Upstream announcement:
https://helpx.adobe.com/security/products/flash-player/apsb18-31.html
Adobe Security Bulletin
Security updates available for Flash Player | APSB18-31
Summary
Adobe has released security updates for Adobe Flash Player for Windows,
macOS, Linux and Chrome OS. These updates address an important
vulnerability in Adobe Flash Player 30.0.0.154 and earlier versions.
Successful exploitation could lead to information disclosure.
Version 26.0.0 "In The Game":
New features and enhancements
* mkvmerge: chapter generation: if the name template given by
--generate-chapters-name-template is empty, no names (ChapterDisplay
master elements with ChapterString/ChapterLanguage children) will be
generated for the chapter atoms.
* mkvmerge: chapters: chapter names generated from MPLS files will now use the
name template if one is set via --generate-chapters-name-template.
* mkvmerge: mkvmerge will no longer abort with an error message if no audio,
video and subtitle tracks should be multiplexed. This allows copying of
chapters from non-chapter source files (e.g. Matroska or MP4 files).
* MKVToolNix GUI: the font size in the tool selector on the left will scale
with the font size the user selects in the preferences.
* MKVToolNix GUI: the GUI will no longer automatically resize the columns in
tree and list views to match the content size. Instead it remembers and
restores the widths set by the user.
* MKVToolNix GUI: multiplexer: the chapter name template will now be set
automatically to the name template in the preferences' "chapter editor"
section. Additionally the option --generate-chapters-name-template … will
be passed to mkvmerge in situations when mkvmerge will generate chapters
(either because automatic generation is enabled or if chapters are generated
for MPLS playlists).
* MKVToolNix GUI: chapter editor: if the chapter name template is empty,
chapters will be generated without names.
* MKVToolNix GUI: chapter editor: added an option to remove all chapter names
to the "additional modifications" dialog.
Bug fixes
* mkvmerge: Matroska reader: fixed wrong timestamps when appending Matroska
files where the second Matroska file's first timestamp is bigger
than 0.
* mkvmerge: MP4 reader: fixed division by zero errors during file
identification if the timescale is 0 in the MVHD atom.
* mkvmerge: Windows Television DVR files are now recognized as an unsupported
file type. This prevents mis-detection as MPEG-2 with an accompanying flood
of error messages.
* MKVToolNix GUI: info tool: under certain circumstances "cues" were shown at
the wrong level (inside the previous master element instead of on level 1).
* MKVToolNix GUI: job queue: fixed invalid memory handling and consequent
crashes when using the "edit in corresponding tool & remove from job queue"
option if one of the files in that job contained attached files.
Build system changes
* An AppStream metadata file will be installed in $prefix/share/metainfo.
20180624:
ppc: Optimize quant functions
ppc: Add support for Power9-only vec_absd
pc: Optimize sub8x8_dct_dc
ppc: AltiVec add16x16_idct_dc
ppc: Optimize add8x8_idct_dc
ppc: Add compatibility macros for vec_xxpermdi
Prefer a monotonic clock source if available
Add Sony XAVC, a flavour of AVC-Intra
Cosmetics: Fix indentation for multiline function prototypes
Cosmetics: Use consistent "inline" attribute position
x86: AVX-512 plane_copy and plane_copy_swap
4:0:0 (monochrome) encoding support
Makefile improvements
x86inc: Improve SAVE/LOAD_MM_PERMUTATION macros
x86inc: Optimize VEX instruction encoding
x86inc: Fix VEX -> EVEX instruction conversion
configure: Fix required version checks for lavf and swscale
Fix float division by zero in weightp analysis
Fix undefined behavior of left shift for CAVLC encoding
Fix integer overflow in slicetype_path_cost
cli: Fix preset help listing
ppc: Fix zigzag_interleave
Fix clang stack alignment issues
Fix missing bs_flush in AUD writing
Fix possible undefined behavior of right shift
make bs_align_10 imply bs_flush
Fix theoretically incorrect cost_mv_fpel free
configure: Fix ambiguous "$(("
Fix --qpmax default value in fullhelp
Switch to gstreamer1.
Overview of changes in gst123-0.3.5:
* Support faster/slower playback [David Fries].
* Better status bar notification (on the same line as time).
* Minor bugfixes.
Upstream announcement:
https://helpx.adobe.com/security/products/flash-player/apsb18-25.html
Adobe Security Bulletin
Security updates available for Flash Player | APSB18-25
Summary
Adobe has released security updates for Adobe Flash Player for Windows,
macOS, Linux and Chrome OS. These updates address important
vulnerabilities in Adobe Flash Player 30.0.0.134 and earlier versions.
Successful exploitation could lead to arbitrary code execution in the
context of the current user.
pkgsrc changes:
- Drop sdl option, SDL1 is no longer supported by mpv (was used only for
audio)
Changes:
0.29.0
======
This release requires FFmpeg 4.0 or newer.
