This fixes a number of security problems (integer overflows resulting
in heap-based buffer overflow, CVE-2007-4619).
Other changes:
-speedup
-some new options
-bugfixes
-added support for all RIFF/AIFF metadata
Thanks to Chavdar Ivanov for providing a patch.
* General:
o Improved compression with no impact on format or decoding speed.
o Much better recovery for corrupted files
o Better multichannel support
o Large file (>2GB) support everywhere
o flac now supports FLAC and Ogg FLAC as input to the encoder (e.g. can re-encode FLAC to FLAC) and preserve all the metadata like tags, etc.
o New PICTURE metadata block for storing things like cover art, new --picture option to flac and --import-picture-from option to metaflac for importing pictures, new --export-picture-to option to metaflac for exporting pictures, and metadata API additions for searching for suitable pictures based on type, size and color constraints.
o Support for new REPLAYGAIN_REFERENCE_LOUDNESS tag.
o Fixed a bug in Ogg FLAC encoding where metadata was not being updated properly. Existing Ogg FLAC files should be recoded to fix up the metadata, e.g. flac -Vf -S 10s --ogg file.ogg
o In the developer libraries, the interface has been simplfied by merging the three decoding layers into a single class; ditto for the encoders. Also, libOggFLAC has been merged into libFLAC and libOggFLAC++ has been merged into libFLAC++ so there is a single API supporting both native FLAC and Ogg FLAC.
* FLAC format:
o New PICTURE metadata block for storing things like cover art.
o Speaker assignments and channel orders for 3-6 channels (see frame header).
o Further restrictions on the FLAC subset when the sample rate is <=48kHz; in this case the maximum LPC order is now 12 and maximum blocksize is 4608. This is to further limit the processing and memory requirements for hardware implementations while not measurably affecting compression.
* Ogg FLAC format:
o (none)
* flac:
o Improved the -F option to allow decoding of FLAC files whose metadata is corrupted, and other kinds of severe corruption.
o Encoder can now take FLAC and Ogg FLAC as input. The output FLAC file will have all the same metadata as the original unless overridden with options on the command line.
o Encoder can now take WAVEFORMATEXTENSIBLE WAVE files as input; decoder will output WAVEFORMATEXTENSIBLE WAVE files when necessary to conform to the latest Microsoft specifications.
o Now properly supports AIFF and WAVEFORMATEXTENSIBLE multichannel input, performing necessary channel reordering both for encoding and decoding. WAVEFORMATEXTENSIBLE channel mask is also saved to a tag on encoding and restored on decoding for situations when there is no natural mapping to FLAC channel assignments.
o Expanded support for "odd" sample resolutions to WAVE and AIFF input; all resolutions from 4 to 24 bits-per-sample now supported for all input types.
o Added a new option --tag-from-file for setting a tag from file (e.g. for importing a cuesheet as a tag).
o Added a new option --picture for adding pictures.
o Added a new option --apodization for specifying the window function(s) to be used in LPC analysis.
o Added support for encoding from non-compressed AIFF-C (SF #1090933).
o Importing of non-CDDA-compliant cuesheets now only issues a warning, not an error (see here).
o MD5 comparison failures on decoding are now an error instead of a warning and will also return a non-zero exit code (SF #1493725).
o The default padding size is now 8K, or 64K if the input audio stream is more than 20 minutes long.
o Fixed a bug in cuesheet parsing where it would return an error if the last line of the cuesheet did not end with a newline.
o Fixed a bug that caused a crash when -a and -t were used together (SF #1229481).
o Fixed a bug with --sector-align where appended samples were not always totally silent (SF #1237707).
o Fixed bugs with --sector-align and raw input files.
o Fixed a bug printing out unknown AIFF subchunk names (SF #1267476).
o Fixed a bug where WAVE files with "data" subchunks of size 0 where accepted (SF #1293830).
o Fixed a bug where sync error at end-of-stream of truncated files was not being caught (SF #1244071).
o Fixed a problem with filename parsing if file does not have extension but also has a . in the path (SF #1161916).
o Fixed a problem with fractional-second parsing for --skip/--until in some locales (SF #1031043).
o Increase progress report rate when -p and -e are used together (SF #1580122).
