File ffmpeg.changes of Package ffmpeg.6568

-------------------------------------------------------------------
Sat Mar 25 09:01:34 UTC 2017 - davejplater@gmail.com

- Update to 2.8.10 to fix boo#1022920 VUL-0: CVE-2016-10190
- Removed patches 0001-avcodec-ansi-Check-dimensions.patch,
  0001-avcodec-cavsdsp-use-av_clip_uint8-for-idct.patch,
  0001-avformat-avidec-Remove-ancient-assert.patch and
  0001-avformat-avidec-Check-nb_streams-in-read_gab2_sub.patch.
  They are incorporated in this version.
- Upstream changes:
 * avformat/http: Match chunksize checks to master..3.0
 * Changelog: fix typos
 * ffserver: Check chunk size
 * Avoid using the term "file" and prefer "url" in some docs
   and comments
 * avformat/rtmppkt: Check for packet size mismatches
 * zmqsend: Initialize ret to 0
 * configure: check for strtoull on msvc
 * http: move chunk handling from http_read_stream() to
   http_buf_read().
 * http: make length/offset-related variables unsigned.
 * avcodec/flacdec: Fix undefined shift in decode_subframe()
 * avcodec/get_bits: Fix get_sbits_long(0)
 * avformat/ffmdec: Check media type for chunks
 * avcodec/flacdec: Fix signed integer overflow in
   decode_subframe_fixed()
 * avcodec/flacdsp_template: Fix undefined shift in
   flac_decorrelate_indep_c
 * avformat/oggparsespeex: Check frames_per_packet and packet_size
 * avformat/utils: Check start/end before computing duration in
   update_stream_timings()
 * avcodec/flac_parser: Update nb_headers_buffered
 * avformat/idroqdec: Check chunk_size for being too large
 * filmstripdec: correctly check image dimensions
 * mss2: only use error correction for matching block counts
 * softfloat: decrease MIN_EXP to cover full float range
 * libopusdec: default to stereo for invalid number of channels
 * sbgdec: prevent NULL pointer access
 * smacker: limit recursion depth of smacker_decode_bigtree
 * mxfdec: fix NULL pointer dereference in mxf_read_packet_old
 * libschroedingerdec: fix leaking of framewithpts
 * libschroedingerdec: don't produce empty frames
 * softfloat: handle -INT_MAX correctly
 * pnmdec: make sure v is capped by maxval
 * smvjpegdec: make sure cur_frame is not negative
 * icodec: correctly check avio_read return value
 * icodec: fix leaking pkt on error
 * dvbsubdec: fix division by zero in compute_default_clut
 * proresdec_lgpl: explicitly check coff[3] against slice_data_size
 * escape124: reject codebook size 0
 * mpegts: prevent division by zero
 * matroskadec: fix NULL pointer dereference in
   webm_dash_manifest_read_header
 * mpegaudio_parser: don't return AVERROR_PATCHWELCOME
 * mxfdec: fix NULL pointer dereference
 * diracdec: check return code of get_buffer_with_edge
 * ppc: pixblockdsp: do unaligned block accesses correctly again
 * mpeg12dec: unref discarded picture from extradata
 * cavsdec: unref frame before referencing again
 * avformat: prevent triggering request_probe assert in ff_read_packet
 * avformat/mpeg: Adjust vid probe threshold to correct mis-detection
 * avcodec/rv40: Test remaining space in loop of get_dimension()
 * avcodec/ituh263dec: Avoid spending a long time in slice sync
 * avcodec/movtextdec: Add error message for tsmb_size check
 * avcodec/movtextdec: Fix tsmb_size check==0 check
 * avcodec/movtextdec: Fix potential integer overflow
 * avcodec/sunrast: Fix input buffer pointer check
 * avcodec/tscc:  Check side data size before use
 * avcodec/rawdec: Check side data size before use
 * avcodec/msvideo1: Check side data size before use
 * avcodec/qpeg:  Check side data size before use
 * avcodec/qtrle:  Check side data size before use
 * avcodec/msrle:  Check side data size before use
 * avcodec/kmvc:  Check side data size before use
 * avcodec/idcinvideo: Check side data size before use
 * avcodec/cinepak: Check side data size before use
 * avcodec/8bps: Check side data size before use
 * avcodec/dvdsubdec: Fix off by 1 error
 * avcodec/dvdsubdec: Fix buf_size check
 * vp9: change order of operations in adapt_prob().
 * avcodec/interplayvideo: Check side data size before use
 * avformat/mxfdec: Check size to avoid integer overflow in
   mxf_read_utf16_string()
 * avcodec/mpegvideo_enc: Clear mmx state in
   ff_mpv_reallocate_putbitbuffer()
 * avcodec/utils: Clear MMX state before returning from
   avcodec_default_execute*()
 * cmdutils: fix typos
 * lavfi: fix typos
 * lavc: fix typos
 * tools: fix grammar error
 * avutil/mips/generic_macros_msa: rename macro variable which
   causes segfault for mips r6
 * videodsp: fix 1-byte overread in top/bottom READ_NUM_BYTES
   iterations.
 * avformat/avidec: Check nb_streams in read_gab2_sub()
 * avformat/avidec: Remove ancient assert
 * lavc/movtextdec.c: Avoid infinite loop on invalid data.
 * avcodec/ansi: Check dimensions
 * avcodec/cavsdsp: use av_clip_uint8() for idct