Features
--------
Added
~~~~~
- ao/openal: Add better sample format and channel layout selection
- ao/openal: Add support for direct channels output
- cocoa-cb: initial implementation via opengl-cb API
- context_drm_egl: Introduce 30bpp support (requires Mesa 18.0.0_rc4 or later)
- osx: add some more menu bar items as suggested by Apples's HIG
- vo_gpu: make screenshots use the GL renderer (#5498, #5240)
- x11: support Shift+TAB as an input key bind (#5849)
- ytdl_hook: support native dash demuxer, if present
Changed
~~~~~~~
- ao_alsa, ao_pulse: reduce requested buffer size
- audio: change format negotiation, remove channel remix fudging
- client API: deprecate opengl-cb API and introduce a replacement API
- demux: lower demuxer cache default sizes from 400MB/400MB to 50MB/150MB
- osx: always deactivate the early opengl flush on macOS
- scripting: change when/how player waits for scripts being loaded
- vo_gpu: various improvements to HDR peak detection
- vo_gpu: various improvements to HDR tone mapping
- wayland_common: update to stable xdg-shell
- ytdl_hook: parse youtube playlist urls to set start index if `--ytdl-raw-option=yes-playlist=` is specified
Deprecated
~~~~~~~~~~
- af_lavrresample: deprecate this filter
Removed
~~~~~~~
- build: drop support for SDL1 (only applied to ao_sdl)
Options and Commands
--------------------
Added
~~~~~
- add a number of --audio-resample-* options, which should from now on be used instead of --af-defaults=lavrresample:
- ao/openal: --openal-direct-channels
- command: add --osd-on-seek option defaulting to bar
- command: add a change-list command (#5435)
- options: add --http-proxy
- options: add a builtin low-latency profile
- vaapi: add option to select a non-default device path with --vaapi-device (#4320)
- video: add option to reduce latency by 1 or 2 frames
- vo_gpu: introduce --target-peak (#5521)
Changed
~~~~~~~
- command: change cycle-value command behavior (#5772)
- config: replace config dir lua-settings/ with dir script-opts/
- options: --lavfi-complex now requires uniquely named filter pads.
- options: --ytdl is now always enabled, even for libmpv
- options: make --deinterlace=yes always deinterlace (#5219)
- options: slightly improve filter help output for lavfi bridge
- vo: rename --vo=opengl-cb to --vo=libmpv
Deprecated
~~~~~~~~~~
- encoding: deprecate a bunch of obscure options (--ovoffset, --oaoffset, --ovfirst, --oafirst)
- options: deprecate --vf-defaults and --af-defaults
- osx: --gpu-context=cocoa with --gpu-api=opengl is now deprecated in favour of --vo=libmpv
Removed
~~~~~~~
- command: remove an old compatibility hack that allowed CLI aliases to be set as property, deprecated in 0.26.0
- input: remove legacy command handling for MPlayer commands that were deprecated in 2013
- options: drop --opensles-sample-rate, as --audio-samplerate should be used if desired
- options: drop deprecated --videotoolbox-format, --ff-aid, --ff-vid, --ff-sid, --ad-spdif-dtshd, --softvol options
- options: remove --video-stereo-mode
- options: remove deprecated ao/vo auto profiles
- options: remove the following encoding options: --ocopyts (now the default, old timestamp handling is gone), --oneverdrop (now default), --oharddup (you need to use --vf=fps=VALUE), --ofps, --oautofps, --omaxfps
Fixes and Minor Enhancements
----------------------------
- HIDRemote: fix volume buttons on macOS 10.13 (#5721)
- TOOLS/autoload: Fix broken "disabled" option
- TOOLS/autoload: be more robust with slow directory listings (#5618)
- ao_sdl: fix default buffer size
- build: add static libraries to libmpv.pc
- build: bump waf to 2.0.9 (fixes Python 3.7 compatibility)
- build: manually add standard library search paths for linking (#5791)
- common: round all integer times to milliseconds
- demux, player: fix playback of sparse video streams (w/ still images)
- demux: support for some kinds of timed metadata (e.g. ICY)
- demux_mkv: add V_AV1 identifier for AV1
- demux_mkv: support Meridian Lossless Packing in Matroska (#5923)
- display additional metadata tags during video playback
- drm_atomic: Fix memory leaks in drm_atomic_create
- enable cache for FUSE filesystems on OpenBSD and FreeBSD
- gpu: prefer 16bit floating point FBO formats to 16bit integer ones
- hwdec_vaegl: Fix VAAPI EGL interop used with gpu-context=drm
- input.conf: use exact value for [ binding, which does the inverse of ]
- input: add a keybinding to toggle hardware decoding
- input: minor additions to default key bindings (#973)
- osc: fix accidentally skipping files when seeking with slider
- player: fix strange behavior on edition switching
- player: fix track autoselection of external files yet again
- terminal-unix: stop trying to read when terminal disappears (#5842)
- video: actually wait for last frame being rendered on EOF
- video: fix --video-rotate in some cases
- video: fix crash with vdpau when reinitializing rendering (#5447)
- vo_gpu: fix anamorphic screenshots (#5619)
- vo_vdpau: fix resizing and rotation problems
0.14.2:
Fixed Twitch OAuth request flow (#1856)
Fix the tv3cat and vk plugins (#1851, #1874)
VOD supported added to atresplayer plugin (#1852, #1853)
Removed tv8cati and nineanime plugins (#1860, #1863)
Added mjunoon.tv plugin (#1857)
0.14.0:
Multiple plugin fixes
Bug fixes for DASH streams (#1846)
Updated API call for api.utils hours_minutes_seconds (#1804)
Updated documentation (#1826)
Dict structures fix (#1792)
Reformated help menu (#1754)
Logger fix (#1773)
0.13.0:
Initial MPEG DASH support has been added! (#1637) Many thanks to @beardypig
As always, a ton of plugin updates
Updates to our documentation (#1673)
Updates to our logging (#1752) as well as log --quiet options (#1744) (#1720)
Our release script has been updated (#1711)
Support for livestreams when using the --hls-duration option (#1710)
Allow streamlink to exit faster when using Ctrl+C (#1658)
Added an OpenCV Face Detection example (#1689)
0.12.1:
Small release to fix a pip / Windows.exe generation bug!
