* New -S option for ldns-verify-zone to chase signatures online.
* New -k option for ldns-verify-zone to validate using a trusted key.
* New inception and expiration margin options (-i and -e) to
ldns-verify-zone.
* New ldns_dnssec_zone_new_frm_fp and ldns_dnssec_zone_new_frm_fp_l
functions.
* New ldns_duration* functions (copied from OpenDNSSEC source)
* fix ldns-verify-zone to allow NSEC3 signatures to come before
the NSEC3 RR in all cases.
* Zero the correct flag (opt-out) when creating NSEC3PARAMS.
* Canonicalize RRSIG's Signer's name too when validating, because
bind and unbound do that too.
* bugfix #433: Allocate rdf using ldns_rdf_new in ldns_dname_label
* bugfix #432: Use LDNS_MALLOC & LDNS_FREE i.s.o. malloc & free
* bugfix #431: Added error message for LDNS_STATUS_INVALID_B32_EXT
* bugfix #427: Explicitely link ssl with the programs that use it.
* Fix reading \DDD: Error on values that are outside range (>255).
* bugfix #429: fix doxyparse.pl fails on NetBSD because specified
path to perl.
* New ECDSA support (RFC 6605), use --disable-ecdsa for older openssl.
* fix verifying denial of existence for DS's in NSEC3 Opt-Out zones.
values of MACHINE_ARCH, set PKG_FAIL_REASON instead of going kersplut.
Making it build for a wider range of platforms should be straightforward,
but probably needs to be done by someone who actually can test-build on
those platforms.
reason to run old upstream code.
Changes in version 1.15:
The new option "-a, --min-read-rate" has been added.
The new option "-I, --verify-input-size" has been added.
The new option "-x, --extend-outfile" has been added.
Ddrescue now verifies that infile, outfile and logfile are all
different.
Non-tried blocks are now read aligned to cluster-size sectors.
The "split or skip" algorithm of the split pass has been improved.
A spurious warning about "-D" being ignored in fill mode has been
removed.
Ddrescuelog, a tool for manipulation, display, conversion, comparison
and testing of ddrescue logfiles, has been added.
- The following vulnerabilities have been fixed:
o wnpa-sec-2012-08
Infinite and large loops in the ANSI MAP, ASF, BACapp,
Bluetooth HCI, IEEE 802.11, IEEE 802.3, LTP, and R3 dissectors
have been fixed. Discovered by Laurent Butti. (Bugs 6805,
7118, 7119, 7120, 7121, 7122, 7124, 7125)
Versions affected: 1.4.0 to 1.4.12, 1.6.0 to 1.6.7.
o wnpa-sec-2012-09
The DIAMETER dissector could try to allocate memory improperly
and crash. (Bug 7138)
Versions affected: 1.4.0 to 1.4.12, 1.6.0 to 1.6.7.
o wnpa-sec-2012-10
Wireshark could crash on SPARC processors due to misaligned
memory. Discovered by Klaus Heckelmann. (Bug 7221)
Versions affected: 1.4.0 to 1.4.12, 1.6.0 to 1.6.7.
- The following bugs have been fixed:
o User-Password - PAP decoding passwords longer than 16 bytes.