-------------------------------------------------------------------
Sat Oct  8 17:44:47 UTC 2016 - jengelh@inai.de

- Fix multiple vulnerabilities in ffmpeg [boo#1003806]
  * CVE-2016-7562: out-of-bounds array write fault via specially
                   crafted avi files
    add 0001-avcodec-ansi-Check-dimensions.patch
  * CVE-2016-7502: out-of-bounds array write via incorrect block
                   values
    add 0001-avcodec-cavsdsp-use-av_clip_uint8-for-idct.patch
  * CVE-2016-7905: null-point-exception when decoding avi files
                   with crafted 'gab2' structs
    add 0001-avformat-avidec-Check-nb_streams-in-read_gab2_sub.patch
  * CVE-2016-7555: memory leak when decoding avi files with crafted
                   'strh' struct
    add 0001-avformat-avidec-Fix-memleak-with-dv-in-avi.patch 
  * CVE-2016-7785: assert fault via avi files with crafted 'strh'
                   struct
    add 0001-avformat-avidec-Remove-ancient-assert.patch

-------------------------------------------------------------------
Tue Sep 27 16:05:27 UTC 2016 - jengelh@inai.de

- Update to new maintenance release 2.8.8
* avformat/oggparsevp8: fix pts calculation on pages ending with an invisible frame
* avcodec/mjpegdec: Do not try to detect last scan but apply idct after all scans for progressive jpeg
* avformat/oggparseopus: Check that granule pos is within the supported range
* avformat/utils: Check bps before using it in a shift in ff_get_pcm_codec_id()
* ffmpeg: Check that r_frame_rate is set before attempting to use it
* avformat/utils: Do not compute the bitrate from duration == 0
* avformat/utils: Check negative bps before shifting in ff_get_pcm_codec_id()
* avformat/avidec: Detect index with too short entries
* avformat/oggparseopus: Fix Undefined behavior in oggparseopus.c and libavformat/utils.c
* avformat/allformats: Making av_register_all() thread-safe.
* avcodec/vp9_parser: Check the input frame sizes for being consistent
* avformat/oggdec: Fix integer overflow with invalid pts
* avcodec/ffv1enc: Fix assertion failure with non zero bits per sample
* avcodec/diracdec: Check numx/y
* avformat/avidec: Fix infinite loop in avi_read_nikon()
- Add 0001-avcodec-exr-Check-tile-positions.patch [bnc#998636]

-------------------------------------------------------------------
Tue Feb  2 18:24:15 UTC 2016 - aloisio@gmx.com