0.12.0:
A ton of plugin updates (like always! see below for a list of updates)
Ignoring a bunch of useless files when developing (#1570)
A new option to limit the number of fetch retries (#1375)
YouTube has been updated to not use MuxedStream for livestreams (#1556)
Bug fix with ffmpegmux (#1502)
Removed dead plugins and deprecated options (#1546)
Full detailed commit log:
https://github.com/streamlink/streamlink/releases/
version 3.4.4:
- avcodec/dvdsub_parser: Allocate input padding
- avcodec/dvdsub_parser: Init output buf/size
- avcodec/dirac_dwt_template: Fix signedness regression in interleave()
- avformat/movenc: Write version 2 of audio atom if channels is not known
- swresample/arm: rename labels to fix xcode build error
- avcodec/imgconvert: fix possible null pointer dereference
version 4.0.2:
- avcodec/dvdsub_parser: Allocate input padding
- avcodec/dvdsub_parser: Init output buf/size
- avcodec/dirac_dwt_template: Fix signedness regression in interleave()
- avformat/mov: Simplify last element computation in mov_estimate_video_delay()
- avformat/mov: Break out of inner loop early in mov_estimate_video_delay()
- avformat/mov: Eliminate variable buf_size from mov_estimate_video_delay()
- avformat/mov: remove modulo operations from mov_estimate_video_delay()
- avformat/movenc: Write version 2 of audio atom if channels is not known
- swresample/arm: rename labels to fix xcode build error
- avformat/movenc: Check input sample count
- avcodec/mjpegdec: Check for odd progressive RGB
- avcodec/vp8_parser: Do not leave data/size uninitialized
- avformat/mms: Add missing chunksize check
- avformat/pva: Check for EOF before retrying in read_part_of_packet()
- avformat/rmdec: Do not pass mime type in rm_read_multi() to ff_rm_read_mdpr_codecdata()
- avformat/asfdec_o: Check size_bmp more fully
- avformat/mxfdec: Fix av_log context
- avcodec/mpeg4videodec: Check for bitstream end in read_quant_matrix_ext()
- avcodec/indeo4: Check for end of bitstream in decode_mb_info()
- avcodec/ac3dec: Check channel_map index
- avcodec/mpeg4videodec: Remove use of FF_PROFILE_MPEG4_SIMPLE_STUDIO as indicator of studio profile
- avcodec/shorten: Fix undefined addition in shorten_decode_frame()
- avcodec/shorten: Fix undefined integer overflow
- avcodec/jpeg2000dec: Fixes invalid shifts in jpeg2000_decode_packets_po_iteration()
- avcodec/jpeg2000dec: Check that there are enough bytes for all tiles
- avformat/movenc: Use mov->fc consistently for av_log()
- avcodec/mpeg4videodec: Check read profile before setting it
- avformat/movenc: Do not pass AVCodecParameters in avpriv_request_sample
- avcodec/ac3_parser: Check init_get_bits8() for failure
- avformat/movenc: Check that frame_types other than EAC3_FRAME_TYPE_INDEPENDENT have a supported substream id
- avcodec/dpx: Check elements in 12bps planar path
- avcodec/escape124: Fix spelling errors in comment
- avcodec/ra144: Fix integer overflow in ff_eval_refl()
- avcodec/cscd: Check output buffer size for lzo.
- avcodec/escape124: Check buf_size against num_superblocks
- avcodec/h264_parser: Reduce needed history for parsing mb index
- avcodec/magicyuv: Check bits left in flags&1 branch
- avcodec/mjpegdec: Check for end of bitstream in ljpeg_decode_rgb_scan()
- ffmpeg: fix -stream_loop with multiple inputs
- ffmpeg: factorize input thread creation and destruction
- avformat/mpegts: parse large PMTs with multiple tables
- Revert "avcodec/mediacodecdec: wait on first frame after input buffers are full"
- avcodec/videotoolboxenc: fix invalid session on iOS
- avcodec/videotoolboxenc: split initialization
- avcodec/videotoolboxenc: fix mutex/cond leak in error path
version 3.4.3:
- avformat/movenc: Check input sample count
- avcodec/mjpegdec: Check for odd progressive RGB
- avformat/movenc: Check that frame_types other than EAC3_FRAME_TYPE_INDEPENDENT have a supported substream id
- avcodec/vp8_parser: Do not leave data/size uninitialized
- avformat/mms: Add missing chunksize check
- avformat/pva: Check for EOF before retrying in read_part_of_packet()
- avformat/rmdec: Do not pass mime type in rm_read_multi() to ff_rm_read_mdpr_codecdata()
- avformat/asfdec_o: Check size_bmp more fully
- avcodec/indeo4: Check for end of bitstream in decode_mb_info()
- avcodec/shorten: Fix undefined addition in shorten_decode_frame()
- avcodec/shorten: Fix undefined integer overflow
- avcodec/jpeg2000dec: Fixes invalid shifts in jpeg2000_decode_packets_po_iteration()
- avcodec/jpeg2000dec: Check that there are enough bytes for all tiles
- avformat/movenc: Do not pass AVCodecParameters in avpriv_request_sample
- avcodec/escape124: Fix spelling errors in comment
- avcodec/ra144: Fix integer overflow in ff_eval_refl()
- avcodec/cscd: Check output buffer size for lzo.
- avcodec/escape124: Check buf_size against num_superblocks
- avcodec/h264_parser: Reduce needed history for parsing mb index
- avcodec/magicyuv: Check bits left in flags&1 branch
- avcodec/mjpegdec: Check for end of bitstream in ljpeg_decode_rgb_scan()
- avcodec/aacdec_fixed: Fix undefined integer overflow in apply_independent_coupling_fixed()
- avcodec/dirac_dwt_template: Fix undefined behavior in interleave()
- avutil/common: Fix undefined behavior in av_clip_uintp2_c()
- fftools/ffmpeg: Fallback to duration if sample rate is unavailable
- avformat/mov: Only set pkt->duration to non negative values
- avcodec/h264_slice: Fix overflow in recovery_frame computation
- avcodec/h264_ps: Move MAX_LOG2_MAX_FRAME_NUM to header so it can be used in h264_sei
- avcodec/h264_mc_template: Only prefetch motion if the list is used.