* metaflac:
o Added support for read-only operations on Ogg FLAC files.
o Added a new option --set-tag-from-file for setting a tag from file (e.g. for importing a cuesheet as a tag).
o Added a new option --import-picture-from for importing pictures.
o Added a new option --export-picture-to for exporting pictures.
o Added shorthand operation --remove-replay-gain for removing ReplayGain tags.
o --export-cuesheet-to now properly specifies the FLAC file name (SF #1272825).
o Importing of non-CDDA-compliant cuesheets now issues a warning.
o Removed the following deprecated tag editing options; you should use the new option names shown instead:
+ Removed --show-vc-vendor; use --show-vendor-tag
+ Removed --show-vc-field; use --show-tag
+ Removed --remove-vc-all; use --remove-all-tags
+ Removed --remove-vc-field; use --remove-tag
+ Removed --remove-vc-firstfield; use --remove-first-tag
+ Removed --set-vc-field; use --set-tag
+ Removed --import-vc-from; use --import-tags-from
+ Removed --export-vc-to; use --export-tags-to
o Disallow multiple input FLAC files when --import-tags-from=- is used (SF #1082577).
* plugins:
o When ReplayGain is on, if tags for the preferred kind of gain (album/track) are not in a stream, the other kind will be used.
o Added ReplayGain info to file info box in XMMS plugin
o Fixed UTF-8 decoder to disallow non-shortest-form and surrogate sequences (see here).
* build system:
o Added support for building on OS/2 with EMX (SF #1229495)
o Added support for building with Borland C++ (SF #1599018)
o Added a --disable-xmms-plugin option to configure to prevent building the XMMS plugin (SF #930494).
o Added a --disable-doxygen-docs option to configure for disabling Doxygen-based API doc generation (SF #1365935).
o Added a --disable-thorough-tests option to configure to do the basic library, stream, and tool tests in a reasonable time (SF #1077948).
o Added large file support with AC_SYS_LARGEFILE; use --disable-largefile with configure to disable.
* libraries:
o Merged libOggFLAC into libFLAC; both formats are now supporte through the same API.
o Merged libOggFLAC++ into libFLAC++; both formats are now supporte through the same API.
o libFLAC and libFLAC++: Simplified encoder setup with new FLAC__stream_encoder_set_compression_level() function.
o libFLAC: Improved compression with no impact on FLAC format or decoding time by adding a windowing stage before LPC analysis.
o libFLAC: Fixed a bug where missing STREAMINFO fields (min/max framesize, total samples, MD5 sum) and seek point offsets were not getting rewritten back to Ogg FLAC file (SF #1338969).
o libFLAC: Fixed a bug in cuesheet parsing where it would return an error if the last line of the cuesheet did not end with a newline.
o libFLAC: Fixed UTF-8 decoder to disallow non-shortest-form and surrogate sequences (see here).
o libFLAC: Fixed a bug in the return value for FLAC__stream_decoder_set_metadata_respond_application() and FLAC__stream_decoder_set_metadata_ignore_application() when there was a memory allocation error (SF #1235005).
* Interface changes (see also the porting guide for specific instructions on porting to FLAC 1.1.3):
o all libraries;
+ Merged libOggFLAC into libFLAC; both formats are now supporte through the same API.
+ Merged libOggFLAC++ into libFLAC++; both formats are now supporte through the same API.
+ Merged seekable stream decoder and file decoder into the stream decoder.
+ Merged seekable stream encoder and file encoder into the stream encoder.
+ Added #defines for the API version number to make porting easier; see include/lib*FLAC*/export.h.
o libFLAC:
+ Added FLAC__stream_encoder_set_apodization()
+ Added FLAC__stream_encoder_set_compression_level()
+ Added FLAC__metadata_object_cuesheet_calculate_cddb_id()
+ Added FLAC__metadata_get_cuesheet()
+ Added FLAC__metadata_get_picture()
+ Added FLAC__metadata_chain_read_ogg() and FLAC__metadata_chain_read_ogg_with_callbacks()
+ Changed FLAC__stream_encoder_finish() now returns a FLAC__bool to signal a verify failure, or error processing last frame or updating metadata.
+ Changed FLAC__StreamDecoderState: removed state FLAC__STREAM_DECODER_UNPARSEABLE_STREAM
+ Changed FLAC__StreamDecoderErrorStatus: new error code FLAC__STREAM_DECODER_ERROR_STATUS_UNPARSEABLE_STREAM
+ The above two changes mean that when the decoder encounters what it thinks are unparseable frames from a future decoder, instead of returning a fatal error with the FLAC__STREAM_DECODER_UNPARSEABLE_STREAM state, it just calls the error callback with FLAC__STREAM_DECODER_ERROR_STATUS_UNPARSEABLE_STREAM and leaves the behavior up to the application.
o libFLAC++:
+ Added FLAC::Metadata::Picture
+ Added FLAC::Encoder::Stream::set_apodization()
+ Added FLAC::Encoder::Stream::set_compression_level()
+ Added FLAC::Metadata::CueSheet::calculate_cddb_id()
+ Added FLAC::Metadata::get_cuesheet()
+ Added FLAC::Metadata::get_picture()
+ Changed FLAC::Metadata::Chain::read() to accept a flag denoting Ogg FLAC input
+ Changed FLAC::Decoder::Stream::finish() now returns a bool to signal an MD5 failure like FLAC__stream_decoder_finish() does.
