generic-library/ffmpeg
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge remote-tracking branch 'qatar/release/0.6' into release/0.6

Browse Source 
* qatar/release/0.6:
  Release notes for 0.6.6
  Update changelog for 0.6.6 release

Merged-by: Michael Niedermayer <michaelni@gmx.at>
This commit is contained in:
Michael Niedermayer 2012-06-09 19:09:49 +02:00
commit 438cfa9090
2 changed files with 53 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
Changelog
View File

@ -1,6 +1,41 @@
Entries are sorted chronologically from oldest to youngest within each release, Entries are sorted chronologically from oldest to youngest within each release,
releases are sorted from youngest to oldest. releases are sorted from youngest to oldest.
version 0.6.6:
- id3v2: fix skipping extended header in id3v2.4
- nsvdec: Fix use of uninitialized streams
- nsvdec: Be more careful with av_malloc()
- nsvdec: Propagate errors
- dv: check stype
- dv: Fix null pointer dereference due to ach=0
- dv: Fix small stack overread related to CVE-2011-3929 and CVE-2011-3936.
- atrac3: Fix crash in tonal component decoding
- mjpegbdec: Fix overflow in SOS
- kgv1dec: Increase offsets array size so it is large enough
- motionpixels: decode only the 111 complete frames for fate
- motionpixels: Clip YUV values after applying a gradient
- celp filters: Do not read earlier than the start of the 'out' vector
- vqavideo: return error if image size is not a multiple of block size (CVE-2012-0947)
- dpcm: ignore extra unpaired bytes in stereo streams (CVE-2011-3951)
- aacsbr: prevent out of bounds memcpy() (CVE-2012-0850)
- h264: Add check for invalid chroma_format_idc (CVE-2012-0851)
- adpcm: ADPCM Electronic Arts has always two channels (CVE-2012-0852)
- shorten: remove VLA and check for buffer overflow
- shorten: Prevent block size from increasing
- shorten: Fix out of bound writes in fix_bitshift()
- shorten: check for realloc failure (CVE-2012-0858)
- shorten: Use separate pointers for the allocated memory for decoded samples (CVE-2012-0858)
- kmvc: Check palsize (CVE-2011-3952)
- qdm2: clip array indices returned by qdm2_get_vlc()
- configure: properly check for mingw-w64 through installed headers
- mingw32: properly check if vfw capture is supported by the system headers
- mingw32: merge checks for mingw-w64 and mingw32-runtime >= 3.15 into one
- dxva2: define required feature selection macros
- png: check bit depth for PAL8/Y400A pixel formats
- ea: check chunk_size for validity
- tqi: Pass errors from the MB decoder
version 0.6.5: version 0.6.5:
- vorbis: An additional defense in the Vorbis codec. (CVE-2011-3895) - vorbis: An additional defense in the Vorbis codec. (CVE-2011-3895)
- vorbisdec: Fix decoding bug with channel handling. - vorbisdec: Fix decoding bug with channel handling.

18
RELEASE
View File

@ -192,3 +192,21 @@ demuxer (CVE-2011-3893 and CVE-2011-3895).
Distributors and system integrators are encouraged Distributors and system integrators are encouraged
to update and share their patches against this branch. For a full list to update and share their patches against this branch. For a full list
of changes please see the Changelog file. of changes please see the Changelog file.
* 0.6.6
General notes
-------------
This mostly maintenance-only release that addresses a number a number of
bugs such as security and compilation issues that have been brought to
our attention. Among other fixes, this release features includes
security updates for the, DV decoder (CVE-2011-3929 and CVE-2011-3936),
VQA Video Decoder (CVE-2012-0947), DPCM codecs (CVE-2011-3951), AAC SBR
(CVE-2012-0850), H.264 (CVE-2012-0851), ADPCM (CVE-2012-0852), Shorten
(CVE-2012-0858), and the KMVC decoder (CVE-2011-3952).
Distributors and system integrators are encouraged
to update and share their patches against this branch. For a full list
of changes please see the Changelog file or the git commit history.