- avcodec/xwddec: Use ff_set_dimensions()
- avcodec/wavpack: Fix overflow in adding tail
- avcodec/shorten: Fix multiple integer overflows
- avcodec/shorten: Fix undefined shift in fix_bitshift()
- avcodec/shorten: Fix a negative left shift in shorten_decode_frame()
- avcodec/shorten: Sanity check nmeans
- avcodec/shorten: Check non COMM chunk len before skip in decode_aiff_header()
- avcodec/mjpegdec: Fix integer overflow in ljpeg_decode_rgb_scan()
- avcodec/truemotion2: Fix overflow in tm2_apply_deltas()
- avcodec/opus_silk: Change silk_lsf2lpc() slightly toward silk/NLSF2A.c
- avcodec/amrwbdec: Fix division by 0 in find_hb_gain()
- avformat/mov: replace a value error by clipping into valid range in mov_read_stsc()
- avformat/mov: Break out early if chunk_count is 0 in mov_build_index()
- avcodec/fic: Avoid some magic numbers related to cursors
- avcodec/g2meet: ask for sample with overflowing RGB
- avcodec/aacdec_fixed: use 64bit to avoid overflow in rounding in apply_dependent_coupling_fixed()
- oavcodec/aacpsdsp_template: Use unsigned for hs0X to prevent undefined behavior
- avcodec/g723_1dec: Clip bits2 in both directions
- avcodec/mpeg4videoenc: Use 64 bit for times in mpeg4_encode_gop_header()
- avcodec/mlpdec: Only change noise_type if the related fields are valid
- indeo4: Decode all or nothing of a band header.
- avformat/mov: Only fail for STCO/STSC contradictions if both exist
- avcodec/dirac_dwt: Fix integer overflow in COMPOSE_DD97iH0 / COMPOSE_DD137iL0
- avcodec/fic: Check available input space for cursor
- avcodec/g2meet: Check RGB upper limit
- avcodec/jpeg2000dec: Fix undefined shift in the jpeg2000_decode_packets_po_iteration() CPRL case
- avcodec/jpeg2000dec: Skip init for component in CPRL if nothing is to be done
- avcodec/g2meet: Change order of operations to avoid undefined behavior
- avcodec/flac_parser: Fix infinite loop
- avcodec/wavpack: Fix integer overflow in DEC_MED() / INC_MED()
- avcodec/wavpack: Fix integer overflow in wv_unpack_stereo()
- avcodec/error_resilience: Fix integer overflow in filter181()
- avcodec/h263dec: Check slice_ret in mspeg4 slice loop
- avcodec/elsdec: Fix memleaks
- avcodec/vc1_block: simplify ac_val computation
- avcodec/ffv1enc: Check that the crc + version combination is supported
- lavf/http.c: Free allocated client URLContext in case of error.
- avcodec/dsicinvideo: Fail if there is only a small fraction of the data available that comprises a full frame
- avcodec/dsicinvideo: Propagate errors from cin_decode_rle()
- avcodec/dfa: Check dimension against maximum
- avcodec/cinepak: Skip empty frames
- avcodec/cinepak: move some checks prior to frame allocation
- swresample/arm: remove unintentional relocation.
- doc/APIchanges: Fix typos in hashes
- avformat/utils: Check cur_dts in update_initial_timestamps() more
- avcodec/utils: Enforce minimum width also for VP5/6
- avcodec/truemotion2: Propagate out of bounds error from GET_TOK()
- avformat/utils: Fix integer overflow in end time calculation in update_stream_timings()
- avcodec/mjpegdec: Check input buffer size.
- avcodec/h264_slice: Fix integer overflow with last_poc
- avformat/mov: Fix extradata memleak
- lavc/libopusdec: Allow avcodec_open2 to call .close
- avcodec/movtextdec: Check style_start/end
- avcodec/aacsbr_fixed: Fix integer overflow in sbr_hf_assemble()
- libavcodec/rv34: error out earlier on missing references
- swresample/swresample: Fix for seg fault in swr_convert_internal() -> sum2_float during dithering.
- avcodec/aacdec_fixed: Fix integer overflow in apply_independent_coupling_fixed()
- avcodec/cscd: Error out when LZ* decompression fails
- avcodec/imgconvert: Fix loss mask bug in avcodec_find_best_pix_fmt_of_list()
- avfilter/vf_signature: use av_strlcpy()
- avcodec/utvideodec: Set pro flag based on fourcc
- avcodec/wmalosslessdec: Fix null pointer dereference in decode_frame()
- avcodec/tableprint_vlc: Fix build failure with --enable-hardcoded-tables
- avformat/mov: Move +1 in check to avoid hypothetical overflow in add_ctts_entry()
- avcodec/get_bits: Make sure the input bitstream with padding can be addressed
- avformat/mov: Check STSC and remove invalid entries
- avcodec/nuv: rtjpeg with dimensions less than 16 would result in no decoded pixels thus reject it
- avcodec/nuv: Check for minimum input size for uncomprssed and rtjpeg
- avcodec/wmalosslessdec: Reset num_saved_bits on error path
- avformat/mov: Fix integer overflows related to sample_duration
- avformat/img2dec: fix infinite loop
- avformat/oggparsedaala: Do not adjust AV_NOPTS_VALUE
- avformat/oggparseogm: Check lb against psize
- avformat/oggparseogm: Fix undefined shift in ogm_packet()
- avformat/avidec: Fix integer overflow in cum_len check
- avformat/oggparsetheora: Do not adjust AV_NOPTS_VALUE
- avformat/utils: Fix integer overflow of fps_first/last_dts
- avformat/oggdec: Fix metadata memleak on multiple headers
- libavformat/oggparsevorbis: Fix memleak on multiple headers
- avformat/mov: Fix integer overflow in mov_get_stsc_samples()
- avcodec/truemotion2rt: Check input buffer size
- avcodec/g2meet: Check tile dimensions with av_image_check_size2()
- avcodec/exr: fix invalid shift in unpack_14()
- avcodec/bintext: sanity check dimensions
- avcodec/utvideodec: Check subsample factors
- avcodec/smc: Check input packet size
- avcodec/cavsdec: Check alpha/beta offset
- avcodec/diracdec: Fix integer overflow in mv computation
- avcodec/h264_parse: Clear invalid chroma weights in ff_h264_pred_weight_table()
- avcodec/aacdec_templat: Fix integer overflow in apply_ltp()
- avcodec/jpeg2000dwt: Fix integer overflows in sr_1d53()
- avcodec/diracdec: Use int64 in global mv to prevent overflow
- avcodec/dxtory: Remove code that corrupts dimensions
