too many changes to list here, see the ChangeLog
most visible: security patches and DragonFly support were intrgrated
upstream, new gmplayer look&feel (like it or not...)
which we had a patch for
-add another patch from the Mplayer site which fixes CVE-2006-0579
(ASF demuxer overflows)
bump PKGREVISIONS of mplayer, mencoder and gmplayer
developer is officially maintaining the package.
The rationale for changing this from "tech-pkg" to "pkgsrc-users" is
that it implies that any user can try to maintain the package (by
submitting patches to the mailing list). Since the folks most likely
to care about the package are the folks that want to use it or are
already using it, this would leverage the energy of users who aren't
developers.
aalib-x11 and aview-x11.
SDL dependencies change, so bump PKGREVISION (and BUILDLINK_RECOMMENDED)
for affected packages.
Addresses PR 32046 by Leonard Schmidt.
"A vulnerability in FFmpeg libavcodec can be exploited by malicious people
to cause a DoS (Denial of Service) and potentially to compromise a user's
system."
http://secunia.com/advisories/17892/
Fix from ffmpeg CVS repository, libavcodec/utils.c rev. 1.162:
"default_get_buffer() cleanup
fixes probably exploitable heap overflow
heap overflow found by (Simon Kilvington)"
This means that the MPLAYER_ENABLE_RUNTIME_CPU_DETECTION,
MPLAYER_DISABLE_DRIVERS and MPLAYER_USE_MEDIALIB become deprecated
(although still recognized).
Visible changes in the resulting binary packages should be minimum by
default (everything that was enabled before still is, and the same
dependencies are kept). A notable addition, though, is the support for
user-defined menus, closing PR pkg/29784.
Also note that (almost) all dependencies have now a corresponding option
to disable them in case you want to get a minimalist mplayer package.
'make show-options' is your friend ;)
With thanks to wiz@ and dillo@ for their comments and help.
Several changes are involved since they are all interrelated. These
changes affect about 1000 files.
The first major change is rewriting bsd.builtin.mk as well as all of
the builtin.mk files to follow the new example in bsd.builtin.mk.
The loop to include all of the builtin.mk files needed by the package
is moved from bsd.builtin.mk and into bsd.buildlink3.mk. bsd.builtin.mk
is now included by each of the individual builtin.mk files and provides
some common logic for all of the builtin.mk files. Currently, this
includes the computation for whether the native or pkgsrc version of
the package is preferred. This causes USE_BUILTIN.* to be correctly
set when one builtin.mk file includes another.
The second major change is teach the builtin.mk files to consider
files under ${LOCALBASE} to be from pkgsrc-controlled packages. Most
of the builtin.mk files test for the presence of built-in software by
checking for the existence of certain files, e.g. <pthread.h>, and we
now assume that if that file is under ${LOCALBASE}, then it must be
from pkgsrc. This modification is a nod toward LOCALBASE=/usr. The
exceptions to this new check are the X11 distribution packages, which
are handled specially as noted below.
The third major change is providing builtin.mk and version.mk files
for each of the X11 distribution packages in pkgsrc. The builtin.mk
file can detect whether the native X11 distribution is the same as
the one provided by pkgsrc, and the version.mk file computes the
version of the X11 distribution package, whether it's built-in or not.
The fourth major change is that the buildlink3.mk files for X11 packages
that install parts which are part of X11 distribution packages, e.g.
Xpm, Xcursor, etc., now use imake to query the X11 distribution for
whether the software is already provided by the X11 distribution.
This is more accurate than grepping for a symbol name in the imake
config files. Using imake required sprinkling various builtin-imake.mk
helper files into pkgsrc directories. These files are used as input
to imake since imake can't use stdin for that purpose.
The fifth major change is in how packages note that they use X11.
Instead of setting USE_X11, package Makefiles should now include
x11.buildlink3.mk instead. This causes the X11 package buildlink3
and builtin logic to be executed at the correct place for buildlink3.mk
and builtin.mk files that previously set USE_X11, and fixes packages
that relied on buildlink3.mk files to implicitly note that X11 is
needed. Package buildlink3.mk should also include x11.buildlink3.mk
when linking against the package libraries requires also linking
against the X11 libraries. Where it was obvious, redundant inclusions
of x11.buildlink3.mk have been removed.
some relevant changes:
-RTSP/MMST security patches now in main distribution
-documentation improvements
-x86_64 support fixes
-integrated Tremor decoder for Ogg/Vorbis
-expose support for 422P and 444P raw formats
-dropped support of old FAAD2 versions (<= 1.1)
-support for 32 bit float and extended WAV files
-support for multichannel WAV files
-ALAC (QuickTime lossless audio) support via lavc
-vqf demuxer
-support for Real multirate files
-more user-friendly info about audio and subtitle tracks in Ogg files
-streaming improvements
-ffmpeg updates
-MEncoder usability improvements
-many fixes and cleanups
This release updates and enhances documentation and translations, adds full X86-64 support, adds 18
new codecs, updates various codecs, adds special CPU saving options for low end machines, adds
better support for MacOS X and Windows, and adds uncountable fixes and enhancements all over the
place.
Changes since version 1.0pre5:
- buffer overflow in mp3lib fixed
- heap overflow in Real rtsp streaming code fixed
- stack overflow in mmst streaming code fixed
- unnecessary bmp demuxer removed because of buffer overflows
- heap overflow in pnm streaming code fixed
This fixes the vulnerabilities reported by iDEFENSE recently.
