This release contains some security fixes, notably a DoS via corrupted
Ogg files (CVE-2008-3231), some related fixes, and fixes for a few
possible buffer overflows.
The other changes include recognition of AMR audio and Snow video.
changes:
New optimizations have been provided for SSE2 and ARM instruction sets,
while a lot of warnings triggered by recent compiler changes have been
fixed.
A new function has been added to guess the aspect ratio of streams where
it is not properly coded. Also it is now possible to retrieve the value
of the MPEG-2 repeat_first_field flag, and to be notified when the
sequence header of a stream changes (eg. aspect ratio on-the-fly changes).
changes:
Support shared desktops in RFB input
Make the Quicktime codec wrapper work on win32
Experimental DVD navigation support
Support AAC/H.264 in FLV files
Fixes in the DirectShow codec wrapper
Fix the Real codec wrapper plugin
New deinterlace2 plugin incorporating TVtime deinterlacers
Handle seeking, timestamps, duration in RAW video/audio parsers
New DirectShow video sink for Win32
FAAD reverse playback support
OSS4 support improvements
MythTV seeking support
SPC decoder now supports seeking, tags and duration queries
Replaygain elements moved to Good
Deinterleave/interleave elements fixed and moved to Good
MPEG-4 video stream parser fixes
Improved MPEG-TS parsing for DVB support
Improvements in App source/sink
RTP manager enhancements
changes:
Replaygain elements moved from Bad
Interleave/Deinterleave elements moved from Bad
Pulseaudio plugin http://pulseaudio.org is now integrated
New simple Karaoke audio effect plugin
Improvements in v4l2src
Multi-channel FLAC file fixes
AVI and Quicktime reverse playback support
AVI and Matroska muxing improvements
New element for rendering SMPTE transitions into alpha channels
Many improvements in the Win32 directdraw elements
Error out cleanly for encrypted streams
RTP/UDP handling improvements
RTSP digest authentatication implemented.
New RTP Pay/Depay-loaders for Speex, G.729, DV & raw video/audio
Error concealment for Speex
Many other bug-fixes and enhancements
(we could build it in the base pkg because it doesn't cause additional
dependencies, but it is marked experimental, so better leave it
as optional addon)
Noted by Gilles Dauphin in PR 37895.
PKGREVISION++.
Note: I've handled libXvMC the same way libXv is handled, which may not
be optimal but is least likely to break anything.
changes:
RTP improvements
Support digest auth for RTSP
Additional documentation
Support DSCP QoS in multifdsink
Add NV12/NV21 video buffer layouts
Video scaling now bilinear by default
Support more than 8 channels in audio conversions
Channel mapping fixes for audioconvert
Improve tmplayer and sami subtitle support
Support 1x1 pixel buffers for videoscale
Typefinding improvements for MPEG2, musepack
Ogg/Dirac mapping updated in oggmux
Fixes in ogg demuxing
audiosink synchronisation and slaving fixes
Support muting of the audio in playbin by selecting -1 as the audio stream
Work done on playbin2 and uridecodebin
Improvements in the experimental GIO plugin
decodebin fixes
Handle GAP buffers in some places
Various other leak and bug-fixes
changes:
Add the Presets interface
Use the binary registry by default
Deprecate gst_element_get_pad and don't use it anywhere any more.
Reverse playback fixes
API to get missing element messages from parse_launch parsing.
Fixes in latency calculations
BaseTransform negotiation fixes
New Buffering query and messages
Fix multiqueue deadlocks when changing limits
Remove pre-generated parser hacks and require newer flex/bison
Use GSlice in more places
Use static strings in property declarations everywhere to save memory
allocations
Fix unaligned memory accesses with the binary registry and add CRC checks
Lots of other bug fixes
- If the system defines isnan() and isinf() then undef them before using
gnash specific versions (which in the case of isnan() has different
numbers of arguments). Fixes build on NetBSD-4.0
2008-05-10 Russ Nelson <nelson@crynwr.com>
Sixth alpha release of Gnash (0.8.3).
Improvements since 0.8.2 release are:
More visible to users:
* Native fullscreen support (from AS) implemented.
* Long command-line options properly supported.
* View detailed movie information from GTK gui.
* Added an option in Preferences to initially display a movie
as a blank ("Click here to start") screen.
* Added "dump" GUI to dump a movie to disk.
