changes:
-security fix (unchecked array index, CVE-2008-1686)
-a few bug fixes (including the 1.1.11.1 regressions)
-new version of the pulseaudio output plugin
-open-source upport for RealAudio "cook"
changes:
* Security fixes:
- Array Indexing Vulnerability in sdpplin_parse(). (CVE-2008-0073)
- integer overflow, possibly leading to buffer overflow, CVE-2008-1482
* Reworked the plugin directory naming so that external plugins don't have
to be rebuilt for every release
* Made the version parsing much more reliable; it wasn't properly coping
with four-part version numbers
* Fixed an off-by-one in the FLAC security fix patch. This breakage was
causing failure to play some files
* Support 16-bit big-endian DTS audio
* Improved frame snapshot API. (ABI extension.)
* Re-add support for # (stream parameter separator) in raw filenames
* Fixed long delay when closing stream on dual core systems
pkgsrc note: CVE-2008-0073 was already fixed by patch
Add patch-ak and patch-an to support -enable-fpic with recent
versions of gcc. From xine cvs.
Bump PKGREVISION just in case these patch-ak and patch-an change
functionality.
Tested builds and running on FreeBSD 5.4-STABLE with gcc 3.4.2 and
FreeBSD 5.3, and Linux 2.6.9 with gcc 3.3.5. And tested build
and install on NetBSD 1.6.2_STABLE.
Okayed by jmmv a couple weeks ago.
