If I'm wrong, let me know why.
Add upstream bug report URLs to nearly all remaining patches,
after filing these upstream bug reports.
Hi everyone who patched this without doing that!
xine-lib (1.2.5) 2014-04-08
* Update german translation.
* Add bass downmix support to AC3 decoder.
* Add experimental YCgCo colorspace support.
* Add avformat demux plugin.
- Support for new formats and protocols.
- Proper rtsp support (with avformat+rtsp://, rtsp+tcp:// and rtsp+http:// mrls).
- by default native xine demux plugins are probed first.
This can be overridden in config, by selecting demuxer in mrl (#demux:avformat),
or by using "avformat+" mrl prefix.
* Add avio (libavformat) input plugin:
- Support for new protocols (https://, ftp://, sftp://, ...).
- Support for seekable http streams (with "avio+http://" mrl).
- By default native xine input plugins are used. This can be overridden in config or by using "avio+" mrl prefix.
* Recognise & use HEVC/H.265. (ffmpeg)
* Add support for HEVC/H.265 to the mpeg-ts demuxer.
* Add support for HEVC/H.265 and VP9 to the matroska demuxer.
* Add VP8/VP9 decoder using libvpx.
* Modernise Quicktime demuxer:
- Multiple user selectable audio traks.
- Support AC3, EAC3, vorbis, Purevoice audio.
- Support ISO fragment media files.
- More safety on broken files.
- Slightly faster.
* Recognise & use ADPCM G.726 and ATRAC3. (ffmpeg/libva)
* Build fixes.
* Fix HDMV subtitle channel.
* FFmpeg compatibility fixes.
* Some colour format conversion fixes.
* Fix RealVideo re-ordered PTS: pass through, let the decoder re-order it.
* Fix some problems with COOK audio.
revision 1.2 of patches/patch-src-post-planar-eq2.c. Apparently, some
versions of gcc don't like an empty clobber list in an asm statement.
This should fix PR 47035 from David Shao.
into a separate asm statement, to give the compiler more freedom
for register allocation. Fixes a problem with gcc-4.5.4 on NetBSD/i386
in which gcc complained:
eq2.c: In function 'affine_1d_MMX':
eq2.c:128:5: error: can't find a register in class 'GENERAL_REGS' while reloading 'asm'
eq2.c:128:5: error: 'asm' operand has impossible constraints
features of libxineposix are supported natively and ar refuses create an
empty library, and it shouldn't do any harm otherwise. Fixes build on
OpenIndiana 151.
changes:
-bugfixes
-support WebM container format
-support Xv gamma adjustment
-handle some more formats and Ogg tags
many pkgsrc patches were integrated upstream
This release adds support for WMA Pro and basic support for Quicktime
media links (much better support is present in the 1.2 branch) and has
various fixes for 24-bit FLAC and LPCM, TTA, and AAC in Flash video;
there's also one important fix for DXR3 users, allowing xine-lib to work
with recent versions of the em8300 driver. It also has enhanced support
for metadata (currently Ogg-only).
changes:
* Build fixes related to ImageMagick 6.4 & later.
* Fix an error in Matroska PTS calculation.
* Some front ends hang due to the hang fixes in 1.1.16. Fix
this by removing a break statement.
* Fix broken size checks in various input plugins
(ref. CVE-2008-5239).
* More malloc checking (ref. CVE-2008-5240).
* Fix race conditions in gapless_switch
(ref. kde bug #180339)
* Fix a possible integer overflow in the 4XM demuxer.
(TKADV2009-004.txt)
pkgsrc notes:
-the 4xm fix upstream is wrong, do it better (patch-ax)
-filter out --no-undefined linker options on NetBSD<5 because this
causes errors if shared modules are not linked against libc
This fixes a number of security problems:
CVE-2008-5234 vector 1, CVE-2008-5236, CVE-2008-5237, CVE-2008-5239,
CVE-2008-5240 vectors 3 & 4, CVE-2008-5243
other changes:
-Support H.264 and AAC streams within FLV
-tagging improvements
-Add position-based seeking independent from seekpoints
-misc fixes
changes:
- For extra safety against possible Integer overflows like the ones found
in CVE-2008-1482, backport more calloc usage from 1.2 branch
-Added MIME types and .mpp for musepack
-Fixed display of some MJPEG streams
-Deprecate xine_xmalloc() function, see src/xine-utils/utils.c for more
information about the reason
-Provide a useful implementation of xine_register_log_cb()
-New version of the JACK output plugin
pkgsrc note: the fix for CVE-2008-1878 was integrated upstream
changes:
-security fix (unchecked array index, CVE-2008-1686)
-a few bug fixes (including the 1.1.11.1 regressions)
-new version of the pulseaudio output plugin
-open-source upport for RealAudio "cook"
changes:
* Security fixes:
- Array Indexing Vulnerability in sdpplin_parse(). (CVE-2008-0073)
- integer overflow, possibly leading to buffer overflow, CVE-2008-1482
* Reworked the plugin directory naming so that external plugins don't have
to be rebuilt for every release
* Made the version parsing much more reliable; it wasn't properly coping
with four-part version numbers
* Fixed an off-by-one in the FLAC security fix patch. This breakage was
causing failure to play some files
* Support 16-bit big-endian DTS audio
* Improved frame snapshot API. (ABI extension.)
* Re-add support for # (stream parameter separator) in raw filenames
* Fixed long delay when closing stream on dual core systems
pkgsrc note: CVE-2008-0073 was already fixed by patch
changes:
This release contains a security fix (remotely-expoitable buffer overflow,
CVE-2006-1664). (This is not the first time that that bug has been fixed?)
It also fixes a few more recent bugs, such as the audio output problems
in 1.1.9.
(The fix for CVE-2008-0225 which we had patches for was included
upstream too.)