* Improved Cairo rendering performance.
* Fix support for OpenOffice Impress SWF exporter (malformed..)
Less visible to users:
* Garbage Collector usage reduced where appropriate.
* Mouse.hide and Mouse.show implemented in GTK.
* ActionScript inheritance fixes:
o super implemented correctly (still not 100% compatible for SWF7)
o implements / instanceof works correctly now
* FsCommands quit, fullscreen and showMenu implemented.
* FsCommand-to-javascript implemented (plugin).
* Minor ActionScript compatibility fixes: String, XML, toLocaleString,
int, parseInt. fromCharCode, toString (SWF4) etc.
* Fixes to arguments class (tests: Function.as, line404~456).
* Stage.scaleMode implemented (fixes resizing of various movies).
* Stage.align implemented.
* Fixes to Date class (platform consistent).
* Logging uses boost::format.
* Improved Win32 support: builds using MinGW/MSYS (cross-compile
not tested yet), and initial implementation of npgnash.dll exists.
* Sprite handling improved, fixing FlowPlayer and other video SWFs.
* TextField handling:
o Fix in device font handling (DefineFontInfo tag)
o Fix support for DefineFont2 tag (sizes)
o Improve TextField support for TextFormat use.
* Fix parsing of malformed XML files
* Fix loading of text / XML with Byte Order Marks.
* Minor fix to _x and _y translation.
* More functions correctly registered as ASnative.
* System.capabilities information expanded.
* Jemalloc memory allocator from Mozilla added as an option.
* Redesigned and implemented AMF0 support, with the beginning of
AMF3 support.
* SWF8 line styles support (both from tag and drawing api)
changes:
- For extra safety against possible Integer overflows like the ones found
in CVE-2008-1482, backport more calloc usage from 1.2 branch
-Added MIME types and .mpp for musepack
-Fixed display of some MJPEG streams
-Deprecate xine_xmalloc() function, see src/xine-utils/utils.c for more
information about the reason
-Provide a useful implementation of xine_register_log_cb()
-New version of the JACK output plugin
pkgsrc note: the fix for CVE-2008-1878 was integrated upstream
Set SKIP_UNPACK_REQUIRED_MODULES=1 so we do not install our own copy of
various perl modules, set USE_TOOLS+=perl, and update required versions
in perl dependencies
changes:
* Fix the playlist parser trying to parse RCS files
* Fix parsing of file that appear to be DOS text files but are Podcasts
* Fix linefeeds appearing in titles
changes:
OSS v4 support
libdc1394 2.0.0 support
AAC support fixes
RTP support improved
New OFA element
SRT subtitle encoder added
Windows Inet support for http/ftp
Fixes in dc1394, MIDI, MPEG-2 encoding, MythTV input, NAS
Fixes in Bayer decoder, replaygain analysis, GSM decoder
DVB/MPEG-TS support improved
NSF decoder updated
'metadata' plugin enhancements
Dirac encoder ported to libschroedinger
mplex element ported to 0.10
VCD/CDXA parser ported to 0.10
Directshow wrapper improvements
'selector' plugin enhancements
souphttpsrc moved to the -good module
Various other fixes and enhancements
changes:
-The libsoup based http source moved from the -bad module and was raised
to primary rank
-GOOM visualisation plugin updated to Goom2k4
-Fixes in UDP, RTSP, matroska, QT/mov, AVI, v4l2, OS/X, SunAudio, mulaw
and wavpack
-New gdkpixbuf output for snapshotting
-Various other bug-fixes
Stop lying and drop maintainership of these packages. I have not
maintained them for a very long time already, so leave room for
fresh blood to take over them.
- Use latest version of the "windows-all" archive.
- Drop "qtextras" archive because the include QuickTime codecs have
various security vulnerabilities. This fixes the security
vulnerability reported in GLSA 200803-08.
(which I split in the process of the gnome-2.22 update, to get rid
of the heavyweight "nautilus" dependency in the base "totem" pkg)
This part now contains the "nautilus" plugin which displays media
file metadata on right-click.
Additional changes:
kde option compiles now, use standard installation method for
Firefox plugin.
2008-02-21 Sandro Santilli <strk@keybit.net>
Fifth alpha release of Gnash (0.8.2).
Improvements since 0.8.1 release are:
- Improved timeline redesign.
- Action execution order fixes.
