_plugins.diff:
+ New patch. Link vhook plugins with the appropriate libraries.
* debian/patches/013_strip_unneeded_linker_flags.diff:
+ Remove unneeded -l flags from .pc files (Closes: #373986).
* debian/patches/020_mmx_optims.diff:
* debian/patches/020_disable_snow_mmx_in_pic.diff:
+ Sync patches.
* debian/patches/020_really_use_liba52.diff:
* debian/patches/050_h264-misc-security-fixes.diff:
* debian/patches/051_asf-misc-security-fixes.diff:
+ Drop patches, applied upstream or no longer relevant.
* debian/patches/040_only_use_maltivec_when_needed.diff:
+ Upgraded patch to cover libswscale.
* debian/libavcodec-dev.install:
+ Ship lzo.h and random.h.
* debian/rules:
+ Fix syntax for a few --enable flags.
+ Only ship ffmpeg_powerpc_performance_evaluation_howto.txt.gz on
powerpc machines (Closes: #385079).
+ Readded --enable-libtheora, it's here again.
+ Activate --enable-swscaler (Closes: #399141, #398442).
[ Reinhard Tartler ]
* debian/rules:
+ Ignore libswscale.pc and rgb2rgb.h.
* debian/libavcodec-dev.install:
+ Ship fifo.h and opt.h.
* debian/patches/005_altivec_flags.diff:
* debian/patches/005_m68k_workaround.diff:
* debian/patches/005_runtime_cpudetect.diff:
* debian/patches/006_mips_pthreads.diff:
* debian/patches/020_really_use_liba52.diff:
+ Sync patches.
* debian/patches/007_disable_ffmpeg_option.diff:
* debian/patches/030_arm_cpu_detect.diff:
* debian/patches/030_arm_workaround.diff:
+ Drop patches, applied upstream or no longer relevant.
ffmpeg (0.cvs20060823-7) unstable; urgency=high
* debian/patches/040_only_use_maltivec_when_needed.diff:
+ Fix a static function prototype that prevented programs using libpostproc
from working on PowerPC (Closes: #412214).
* debian/control:
+ Added Xs-Vcs-Browser and XS-Vcs-Svn fields.
ffmpeg (0.cvs20060823-6) unstable; urgency=high
* Upload to unstable.
ffmpeg (0.cvs20060823-5) testing-proposed-updates; urgency=high
[ Loïc Minier ]
* Add myself to Uploaders.
* Exclude firewire libs from ffmpeg-config under kFreeBSD; based on a patch
by Petr Salinger; closes: #399701.
* Fix handling of debug in DEB_BUILD_OPTIONS; thanks Andreas Henriksson;
closes: #406474.
* SECURITY: New patch, 050_h264-misc-security-fixes, to properly check the
sps and pps ids before use and to check more bitstram values and fix
potential security holes; from upstream SVN r7585, r7586, and r7591.
* SECURITY: New patch, 051_asf-misc-security-fixes, to properly check
packet sizes, chunk sizes, and fragment positions; from upstream SVN r7640
and r7650.
[ Sam Hocevar ]
* debian/copyright:
+ Fix typo and clarify licensing terms (Closes: #398235).
* debian/README.Debian:
+ Removed mention of ffmpeg-config now that we ship .pc files.
* debian/patches/020_mmx_optims.diff:
+ New patch, fix FTBFS with DEB_BUILD_OPTIONS=debug.
* debian/patches/040_early_altivec_detection.diff:
+ New patch, detect AltiVec earlier on and only once so that we don't
risk using signal handlers in a multithreaded environment or when
the caller already installed a SIGILL handler.
* debian/patches/040_only_use_maltivec_when_needed.diff:
+ New patch, only use -maltivec with files that use AltiVec intrinsics,
and make sure no codepath leads to these files on a non-AltiVec
machine (Closes: #405926).
* debian/patches/060_fix_avi_skip.diff:
+ New patch, courtesy of Ben Hutchings: do not attempt to skip the ODML
if the current seek offset is already beyond it (Closes: #383734).
ffmpeg (0.cvs20060823-4) unstable; urgency=high
* Maintainer upload.
* Acknowledging NMU (Closes: #386458).
* High urgency because of FTBFS fix.
* debian/patches/030_arm_workaround.diff:
+ New patch courtesy of Aurélien Jarno: disable the broken ARM assembly
code in libavcodec/mpegaudiodec.c.
* debian/patches/030_arm_cpu_detect.diff:
+ New patch courtesy of Aurélien Jarno: correctly detect the newer ARM
CPUs.
-- Reinhard Tartler <email address hidden> Sun, 29 Apr 2007 21:27:46 +0200
-
ffmpeg (3:0.cvs20060823-3.1ubuntu4) feisty; urgency=low
* Have ffmpeg link against the PIC version of x264. Fixes FTBFS on amd64.
* Does not affect Ubuntu, only applicable when DEB_BUILD_OPTIONS=risky
-- John Dong <email address hidden> Thu, 25 Jan 2007 12:38:17 -0500
