This changes the buildlink3.mk files to use an include guard for the
recursive include. The use of BUILDLINK_DEPTH, BUILDLINK_DEPENDS,
BUILDLINK_PACKAGES and BUILDLINK_ORDER is handled by a single new
variable BUILDLINK_TREE. Each buildlink3.mk file adds a pair of
enter/exit marker, which can be used to reconstruct the tree and
to determine first level includes. Avoiding := for large variables
(BUILDLINK_ORDER) speeds up parse time as += has linear complexity.
The include guard reduces system time by avoiding reading files over and
over again. For complex packages this reduces both %user and %sys time to
half of the former time.
changes:
* Build fixes related to ImageMagick 6.4 & later.
* Fix an error in Matroska PTS calculation.
* Some front ends hang due to the hang fixes in 1.1.16. Fix
this by removing a break statement.
* Fix broken size checks in various input plugins
(ref. CVE-2008-5239).
* More malloc checking (ref. CVE-2008-5240).
* Fix race conditions in gapless_switch
(ref. kde bug #180339)
* Fix a possible integer overflow in the 4XM demuxer.
(TKADV2009-004.txt)
pkgsrc notes:
-the 4xm fix upstream is wrong, do it better (patch-ax)
-filter out --no-undefined linker options on NetBSD<5 because this
causes errors if shared modules are not linked against libc
This fixes a number of security problems:
CVE-2008-5234 vector 1, CVE-2008-5236, CVE-2008-5237, CVE-2008-5239,
CVE-2008-5240 vectors 3 & 4, CVE-2008-5243
other changes:
-Support H.264 and AAC streams within FLV
-tagging improvements
-Add position-based seeking independent from seekpoints
-misc fixes
This release contains some security fixes, notably a DoS via corrupted
Ogg files (CVE-2008-3231), some related fixes, and fixes for a few
possible buffer overflows.
The other changes include recognition of AMR audio and Snow video.
Noted by Gilles Dauphin in PR 37895.
PKGREVISION++.
Note: I've handled libXvMC the same way libXv is handled, which may not
be optimal but is least likely to break anything.
changes:
- For extra safety against possible Integer overflows like the ones found
in CVE-2008-1482, backport more calloc usage from 1.2 branch
-Added MIME types and .mpp for musepack
-Fixed display of some MJPEG streams
-Deprecate xine_xmalloc() function, see src/xine-utils/utils.c for more
information about the reason
-Provide a useful implementation of xine_register_log_cb()
-New version of the JACK output plugin
pkgsrc note: the fix for CVE-2008-1878 was integrated upstream
changes:
-security fix (unchecked array index, CVE-2008-1686)
-a few bug fixes (including the 1.1.11.1 regressions)
-new version of the pulseaudio output plugin
-open-source upport for RealAudio "cook"
changes:
* Security fixes:
- Array Indexing Vulnerability in sdpplin_parse(). (CVE-2008-0073)
- integer overflow, possibly leading to buffer overflow, CVE-2008-1482
* Reworked the plugin directory naming so that external plugins don't have
to be rebuilt for every release
* Made the version parsing much more reliable; it wasn't properly coping
with four-part version numbers
* Fixed an off-by-one in the FLAC security fix patch. This breakage was
causing failure to play some files
* Support 16-bit big-endian DTS audio
* Improved frame snapshot API. (ABI extension.)
* Re-add support for # (stream parameter separator) in raw filenames
* Fixed long delay when closing stream on dual core systems
pkgsrc note: CVE-2008-0073 was already fixed by patch
This release contains a security fix (array index vulnerability which
may lead to a stack buffer overflow, CVE-2008-0486). There are also
two minor bug fixes.
changes:
This release contains a security fix (remotely-expoitable buffer overflow,
CVE-2006-1664). (This is not the first time that that bug has been fixed?)
It also fixes a few more recent bugs, such as the audio output problems
in 1.1.9.
(The fix for CVE-2008-0225 which we had patches for was included
upstream too.)
changes:
There are improvements to DVB subtitle support and H.264 video, and fixes
for MP3 playback, DVB, ivtv, Flash video streams and some playlist types
(particularly XML ones). One significant fix is that the special "be nice
to the user" '#' handling has been dropped since it seems to have been
causing more problems than it fixes.
pkgsrc note: a fix for CVE-2008-0225 (RTSP buffer overflow) is
already included
This has improved DVB subtitles support, implements simple subtitle scaling
and bold & italics for text subtitles, and allows control of XxMC bob
deinterlacing. It also has fixes for an audio resampling problem (which
manifested as regular clicking), a problem which would cause the goom
plugin to stop working, and URL escape handling (use of %) in DVD and
Video CD MRLs. Some memory leaks are also fixed, and there are some
build fixes for Solaris users.
changes:
-bugfixes, among others for VCD playback
-adds support for libdca (formerly libdts)
-handle disappearing audio devices (possibly ALSA specific)
changes:
-bugfixes, among others for VCD playback
-adds support for libdca (formerly libdts)
-handle disappearing audio devices (possibly ALSA specific)
changes:
This release contains improvements and important bugfixes.
Some issues that have really "bugged" us for quite some
time (like NTSC DVDs audio sync, broken since 1.1.2, and
H.264 crashes) are finally fixed.
Some of the new features include True Audio and WavPack
support.
bugfixes, cleanup etc
pkgsrc notes:
-new True Audio / WavPack support is not enabled yet
-cleanup of bl3.mk: no need to propagate internals
-removed dependency on libflac -- there is support to play flac files
internally
-removed build of plugins for more exotic video outputs (SDL, ImageMagick,
GL, aalib), this might be built in extra pkgs (like esound and arts
already do)