- Update to version 2.8.6
  * avcodec/jpeg2000dec: More completely check cdef
  * avutil/opt: check for and handle errors in av_opt_set_dict2()
  * avcodec/flacenc: fix calculation of bits required in case
    of custom sample rate
  * avformat: Document urls a bit
  * avformat/libquvi: Set default demuxer and protocol
    limitations
  * avformat/concat: Check protocol prefix
  * doc/demuxers: Document enable_drefs and use_absolute_path
  * avcodec/mjpegdec: Check for end for both bytes in unescaping
  * avcodec/mpegvideo_enc: Check for integer overflow in
    ff_mpv_reallocate_putbitbuffer()
  * avformat/avformat: Replace some references to filenames by
    urls
  * avcodec/wmaenc: Check ff_wma_init() for failure
  * avcodec/mpeg12enc: Move high resolution thread check to
    before initializing threads
  * avformat/img2dec: Use AVOpenCallback
  * avformat/avio: Limit url option parsing to the documented
    cases
  * avformat/img2dec: do not interpret the filename by default
    if a IO context has been opened
  * avcodec/ass_split: Fix null pointer dereference in
    ff_ass_style_get()
  * mov: Add an option to toggle dref opening
  * avcodec/gif: Fix lzw buffer size
  * avcodec/put_bits: Assert buf_ptr in flush_put_bits()
  * avcodec/tiff: Check subsample & rps values more completely
  * swscale/swscale: Add some sanity checks for srcSlice*
    parameters
  * swscale/x86/rgb2rgb_template: Fix planar2x() for short
    width
  * swscale/swscale_unscaled: Fix odd height inputs for
    bayer_to_yv12_wrapper()
  * swscale/swscale_unscaled: Fix odd height inputs for
    bayer_to_rgb24_wrapper()
  * avcodec/aacenc: Check both channels for finiteness
  * asfdec_o: check for too small size in asf_read_unknown
  * asfdec_o: break if EOF is reached after
    asf_read_packet_header
  * asfdec_o: make sure packet_size is non-zero before seeking
  * asfdec_o: prevent overflow causing seekback
  * asfdec_o: check avio_skip in asf_read_simple_index
  * asfdec_o: reject size > INT64_MAX in asf_read_unknown
  * asfdec_o: only set asf_pkt->data_size after sanity checks
  * Merge commit '8375dc1dd101d51baa430f34c0bcadfa37873896'
  * dca: fix misaligned access in avpriv_dca_convert_bitstream
  * brstm: fix missing closing brace
  * brstm: also allocate b->table in read_packet
  * brstm: make sure an ADPC chunk was read for adpcm_thp
  * vorbisdec: reject rangebits 0 with non-0 partitions
  * vorbisdec: reject channel mapping with less than two
    channels
  * ffmdec: reset packet_end in case of failure
  * avformat/ipmovie: put video decoding_map_size into packet
    and use it in decoder
  * avformat/brstm: fix overflow

-------------------------------------------------------------------
Sun Jan 17 09:45:29 UTC 2016 - idonmez@suse.com

- Update to version 2.8.5
* Fixes CVE-2016-1897 and CVE-2016-1898 [boo#961937]

-------------------------------------------------------------------
Mon Dec 28 13:51:18 UTC 2015 - idonmez@suse.com

- Update to version 2.8.4 
* Many bugfixes, see the included Changelog for all the changes.
* resolving CVE-2015-8661 [boo#960385], CVE-2015-8662 [boo#960384],
  CVE-2015-8663 [boo#960383]
- Drop ffmpeg-remove_some_unused_ctrl_id_mappings.patch, fixed
  upstream.

-------------------------------------------------------------------
Tue Dec 22 09:14:58 UTC 2015 - olaf@aepfle.de

- Obsolete ffmpeg-tools from packman

-------------------------------------------------------------------
Mon Dec 21 12:37:05 UTC 2015 - jengelh@inai.de

- Add some provides to make it easier for firefox to recommend
  this package for installation

-------------------------------------------------------------------
Sat Dec 19 13:05:31 UTC 2015 - joerg.lorenzen@ki.tng.de

- Added patch ffmpeg-remove_some_unused_ctrl_id_mappings.patch to
  successfully build against libvpx >= 1.5 (at least on PMBS).

-------------------------------------------------------------------
Thu Dec 17 07:04:14 UTC 2015 - olaf@aepfle.de

- Add buildconditionals for libass,libva,vdpau to fix build in SLE_11

-------------------------------------------------------------------
Mon Dec 14 11:05:46 UTC 2015 - olaf@aepfle.de

- Rename bcond dca to dcadec
- Add more buildconditionals to get closer to removal of BUILD_ORIG

-------------------------------------------------------------------
Wed Dec  9 13:23:44 UTC 2015 - olaf@aepfle.de

- Remove unused imlib2

-------------------------------------------------------------------
Mon Dec  7 12:18:36 UTC 2015 - idonmez@suse.com

- Sync with packman changes
  * All packman specific changes are protected with BUILD_ORIG
- Added the following patches
  * ffmpeg-2.4.5-arm6l.patch
  * ffmpeg-libcdio_cdda-pkgconfig.patch  

-------------------------------------------------------------------
Sun Nov 29 11:24:54 UTC 2015 - jengelh@inai.de

- Update to new upstream maintenance release 2.8.3
* avformat/matroskadec: Check subtitle stream before dereferencing
* avcodec/jpeg2000dec: Fix potential integer overflow with tile
  dimensions
* avcodec/jpeg2000dec: Check for duplicate SIZ marker
* avcodec/jpeg2000: Change coord to 32bit to support larger than
  32k width or height
* avcodec/jpeg2000dec: Check SIZ dimensions to be within the
  supported range
* avcodec/jpeg2000: Check comp coords to be within the supported
  size
* dds: validate compressed source buffer size
* dds: validate source buffer size before copying
* softfloat: assert when the argument of av_sqrt_sf is negative
- Fixes CVE-2015-8363 [bnc#957114], CVE-2015-8364 [bnc#957115],
  CVE-2015-8365 [bnc#957116]

