This warning isn't supposed to fire on macro code, so this is either
something subtly odd in pkgin or broken in OS X's clang. This still
needs fixing, but in a way that's more limited to the problematic
platform.
Changes:
Features
========
New
---
* vo_opengl: implement debanding
Removed
-------
* audio/filter: remove center, extrastereo, karaoke, sinesuppress, sub,
surround, sweep, ladspa, hrtf, export and bs2b filters (these are either
considered useless or have replacements in lavfi)
* video/filter: remove lavfi wrappers for noise, hqdn3d, unsharp and delogo
(these filters remain usable through lavfi)
Behavior
--------
* vo_opengl: require FBOs by default (use dumb-mode suboption for old
hardware and broken drivers)
* vo_opengl: enable debanding by default for the opengl-hq preset
* audio/out: use new sample format determination code
* player: prefer logical current directory path (affects logic for resuming
playback)
* vf_vdpaurb: Pass through non-hardware-decoded content
* player: make force-window=immediate work in auto-profiles
Options and Commands
====================
Added
-----
* af_lavrresample: add normalize suboption
* vo_opengl: add deband, deband-iterations, deband-threshold, deband-range
and deband-grain suboptions
* af_lavfi: implement af-metadata property (like vf-metadata) (#2311)
Changed
-------
* command: make "add 0" not change the value
Removed
-------
* vo_opengl: remove source-shader suboption
Fixes and Minor Enhancements
============================
* options: fix --no-config
* cache: do not include backbuffer size in total stream cache size (#2305)
* audio/format: actually prefer float over double sample format for int->
float conversions
* audio/format: fix interlaved vs. non-interleaved conversions
* audio/format: revise format conversion scoring
* video: make --field-dominance set interlaced flag (#2289)
* vf: vf_stereo3d compilation depends on libavfilter
* vf_yadif: add hack for Libav compatibility (#2335)
* player: add opus to list of external audio file extensions (#2336)
* build: allow disabling vapoursynth completely
* libmpv/win32: allow multiple windows at the same time (#2319)
(from pkgsrc-wip, originally packaged by reed@)
Xtrace fakes an X server and forwards all connections to a real X
server, displaying the communication between clients. It prints
the requests going from client to server and the replies, events
and errors going the other way.
* Fix preview of Instagram images
* Allow uppercase extensions on preview of image URLs
* Fix error on fetching private or protected users' lists
when multiple accounts are registered and selected account
doesn't have privileges to access the private lists
* Reduce Twitter API requests to get lists
Allow any number of retries, instead of only up to 3.
Add ruser option, to authenticate as PAM_RUSER instead of PAM_USER,
to allow applications such as 'su' to authenticate as the real user.
Patch from David Mitchell.
Add 'localifdown' option.
The issues were reported in Go's net/http package. They affect programs using
that package to proxy HTTP requests. We recommend that all users upgrade to Go
1.5, which fixes these issues. For users unable to upgrade to Go 1.5, we have
released version 1.4.3, which is based on Go 1.4.2 plus fixes for these issues.
Affected Go programs—those that use the net/http package as a proxy server—must
be recompiled with Go 1.5 or Go 1.4.3 to receive the fixes.
The CVE issue descriptions and fixes are linked below.
CVE-2015-5739
"Content Length" treated as valid header:
https://go-review.googlesource.com/#/c/11772/
CVE-2015-5740
Double content-length headers does not return 400 error:
https://go-review.googlesource.com/#/c/11810/
CVE-2015-5741
Additional hardening, not sending Content-Length w/Transfer-Encoding,
Closing connections:
https://go-review.googlesource.com/#/c/11810/https://go-review.googlesource.com/#/c/12865/https://go-review.googlesource.com/#/c/13148/
The Go team would like to thank Jed Denlea and Régis Leroy for their
contributions to this release. They have been awarded 1337 USD under the Google
Security Bounty program.