(Bug 6779)
o The MSISDN is not seen correctly in GTP packet. (Bug 7042)
o Wireshark doesn't calculate the right IPv4 destination using
source routing options when bad options precede them. (Bug
7043)
o BOOTP dissector issue with DHCP option 82 - suboption 9. (Bug
7047)
o MPLS dissector in 1.6.7 and 1.7.1 misdecodes some MPLS CW
packets. (Bug 7089)
o ANSI MAP infinite loop. (Bug 7119)
o HCIEVT infinite loop. (Bug 7122)
o Wireshark doesn't decode NFSv4.1 operations. (Bug 7127)
o LTP infinite loop. (Bug 7124)
o Wrong values in DNS CERT RR. (Bug 7130)
o Megaco parser problem with LF in header. (Bug 7198)
o OPC UA bytestring node id decoding is wrong. (Bug 7226)
- Updated Protocol Support
ANSI MAP, ASF, BACapp, Bluetooth HCI, DHCP, DIAMETER, DNS, GTP,
IEEE 802.11, IEEE 802.3, IPv4, LTP, Megaco, MPLS, NFS, OPC UA,
RADIUS
- New and Updated Capture File Support
5View, CSIDS, pcap, pcap-ng
* Tested with devel/xulrunner and www/firefox 12.0 on NetBSD/i386 6.99.7
Changelog:
2012-05-09 v1.1.0 "Eider"
This introduces a number of enhancements, mostly focused on real-time
encoding. In addition, it fixes a decoder bug (first introduced in
Duclair) so all users of that release are encouraged to upgrade.
- Upgrading:
This release is ABI and API compatible with Duclair (v1.0.0). Users
of older releases should refer to the Upgrading notes in this
document for that release.
This release introduces a new temporal denoiser, controlled by the
VP8E_SET_NOISE_SENSITIVITY control. The temporal denoiser does not
currently take a strength parameter, so the control is effectively
a boolean - zero (off) or non-zero (on). For compatibility with
existing applications, the values accepted are the same as those
for the spatial denoiser (0-6). The temporal denoiser is enabled
by default, and the older spatial denoiser may be restored by
configuring with --disable-temporal-denoising. The temporal denoiser
is more computationally intensive than the spatial one.
This release removes support for a legacy, decode only API that was
supported, but deprecated, at the initial release of libvpx
(v0.9.0). This is not expected to have any impact. If you are
impacted, you can apply a reversion to commit 2bf8fb58 locally.
Please update to the latest libvpx API if you are affected.
- Enhancements:
Adds a motion compensated temporal denoiser to the encoder, which
gives higher quality than the older spatial denoiser. (See above
for notes on upgrading).
In addition, support for new compilers and platforms were added,
including:
improved support for XCode
Android x86 NDK build
OS/2 support
SunCC support
Changing resolution with vpx_codec_enc_config_set() is now
supported. Previously, reinitializing the codec was required to
change the input resolution.
The vpxenc application has initial support for producing multiple
encodes from the same input in one call. Resizing is not yet
supported, but varying other codec parameters is. Use -- to
delineate output streams. Options persist from one stream to the
next.
Also, the vpxenc application will now use a keyframe interval of
5 seconds by default. Use the --kf-max-dist option to override.
- Speed:
Decoder performance improved 2.5% versus Duclair. Encoder speed is
consistent with Duclair for most material. Two pass encoding of
slideshow-like material will see significant improvements.
Large realtime encoding speed gains at a small quality expense are
possible by configuring the on-the-fly bitpacking experiment with
--enable-onthefly-bitpacking. Realtime encoder can be up to 13%
faster (ARM) depending on the number of threads and bitrate
settings. This technique sees constant gain over the 5-16 speed
range. For VC style input the loss seen is up to 0.2dB. See commit
52cf4dca for further details.
- Quality:
On the whole, quality is consistent with the Duclair release. Some
tweaks:
Reduced blockiness in easy sections by applying a penalty to
intra modes.
Improved quality of static sections (like slideshows) with
two pass encoding.
Improved keyframe sizing with multiple temporal layers
- Bug Fixes:
Corrected alt-ref contribution to frame rate for visible updates
to the alt-ref buffer. This affected applications making manual
usage of the frame reference flags, or temporal layers.
Additional constraints were added to disable multi-frame quality
enhancement (MFQE) in sections of the frame where there is motion.
(#392)
Fixed corruption issues when vpx_codec_enc_config_set() was called
with spatial resampling enabled.
Fixed a decoder error introduced in Duclair where the segmentation
map was not being reinitialized on keyframes (#378)