-------------------------------------------------------------------
Sat Nov 14 06:46:13 UTC 2015 - idonmez@suse.com

- Update to new upstream release 2.8.2, containing fixes for the
  following security issues:
  * CVE-2015-8216 boo#955346
  * CVE-2015-8217 boo#955347
  * CVE-2015-8218 boo#955348
  * CVE-2015-8219 boo#955350
- Upstream changes:
  * various fixes in the aac_fixed decoder
  * various fixes in softfloat
  * swresample/resample: increase precision for compensation
  * lavf/mov: add support for sidx fragment indexes
  * avformat/mxfenc: Only store user comment related tags when needed
  * ffmpeg: Don't try and write sdp info if none of the outputs had an rtp format.
  * apng: use correct size for output buffer
  * jvdec: avoid unsigned overflow in comparison
  * avcodec/jpeg2000dec: Clip all tile coordinates
  * avcodec/microdvddec: Check for string end in 'P' case
  * avcodec/dirac_parser: Fix undefined memcpy() use
  * avformat/xmv: Discard remainder of packet on error
  * avformat/xmv: factor return check out of if/else
  * avcodec/mpeg12dec: Do not call show_bits() with invalid bits
  * avcodec/faxcompr: Add missing runs check in decode_uncompressed()
  * libavutil/channel_layout: Check strtol*() for failure
  * avformat/mpegts: Only start probing data streams within probe_packets
  * avcodec/hevc_ps: Check chroma_format_idc
  * avcodec/ffv1dec: Check for 0 quant tables
  * avcodec/mjpegdec: Reinitialize IDCT on BPP changes
  * avcodec/mjpegdec: Check index in ljpeg_decode_yuv_scan() before using it
  * avcodec/h264_slice: Disable slice threads if there are multiple access units in a packet
  * avformat/hls: update cookies on setcookie response
  * opusdec: Don't run vector_fmul_scalar on zero length arrays
  * avcodec/opusdec: Fix extra samples read index
  * avcodec/ffv1: Initialize vlc_state on allocation
  * avcodec/ffv1dec: update progress in case of broken pointer chains
  * avcodec/ffv1dec: Clear slice coordinates if they are invalid or slice header decoding fails for other reasons
  * rtsp: Allow $ as interleaved packet indicator before a complete response header
  * videodsp: don't overread edges in vfix3 emu_edge.
  * avformat/mp3dec: improve junk skipping heuristic
  * concatdec: fix file_start_time calculation regression
  * avcodec: loongson optimize h264dsp idct and loop filter with mmi
  * avcodec/jpeg2000dec: Clear properties in jpeg2000_dec_cleanup() too
  * avformat/hls: add support for EXT-X-MAP
  * avformat/hls: fix segment selection regression on track changes of live streams
  * configure: Require libkvazaar < 0.7.
  * avcodec/vp8: Do not use num_coeff_partitions in thread/buffer setup
- Drop ffmpeg-mov-sidx-fragment.patch, fixed upstream.

-------------------------------------------------------------------
Sat Oct 31 11:00:43 UTC 2015 - idonmez@suse.com

- Update to new upstream release 2.8.1
  * Minor bugfix release
  * Includes all changes from. Ffmpeg-mt, 
    libav master of 2015-08-28, libav 11 as of 2015-08-28
- Add ffmpeg-mov-sidx-fragment.patch to add sidx fragment indexes.
  Needed for new mpv release.

-------------------------------------------------------------------
Wed Sep  9 08:11:24 UTC 2015 - jengelh@inai.de

- Update to new upstream release 2.8
* DirectDraw Surface image/texture decoder
* Many improvements to the JPEG 2000 decoder
* New video filters: colorkey, SSIM, showvolume, adrawgraph,
  drawgraph, removegrain, erosion, dilation, deflate, inflate,
  reverse, atadenoise, aphasemeter, showfreqs, vectorscope,
  waveform, hstack, vstack, framerate
* New audio filters: Dynamic Audio Normalizer as dynaudnorm
  filter, areverse, random, deband, sidechaincompress,
  acrossfade
* allyuv and allrgb video sources
* Switched default encoders for webm to VP9 and Opus
* Removed experimental flag from the JPEG 2000 encoder

-------------------------------------------------------------------
Mon Jul 20 09:30:19 UTC 2015 - jengelh@inai.de

