Changes 1.2.7:

avformat/mpc: attempt to allocate a packet that is not smaller than the data inside it
avcodec/alsdec: Clear MPEG4AudioConfig so that no use of uninitialized memory is possible
avformat/flvenc: Do not allow creating h263/mpeg4 in flv without unofficial format extensions being enabled
avcodec/mss4: Fix () in MKVAL() macro
avcodec/mss34dsp: fix () in SOP* macros
avcodec/mlpdec: fix () in MSB_MASK() macro
avcodec/golomb-test: fix () in EXTEND() macro
avcodec/aac: fix () in IS_CODEBOOK_UNSIGNED macro
avcodec/libvorbisenc: dont add the duration to AV_NOPTS_VALUE
avutil/cpu: force mmx on selection of higher x86 SIMD features
avcodec/diracdec: move mc buffer allocation to per frame
avfilter/graphdump: Fix pointer to local outside scope
more...

multimedia/ffmpeg/Makefile

@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.121 2014/06/27 17:27:39 drochner Exp $
+# $NetBSD: Makefile,v 1.122 2014/07/04 10:33:41 adam Exp $
 
 PKGNAME=	ffmpeg-20140305.${DISTVERSION}
-PKGREVISION=	2
 MAINTAINER=	pkgsrc-users@NetBSD.org
 HOMEPAGE=	http://ffmpeg.mplayerhq.hu/
 COMMENT=	Decoding, encoding and streaming software

multimedia/ffmpeg/Makefile.common

@@ -1,4 +1,4 @@
-# $NetBSD: Makefile.common,v 1.38 2014/06/30 09:30:07 jperkin Exp $
+# $NetBSD: Makefile.common,v 1.39 2014/07/04 10:33:41 adam Exp $
 # used by multimedia/ffplay/Makefile
 # used by multimedia/ffmpeg/Makefile
 
@@ -9,7 +9,7 @@ EXTRACT_SUFX=	.tar.bz2
 
 LICENSE=	gnu-lgpl-v2.1 AND gnu-gpl-v2
 
-DISTVERSION=	1.2.6
+DISTVERSION=	1.2.7
 PREV_PKGPATH=	multimedia/ffmpeg-devel
 PATCHDIR=	${.CURDIR}/../../multimedia/ffmpeg/patches
 

multimedia/ffmpeg/distinfo

@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.74 2014/06/27 17:27:39 drochner Exp $
+$NetBSD: distinfo,v 1.75 2014/07/04 10:33:41 adam Exp $
 
-SHA1 (ffmpeg-1.2.6.tar.bz2) = b38c441bca3644027e2e2cfb3aef587ae43082d6
-RMD160 (ffmpeg-1.2.6.tar.bz2) = 54fe18fc32b9d6893bd3aab9007373499646d643
-Size (ffmpeg-1.2.6.tar.bz2) = 5970714 bytes
+SHA1 (ffmpeg-1.2.7.tar.bz2) = ff49a6b28e174f9f8072638d8251e1e447666ef6
+RMD160 (ffmpeg-1.2.7.tar.bz2) = ac1df042ebb63f815292f48d899bd8cb70098112
+Size (ffmpeg-1.2.7.tar.bz2) = 5969563 bytes
 SHA1 (patch-CVE-2014-4610) = dc77f6f37760c0e34f730f241af1ba3ce72ef5b1
 SHA1 (patch-aa) = 14006874aee07e7e41803269040f0ae0157d931d
 SHA1 (patch-ac) = ff8a7a5fdfd4987ef2835bd7360a78efd4310253

multimedia/ffmpeg/patches/patch-CVE-2014-4610

@@ -1,47 +0,0 @@
-$NetBSD: patch-CVE-2014-4610,v 1.1 2014/06/27 17:27:39 drochner Exp $
-
---- libavutil/lzo.c.orig	2014-06-27 16:32:34.000000000 +0000
-+++ libavutil/lzo.c
-@@ -22,6 +22,7 @@
- #include <string.h>
- 
- #include "avutil.h"
-+#include "avassert.h"
- #include "common.h"
- #include "intreadwrite.h"
- #include "lzo.h"
-@@ -65,8 +66,13 @@ static inline int get_len(LZOContext *c,
- {
-     int cnt = x & mask;
-     if (!cnt) {
--        while (!(x = get_byte(c)))
-+        while (!(x = get_byte(c))) {
-+            if (cnt >= INT_MAX - 1000) {
-+                c->error |= AV_LZO_ERROR;
-+                break;
-+            }
-             cnt += 255;
-+        }
-         cnt += mask + x;
-     }
-     return cnt;
-@@ -80,6 +86,7 @@ static inline void copy(LZOContext *c, i
- {
-     register const uint8_t *src = c->in;
-     register uint8_t *dst       = c->out;
-+    av_assert0(cnt >= 0);
-     if (cnt > c->in_end - src) {
-         cnt       = FFMAX(c->in_end - src, 0);
-         c->error |= AV_LZO_INPUT_DEPLETED;
-@@ -110,9 +117,9 @@ static inline void copy(LZOContext *c, i
-  */
- static inline void copy_backptr(LZOContext *c, int back, int cnt)
- {
--    register const uint8_t *src = &c->out[-back];
-     register uint8_t *dst       = c->out;
--    if (src < c->out_start || src > dst) {
-+    av_assert0(cnt > 0);
-+    if (dst - c->out_start < back) {
-         c->error |= AV_LZO_INVALID_BACKPTR;
-         return;
-     }

multimedia/ffplay/Makefile

@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.12 2014/04/10 05:39:16 obache Exp $
+# $NetBSD: Makefile,v 1.13 2014/07/04 10:33:41 adam Exp $
 
 PKGNAME=	${DISTNAME:S/ffmpeg/ffplay/}
-PKGREVISION=	1
 MAINTAINER=	pkgsrc-users@NetBSD.org
 HOMEPAGE=	http://ffmpeg.mplayerhq.hu/
 COMMENT=	Simple SDL frontend for FFmpeg