- avcodec/dirac_dwt_template: Fix Integer overflow in horizontal_compose_dd137i()
- avcodec/hevcdec: Check luma/chroma_log2_weight_denom
- avcodec/jpeg2000dec: Use av_image_check_size2()
- avcodec/vp8: Check for bitstream end before vp7_fade_frame()
- avcodec/exr: Check remaining bits in last get code loop
- avutil/common: Fix integer overflow in av_clip_uint8_c() and av_clip_uint16_c()
- avdevice/decklink_dec: Fix ;;
- avcodec/h264_cabac: Tighten allowed coeff_abs range
- avcodec/h264_cavlc: Set valid qscale value in ff_h264_decode_mb_cavlc()
- avdevice/iec61883: free the private context at the end
- avdevice/iec61883: return reference counted packets
- configure: add nvcc to CMDLINE_SET
- avcodec/mpeg4_unpack_bframes: make sure the packet is writable when data needs to be changed
- avcodec/mp3_header_decompress: don't free the user provided packet on error
- avcodec/extract_extradata: zero initalize the padding bytes in all allocated buffers
- avformat/hvcc: zero initialize the nal buffers past the last written byte
- swresample/rematrix: fix update of channel matrix if input or output layout is undefined
- avformat/matroskadec: ignore CodecPrivate if the stream is VP9
Version 25.0.0 "Prog Noir" 2018-07-12
New features and enhancements
* mkvmerge: SRT/ASS/SSA text subtitles: for files for which no encoding has
been specified, mkvmerge will try UTF-8 first before falling back to the
system's default encoding.
* mkvmerge: SRT/ASS/SSA/WebVTT text subtitles: a warning is now emitted if
invalid 8-bit characters are encountered outside valid multi-byte UTF-8
sequences.
* mkvmerge: Matroska & MPEG transport stream readers: the encoding of text
subtitles read from Matroska files can now be changed with the
`--sub-charset` parameter.
* Linux: starting with release 25 an AppImage will be provided which should
run on any Linux distribution released around the time of CentOS 7/Ubuntu
14.04 or later.
* macOS: translations: updated the `build.sh` script to build `libiconv` and a
complete `gettext`. Together with an additional fix to how translation files
are located, MKVToolNix can now use all interface languages on macOS,
too.
Bug fixes
* mkvmerge: AVC/h.264: fixed file identification failing for certain
elementary streams due to internal buffers not being cleared properly.
* mkvmerge: HEVC/h.265: fixed file identification failing for certain
elementary streams due to internal buffers not being cleared properly.
* mkvmerge: MLP code: fixed various issues preventing MLP from being parsed
correctly.
* mkvmerge: TrueHD/MLP packetizer; dialog volume normalization removal isn't
attempted if the track is an MLP track as the operation is only supported
for TrueHD, not MLP.
* mkvmerge: MPEG TS reader: when reading MPLS mkvmerge will now compare the
MPLS's start and end timestamps against the transport stream's PTS instead
of its DTS. Otherwise the first key frame of a video track might be dropped
if it isn't the first in presentation order.
* mkvmerge: JSON identification: mkvmerge will ensure that all strings passed
to the JSON output modules are valid UTF-8 encoded strings by replacing
invalid bytes with placeholder characters. This avoids the JSON library
throwing an exception and mkvmerge aborting on such data.
* mkvmerge: audio packetizers: mkvmerge will now keep discard padding values
if they're present for packets read from Matroska files.
* mkvmerge: Ogg Opus reader: packet timestamps aren't calculated by summing up
the duration of all packets starting with timestamp 0 anymore. Instead the
algorithm is based on the Ogg page's granule position and which packet
number is currently timestamped (special handling for the first and last
packets in the stream).
* This fixes the first timestamp if the first Ogg packet's granule position
is larger than the number of samples in the first packet (= if the first
sample's timestamp is bigger than 0). mkvmerge will keep those offsets now
and inserts "discard padding" only where it's actually needed.
* It also improves handling of invalid files where the first Ogg packet's
granule position is smaller than the number of samples in the first packet
(= the first sample's timestamp is smaller than 0). mkvmerge will now
shift all timestamps up to 0 in such a case instead of inserting "discard
padding" elements all over the place.
* mkvmerge will no longer insert "discard padding" elements if the
difference between a) the calculated number of samples in the packet
according to the granule position and b) the actual number of samples as
calculated from the bitstream is one sample or less and if the packet
isn't the last one in the stream. This circumvents certain rounding
errors.
* The timestamp of the first packet after a gap in the middle of the stream
is now calculated based on the Ogg page the packet belongs to, and not
based on the timestamps before the gap.
* mkvmerge: complete rewrite of the progress handling. It's now based upon the
total size of all source files and the current position within them instead
of the number of frames/blocks to be processed. This simplifies calculation
when appending files and fixes rare cases of when progress report was
obvious wrong (e.g. stuck at 0% right until the end).
* MKVToolNix GUI: header editor: non-mandatory elements couldn't be removed
anymore due to a regression while fixing 2320. They can now be removed
again.
Upstream announcement:
https://helpx.adobe.com/security/products/flash-player/apsb18-24.html
Adobe Security Bulletin
Security updates available for Flash Player | APSB18-24
Summary
Adobe has released security updates for Adobe Flash Player for Windows,
macOS, Linux and Chrome OS. These updates address critical
vulnerabilities in Adobe Flash Player 30.0.0.113 and earlier versions.