- Keyboard handling improved [1].
- New classes implemented: System.capabilities (partial),
SharedObject, LocalConnection.
- New opcodes implemented: ActionImplements, Try/Throw.
- Movieclip.beginGradientFill completes drawing API support.
- MovieClip._lockroot support added.
- Implement GET/POST for MovieClip.loadVariables and
MovieClip.loadMovie
- Textfield support improved.
- Security: configurable sandbox restricts filesystem access by movies.
- Better support for SWF8.
- Streaming OGG-contained multimedia (e.g. vorbis/theora or vorbis/dirac),
and other free formats.
- OGL and Cairo renderers much improved.
- Improvements of the Framebuffer GUI (hide text messages, support Linux
events system, built-in touchscreen calibration, simple keyboard support,
better architecture support).
- SOLdumper utility for reading SOL files ('flash cookies').
- DumpShm utility finds and dumps Local Connection memory segments.
- Fullscreen display possible.
- Extensions for LIRC and DBus.
- High quality, cross-platform psuedo-randomness using boost random.
- NPAPI (Mozilla) plugin: keyboard events work, navigation and javascript
from within movies.
- Set and save preferences from the GUI (GTK).
- Improved stability and robustness with malformed SWFs.
- Many other bugfixes.
2007-08-29 Sandro Santilli <strk@keybit.net>
Fourth alpha release of Gnash (0.8.1).
Improvements since 0.8.0 release are:
- Garbage Collector
- Support for device fonts
- Support for dynamic text fields
- Better key handling
- Support for FFMPEG SVN
- Support for on-demand install of needed Gstreamer codec plugins.
- Debugger off by default (improves performance and memory use)
- AGG renderer by default
- Support for KDE/AGG combination
- Layout change : we'll now build <gui>-gnash and 'gnash' is a shell
script with gui selection capabilities (-G)
- More robust parser
- Better support for flash player detection
- Fix for 'debugLog' directive in gnashrc
- assume that Python 2.4 and 2.5 are compatible and allow checking for
fallout.
- remove PYTHON_VERSIONS_COMPATIBLE that are obsoleted by the 2.3+
default. Modify the others to deal with the removals.
libtheora 1.0beta3 (2008 April 16)
- Build new libtheoradec and libtheoraenc libraries
supporting the new API from theora-exp. This API should
not be considered stable yet.
- Change granule_frame() to return an index as documented.
This is a change of behaviour from 1.0beta1.
- Document that granule_time() returns the end of the
presentation interval.
- Use a custom copy of the libogg bitpacker in the decoder
to avoid function call overhead.
- MMX code improved and ported to MSVC.
- Fix a problem with the MMX code on SELinux
- Fix a problem with decoder quantizer initialization.
- Fix a page queue problem with png2theora.
- Improved robustness.
- Updated VS2005 project files.
- Dropped build support for Microsoft VS2003.
- Dropped build support for the unreleased libogg2.
- Added the specification to the autotools build.
- Specification corrections.
- Wrong boundary check in Speex decoder (CVE-2008-1686).
- Compilability of CDDA code with modern libcdio versions.
Vendor updates in 0.8.6f
- Security vulnerabilities in the Subtitle demuxer, Real RTSP demuxer,
MP4 demuxer and Cinepak codec: CVE-2007-6681, CVE-2008-0073,
CVE-2008-1489, CVE-2008-1769).
- Crashes in H264 packetizer.
- Close MMS access on network timeout.
- Some problems with AAC decoder & packetizer.
Vendor updates in 0.8.6e:
- Security vulnerabilities in the Web interface, Subtitle demuxer,
Real RTSP demuxer, SDL_image library and MP4 demuxer (CVE-2007-6681,
CVE-2007-6682, CVE-2006-4484, CVE-2008-0225, CVE-2008-0295, CVE-2008-0296,
CORE-2008-0130).
- Resume playback for viewing content over FTP.
- Fixed XShm detection with remote X11.
- DTS to S/PDIF converter fixes.
- Waiting for SPS/PPS problem in H.264 packetizer.
- Improved compatibility for creating H.264 video files playable on iPhones.
Approved-by: joerg
changes:
-security fix (unchecked array index, CVE-2008-1686)
-a few bug fixes (including the 1.1.11.1 regressions)
-new version of the pulseaudio output plugin
-open-source upport for RealAudio "cook"