+ Changed FLAC::Encoder::Stream::finish() now returns a bool to signal a verify failure, or error processing last frame or updating metadata.
o libOggFLAC:
+ Merged into libFLAC.
o libOggFLAC++:
+ Merged into libFLAC++.
Shlib major bump -> bump ABI depends.
and add a new helper target and script, "show-buildlink3", that outputs
a listing of the buildlink3.mk files included as well as the depth at
which they are included.
For example, "make show-buildlink3" in fonts/Xft2 displays:
zlib
fontconfig
iconv
zlib
freetype2
expat
freetype2
Xrender
renderproto
RECOMMENDED is removed. It becomes ABI_DEPENDS.
BUILDLINK_RECOMMENDED.foo becomes BUILDLINK_ABI_DEPENDS.foo.
BUILDLINK_DEPENDS.foo becomes BUILDLINK_API_DEPENDS.foo.
BUILDLINK_DEPENDS does not change.
IGNORE_RECOMMENDED (which defaulted to "no") becomes USE_ABI_DEPENDS
which defaults to "yes".
Added to obsolete.mk checking for IGNORE_RECOMMENDED.
I did not manually go through and fix any aesthetic tab/spacing issues.
I have tested the above patch on DragonFly building and packaging
subversion and pkglint and their many dependencies.
I have also tested USE_ABI_DEPENDS=no on my NetBSD workstation (where I
have used IGNORE_RECOMMENDED for a long time). I have been an active user
of IGNORE_RECOMMENDED since it was available.
As suggested, I removed the documentation sentences suggesting bumping for
"security" issues.
As discussed on tech-pkg.
I will commit to revbump, pkglint, pkg_install, createbuildlink separately.
Note that if you use wip, it will fail! I will commit to pkgsrc-wip
later (within day).
New in this release are small decoding speedups for all platforms,
small encoding speedups in fast (non-LPC) mode, streaming support
in the XMMS plugin, and several bug fixes. For developers there
are also a few additions and changes to the metadata API to make
working with tags easier. See the changelog entry for complete
details. This release actually wasn't supposed to happen so soon,
but needed to be made to fix library naming and build problems in
FLAC 1.1.1 that caused trouble for package maintainers, so unless
you are having trouble with one of the particular bugs that got
fixed in 1.1.2 then there is not much of a need to upgrade.
assembler. Since they cause the FLAC build to fail on AIX and NetBSD,
only enable the optimizations if the OPSYS is Darwin.
There is also a misplaced #endif in lpc.h that causes the build to
fail on all platforms if assembler optimizations are disabled. This
is fixed by patch-af.
Thanks to Michael <macallan18@earthlink.net> for troubleshooting!
in the process. (More information on tech-pkg.)
Bump PKGREVISION and BUILDLINK_DEPENDS of all packages using libtool and
installing .la files.
Bump PKGREVISION (only) of all packages depending directly on the above
via a buildlink3 include.
All library names listed by *.la files no longer need to be listed
in the PLIST, e.g., instead of:
lib/libfoo.a
lib/libfoo.la
lib/libfoo.so
lib/libfoo.so.0
lib/libfoo.so.0.1
one simply needs:
lib/libfoo.la
and bsd.pkg.mk will automatically ensure that the additional library
names are listed in the installed package +CONTENTS file.
Also make LIBTOOLIZE_PLIST default to "yes".
intended transformation: use "rm" to remove an option, "rmdir" to remove
all options containing a path starting with a given directory name, and
"rename" to rename options to something else.
by moving the inclusion of buildlink3.mk files outside of the protected
region. This bug would be seen by users that have set PREFER_PKGSRC
or PREFER_NATIVE to non-default values.
BUILDLINK_PACKAGES should be ordered so that for any package in the
list, that package doesn't depend on any packages to the left of it
in the list. This ordering property is used to check for builtin
packages in the correct order. The problem was that including a
buildlink3.mk file for <pkg> correctly ensured that <pkg> was removed
from BUILDLINK_PACKAGES and appended to the end. However, since the
inclusion of any other buildlink3.mk files within that buildlink3.mk
was in a region that was protected against multiple inclusion, those
dependencies weren't also moved to the end of BUILDLINK_PACKAGES.
the normal case when BUILDLINK_DEPENDS.<pkg> isn't specified, it receives
a value only once due to the multiple inclusion protection in the
bulldlink3.mk files. In the case where a package includes several
buildlink3.mk files that each want a slightly different version of another
dependency, having BUILDLINK_DEPENDS.<pkg> be a list allows for the
strictest <pkg> dependency to be matched.