Successful exploitation could lead to arbitrary code execution in the
context of the current user.
Performing substitutions during post-patch breaks tools such as mkpatches,
making it very difficult to regenerate correct patches after making changes,
and often leading to substituted string replacements being committed.
Centred around improving behavior with VLC 3.0
which introduced new API allowing correct roles being set on
PulseAudio streams and as a result notification volume control is now
actually working as expected. This also means automatic corking of
music streams on voice calls can work correctly.
4.10.1
Fixes cmake-level compatibility issues with Qt 5.11 for libphonon and
the backends.
4.10.0
Centred around improving behavior with VLC 3.0
which introduced new API allowing correct roles being set on
PulseAudio streams and as a result notification volume control is now
actually working as expected. This also means automatic corking of
music streams on voice calls can work correctly.
version 4.0.1:
- avcodec/aacdec_fixed: Fix undefined integer overflow in apply_independent_coupling_fixed()
- avcodec/dirac_dwt_template: Fix undefined behavior in interleave()
- avutil/common: Fix undefined behavior in av_clip_uintp2_c()
- fftools/ffmpeg: Fallback to duration if sample rate is unavailable
- avformat/mov: Only set pkt->duration to non negative values
- avcodec/mpeg4videodec: Clear bits_per_raw_sample if it has originated from a previous instance
- avformat/movenc: fix recognization of cover image streams
- avformat/movenc: properly handle cover image codecs
- avcodec/h264_slice: Fix overflow in recovery_frame computation
- avcodec/h264_ps: Move MAX_LOG2_MAX_FRAME_NUM to header so it can be used in h264_sei
- avcodec/h264_mc_template: Only prefetch motion if the list is used.
- avcodec/xwddec: Use ff_set_dimensions()
- avcodec/wavpack: Fix overflow in adding tail
- avcodec/shorten: Fix multiple integer overflows
- avcodec/shorten: Fix undefined shift in fix_bitshift()
- avcodec/shorten: Fix a negative left shift in shorten_decode_frame()
- avcodec/shorten: Sanity check nmeans
- avcodec/shorten: Check non COMM chunk len before skip in decode_aiff_header()
- avcodec/mjpegdec: Fix integer overflow in ljpeg_decode_rgb_scan()
- avcodec/truemotion2: Fix overflow in tm2_apply_deltas()
- avcodec/opus_silk: Change silk_lsf2lpc() slightly toward silk/NLSF2A.c
- avcodec/amrwbdec: Fix division by 0 in find_hb_gain()
- avcodec/h263dec: Reinitialize idct context if it has not been setup for the active profile
- avcodec/idctdsp: Clear idct/idct_add for studio profile
- avformat/mov: replace a value error by clipping into valid range in mov_read_stsc()
- avformat/bintext: Reduce detection for random .bin files as it more likely is not a multimedia related file
- avformat/mov: Break out early if chunk_count is 0 in mov_build_index()
- avcodec/fic: Avoid some magic numbers related to cursors
- avcodec/mpeg4video: Detect reference studio streams as studio streams
- avcodec/mpeg4videodec: Do not corrupt bits_per_raw_sample
- avcodec/mpeg4videode: Eliminate out of loop VOP startcode reading for studio profile
- avcodec/g2meet: ask for sample with overflowing RGB
- avcodec/idctdsp: Transmit studio_profile to init instead of using AVCodecContext profile
- avcodec/ac3dec: Check that the number of channels with dependant streams is valid
- avcodec/ac3dec: Fix null pointer dereference in ac3_decode_frame()
- avcodec/aacdec_fixed: use 64bit to avoid overflow in rounding in apply_dependent_coupling_fixed()
- oavcodec/aacpsdsp_template: Use unsigned for hs0X to prevent undefined behavior
- avcodec/g723_1dec: Clip bits2 in both directions
- avcodec/mpeg4videoenc: Use 64 bit for times in mpeg4_encode_gop_header()
- avcodec/mlpdec: Only change noise_type if the related fields are valid
- indeo4: Decode all or nothing of a band header.
- avcodec/ac3dec: Use frame_size if superframe_size is 0
- avformat/mov: Only fail for STCO/STSC contradictions if both exist
- avcodec/dirac_dwt: Fix integer overflow in COMPOSE_DD97iH0 / COMPOSE_DD137iL0
- avcodec/fic: Check available input space for cursor
- avcodec/mpeg4videodec: Check bps (VOL header) before VOP for studio profile
- avcodec/g2meet: Check RGB upper limit
- avcodec/jpeg2000dec: Fix undefined shift in the jpeg2000_decode_packets_po_iteration() CPRL case
- avcodec/jpeg2000dec: Skip init for component in CPRL if nothing is to be done
- avcodec/g2meet: Change order of operations to avoid undefined behavior
- avcodec/flac_parser: Fix infinite loop
- avcodec/mpeg4videodec: Split decode_studio_vol_header() out of decode_studiovisualobject()
- avcodec/mpeg4videodec: Move decode_studiovisualobject() parsing in the branch for visual object parsing
- avcodec/mpeg4video_parser: Avoid litteral 0x1B6, use named constant instead
- avcodec/mpeg4video_parser: Fix incorrect spliting of MPEG-4 studio frames
- avformat/m4vdec: Use the same constant names as libavcodec
- avformat/m4vdec: Fix detection of raw MPEG-4 ES Studio
- avcodec/wavpack: Fix integer overflow in DEC_MED() / INC_MED()
- avcodec/wavpack: Fix integer overflow in wv_unpack_stereo()
- avcodec/error_resilience: Fix integer overflow in filter181()
- avcodec/h263dec: Check slice_ret in mspeg4 slice loop
- avcodec/elsdec: Fix memleaks
- avcodec/vc1_block: simplify ac_val computation
- avcodec/ffv1enc: Check that the crc + version combination is supported
- configure: The eac3_core bitstream filter needs the ac3 parser.
- configure: fix arm inline asm checks
- lavf/libssh: translate a read of 0 to EOF
- ffprobe: fix SEGV when new streams are added
- avformat/mpegts: fix incorrect indentation
- avformat/mpegts: initialize section_buf to fix valgrind test failure
- avformat/mpegts: reindent after last change
- avformat/mpegts: parse sections with multiple tables
- avformat/mpegts: clean up whitespace
- avformat/mpegts: use MAX_SECTION_SIZE instead of hardcoded value
- avformat/mpegts: skip non-PMT tids earlier
- avcodec/mediacodecdec: add workaround for buggy amlogic mpeg2 decoder
- avcodec/mediacodecdec: wait on first frame after input buffers are full
- avcodec/mediacodecdec: restructure mediacodec_receive_frame
- avcodec/mediacodec_wrapper: add helper to fetch SDK_INT
- avcodec/mediacodecdec: refactor pts handling
- avcodec/mediacodecdec: use AV_TIME_BASE_Q
- avcodec/mediacodecdec: clarify delay_flush specific code
- avcodec/videotoolbox: fix decoding of some HEVC videos
- avcodec/hevc: remove videotoolbox hack
- avcodec/videotoolbox: split h264/hevc callbacks
- avcodec/videotoolbox: cleanups
- avcodec/videotoolbox: fix kVTCouldNotFindVideoDecoderErr trying to decode HEVC on iOS
- avcodec/videotoolbox: improve logging of decoder errors
- avcodec/xwddec: fix palette alpha
- avformat/webm_chunk: always use a static buffer for get_chunk_filename
- configure: fix configure check for lilv-0
- avcodec/nvdec_hevc: fix scaling lists
- avcodec/hevcdec: make ff_hevc_frame_nb_refs take a const pointer
- lavf/bluray: translate a read of 0 to EOF
- lavf/dashenc: don't call flush_init_segment before avformat_write_header
- avdevice/decklink_dec: unref packets on avpacket_queue_put error
- avcodec/hnm4video: fix palette alpha
- avcodec/anm: fix palette alpha
- avformat/qtpalette: parse color table according to the QuickTime file format specs
- ffplay: Fix realloc_texture when input texture is NULL.
- hwcontext_vaapi: Fix compilation with libva versions < 1.4.0
- lavf/qsv: clone the frame which may be managed by framework
- lavf: make overlay_qsv work based on framesync
- avformat/segafilm - revert keyframe detection
- avformat/utils: refactor upstream_stream_timings
- avformat/utils: ignore outlier durations on subtitle/data streams as well
This package shares a PKG_OPTIONS variable with the other ffmpeg
packages, so a user who requests the x264 option for them will end
up with a broken package for ffmpeg010.
This package shares a PKG_OPTIONS variable with the other ffmpeg
packages, so a user who requests the x264 option for them will end
up with a broken package for ffmpeg1.
Version 24.0.0 "Beyond The Pale":
New features and enhancements
* mkvmerge: MP4 reader: improved the detection of edit lists consisting of two
identical entries, each spanning the file's duration as given in the movie
header atom. The second entry is ignored in such cases.
* mkvmerge: JSON identification: the "display unit" video track property is
now reported as `display_unit`. The JSON schema has been bumped to v11 for
this change.
* mkvmerge, mkvextract: AVC/h.264: empty NALUs will now be removed.
* mkvextract: VobSub extraction: empty SPU packets will now be dropped during
extraction as other tools such as MP4Box cannot handle them
correctly.
Bug fixes
* mkvmerge: E-AC-3 parser: fixed determining the number of channels for
streams that contain an AC-3 core with dependent E-AC-3 frames.
* mkvmerge: Matroska reader: fixed mkvmerge buffering the whole file if a
video track is multiplexed that consists of only one or a few frames.
* mkvmerge: the "display unit" video track property will now be kept if it is
set in the source file.
* MKVToolNix GUI: multiplexer: when scanning playlists, all playlists were
offered for selection regardless of the value of the "minimum playlist
duration" setting.
* MKVToolNix GUI: multiplexer: deriving track languages from file names: the
regular sub-expressions for ISO 639-1 codes could match on empty strings,
too, causing matches in wrong places and hence no language being recognized
in certain situations.
* MKVToolNix GUI: header editor: fixed a crash when saving the file fails
(e.g. because it isn't writable).
* MKVToolNix GUI: header editor: the editor was wrongfully claiming that
mandatory elements with default values cannot be removed in the "status"
text.
* MKVToolNix GUI: preferences: on macOS & Linux the setting "enable copying
tracks by their type" wasn't restored on program start.
Other changes
* Niels Lohmann's JSON library: the bundled version has been updated from
v1.1.0 (git revision 54d3cab) to v3.1.1 (git revision g183390c1).
* pugixml library: the bundled version has been updated from v1.8 to v1.9
Upstream announcement:
https://helpx.adobe.com/security/products/flash-player/apsb18-19.html
Adobe Security Bulletin
Security updates available for Flash Player | APSB18-19
Summary
Adobe has released security updates for Adobe Flash Player for Windows,
macOS, Linux and Chrome OS. These updates address critical
vulnerabilities in Adobe Flash Player 29.0.0.171 and earlier versions.
Successful exploitation could lead to arbitrary code execution in the
context of the current user.
Adobe is aware of a report that an exploit for CVE-2018-5002 exists
in the wild, and is being used in limited, targeted attacks against
Windows users. These attacks leverage Office documents with embedded
malicious Flash Player content distributed via email.
pkgsrc changes:
* remove a fix for glib2 pulled from upstream
* remove a gobject-introspection patch for netbsd-6 (seems fixed in upstream)
Upstream changes (from NEWS):
== Ruby-GNOME2 3.2.7: 2018-06-07
This is a packaging bug fix release of 3.2.6.
=== Changes
==== All
* Improvements
* Added support for using unreleased version with Bundler.
[Patch by cedlemo]
* Fixes
* Fixed a packaging bug that dependencies are missing.
== Ruby-GNOME2 3.2.6: 2018-06-06
This is a bug fix release of 3.2.5.
=== Changes
==== Document
* Improvements
* Updated project URL.
[GitHub#1174][Patch by okkez]
==== All
* Improvements
* Added support for using unreleased version with Bundler.
[Patch by cedlemo]
* Windows: Upgraded bundled library versions.
==== Ruby/GLib2
* Improvements
* (({GLib::Object.define_signal})): Added.
(({GLib::Object.signal_new})) is deprecated.
* (({GLib::Object.signal_new})): Changed to accept (({Symbol})) as
flags.
* (({GLib::Signal})): Migrated to (({TypedData})).
* (({GLib::Enum})): Migrated to (({TypedData})).
* (({GLib::Flags})): Migrated to (({TypedData})).
* (({GLib::Boxed})): Migrated to (({TypedData})).
* (({GLib::Param})): Migrated to (({TypedData})).
* (({rbgobj_signal_new()})): Added.
(({rbgobj_signal_wrap()})) is deprecated.
* Dropped GLib < 2.28 support.
* (({GLib::Variant.new})): Changed to accept (({String})) as
variant type.
* (({rbg_variant_type_from_ruby()})): Added.
* (({rbg_gc_guard()})): Added.
* (({rbg_gc_unguard()})): Added.
* Fixes
* Fixed a bug that signal created by (({GLib::Object.signal_new}))
may be GC-ed.
[GitHub#1166][Reported by Izumi Tsutsui]
==== Ruby/GObjectIntrospection
* Improvements
* (({GObjectIntrospection::Struct})): Migrated to (({TypedData})).
* Improved better function detection.
* Added heuristic callback data detection.
* Added support for getting flags field value.
* (({RBGICallbackData})): Hidden details.
* (({rb_gi_callback_data_get_metadata()})): Added.
* (({rb_gi_callback_data_get_rb_callback()})): Added.
* Added (({to_integer})) to (({to_i})) mapping.
[GitHub#1191][Patch by yosuke shiro]
==== Ruby/CairoGObject
* Improvements
* Added (({gtype})) class methods.
==== Ruby/GIO2
* Improvements
* (({Gio::MenuItem#set_attribute_value})): Improved argument conversion.
Callers don't need to create (({GLib::Variant})).
* (({Gio::Settings.new})): Added support for keyword (({Hash})).
[GitHub#1187][Patch by cedlemo]
==== Ruby/Pango
* Improvements
* (({Pango::Attribute})): Migrated to (({GLib::Boxed})).
* (({Pango::Rectangle#dup})): Added.
* (({rbpango_attribute_from_ruby()})): Added.
* Fixes
* Fixed a bug that wrong (({Pango::Attribute})) conversion.
[GitHub#1188][Reported by kojix2]
==== Ruby/GdkPixbuf2
* Improvements
* (({GdkPixbuf::Pixbuf#subpixbuf})): Added.
(({GdkPixbuf::Pixbuf#new_subpixbuf})) is deprecated.
* (({GdkPixbuf::Pixbuf#new})): Improved the default
(({row_stride})) value.
==== Ruby/GDK3
* Improvements
* (({Gdk::Cursor.new})): Added multiple calls with the same value.
[GitHub#1195][Reported by kojix2]
==== Ruby/GTK3
* Improvements
* Removed needless custom callback handlers.
* Dropped GTK+ 3.10 support.
* (({Gtk::Application.new})): Changed to all arguments are omittable.
* (({Gtk::TextBuffer#insert})): Changed to raise an exception for
unknown tag.
* Fixes
* Fixed a bug that (({Gtk::Version.or_later?})) requires the 3rd
argument.
* Fixed demo.
* [GitHub#1175][GitHub#1176][GitHub#1177][GitHub#1178][GitHub#1183]
[GitHub#1184][GitHub#1185]
[Reported by kojix2]
* [GitHub#1181][GitHub#1186][GitHub#1197][GitHub#1210]
[Patch by kojix2]
==== Ruby/Poppler
* Improvements
* (({Cairo::Context#show_poppler_page})): Added for consistency.
==== Ruby/RSVG2
* Improvements
* (({Cairo::Context#show_rsvg_handle})): Added for consistency.
==== Ruby/GStreamer
* Improvements
* (({Gst::Element.[]})): Added as a shortcut of
(({Gst::ElementFactory.make})).
* (({Gst::Bus#poll})): Made all arguments omittable.
=== Thanks
* Izumi Tsutsui
* okkez
* kojix2
* cedlemo
* yosuke shiro
mode only, now. Set the target to generic-gnu for powerpc based ports on NetBSD
to allow libvpx to build and run, though without any targetted optimization.
Resolves build issue on NetBSD/macppc which failed at configure stage otherwise.
TenFourFox has patches to add support for Altivec acceleration, which could be
used to add support back again locally.
https://github.com/classilla/tenfourfox/tree/master/media/libvpx
* specify --disable-sse4 to avoid non-PIE asm ops in libmpcodecs/vf_ass.c
that cause text relocations on NetBSD/i386
* explicitly pull pkgsrc/multimedia/libass to avoid internal libass
(which seems usually enabled by configure's autodetect)
* specify -fpic in configure for NetBSD/i386 to enable __PIC__ blocks
in some sources
* while here, use -mtune rather than -mcpu for not only gcc4 but
also 5.x and later
Bump PKGREVISIONs. Ok'ed by wiz@ in PR pkg/53319.
* explicitly specify --disable-asm on NetBSD/i386
* explicitly enable pic even for NetBSD/i386 as other architecture
Bump PKGREVISION. Ok'ed by wiz@ in PR pkg/53319.