- Update to new upstream release 2.7.2
- webp: fix infinite loop in webp_decode_frame
- huffyuvdec: validate image size
- avcodec/vp8: Check buffer size in vp8_decode_frame_header()
- avcodec/vp8: Fix null pointer dereference in ff_vp8_decode_free()
- avutil/fifo: Fix the case where func() returns less bytes than
  requested in av_fifo_generic_write()
- bytestream2: set the reader to the end when reading more than
  available
- oggparsedirac: check return value of init_get_bits
- vp9/update_prob: prevent out of bounds table read
- avcodec/pngdec: Check values before updating context in
  decode_fctl_chunk()
- avcodec/pngdec: Copy IHDR & plte state from last thread
- avcodec/pngdec: Require a IHDR chunk before fctl
- avcodec/pngdec: Only allow one IHDR chunk
- ffmpeg: Do not use the data/size of a bitstream filter
  after failure

-------------------------------------------------------------------
Thu Jun 25 20:11:32 UTC 2015 - jengelh@inai.de

- Enable codecs for audio: PCM, Speex, CELT, FLAC, ILBC, Opus
- Enable codecs for image: BMP/PCX/TGA, TIFF, Sun/SGI/X11 raster
  raw Huff-compressed or uncompressed YUV
- Update to new upstream release 2.7.1
* postproc: fix unaligned access
* avcodec/flacenc: Fix Invalid Rice order
* tls_gnutls: fix hang on disconnection
* avcodec/ffv1enc: fix bps for >8bit yuv when not explicitly set
* avio: fix potential crashes when combining ffio_ensure_seekback + crc
* ffmpeg_opt: Check for localtime() failure
* configure: Disable VSX on unspecified / generic CPUs

-------------------------------------------------------------------
Thu Jun 25 17:48:19 UTC 2015 - develop7@develop7.info

- Enabled 'bluray' protocol

-------------------------------------------------------------------
Wed Jun 10 22:41:20 UTC 2015 - jengelh@inai.de

- Update to new upstream release 2.7
* New encoders: apng (PNG with alpha)
* New decoders: TDSC (a JPEG/BGR24/zlib format)
* New audio filters: chorus
* New video filters: cover_rect, detelecine, fftfilt, find_rect
- Enable codecs: 012v, ansi, apng, bmp, exr, ffv1, ffvhuff
* unpack DivX-style packed B-frames in MPEG-4 bitstream filter
* WebM Live Chunk Muxer
* nvenc level and tier options
- Canopus HQ/HQA decoder
- Automatically rotate videos based on metadata in ffmpeg
- improved Quickdraw compatibility
- VP9 high bit-depth and extended colorspaces decoding support
- WebPAnimEncoder API when available for encoding and muxing WebP
- Direct3D11-accelerated decoding
- Support Secure Transport
- Multipart JPEG demuxer

-------------------------------------------------------------------
Sat May 23 21:33:34 UTC 2015 - robert.munteanu@gmail.com

- Fix building with BUILD_ORIG 

-------------------------------------------------------------------
Sun May 17 16:55:42 UTC 2015 - jengelh@inai.de

- Update to new upstream release 2.6.3
* avcodec/libtheoraenc: Check for av_malloc failure
* ffmpeg_opt: Fix -timestamp parsing
* avcodec/cavsdec: Use ff_set_dimensions()
* swr: fix alignment issue caused by 8ch sse functions
* avcodec/mjpegdec: fix len computation in ff_mjpeg_decode_dqt()
* avformat/matroskadec: Cleanup error handling for bz2 & zlib
* avformat/matroskaenc: Check ff_vorbiscomment_length in
  put_flac_codecpriv()
* avcodec/mpeg12dec: use the correct dimensions for checking SAR
* xcbgrab: Validate the capture area
* xcbgrab: Do not assume the non shm image data is always available
* avfilter/lavfutils: disable frame threads when decoding a single
  image
* ffmpeg: remove incorrect network deinit
* OpenCL: Avoid potential buffer overflow in cmdutils_opencl.c
* libvpxenc: only set noise reduction w/vp8
* vp9: remove another optimization branch in iadst16 which causes
  overflows.
* network: Do not leave context locked on error
* vp9: remove one optimization branch in iadst16 which causes
  overflows.
* swresample: Allow reinitialization without ever setting channel
  layouts/counts
* imgutils: initialize palette padding bytes in av_image_alloc
* id3v2: catch avio_read errors in check_tag
* avi: Validate sample_size
* diracdec: avoid overflow of bytes*8 in decode_lowdelay
* diracdec: prevent overflow in data_unit_size check
* matroskadec: use uint64_t instead of int for index_scale
* pngdec: don't use AV_PIX_FMT_MONOBLACK for apng
* pngdec: return correct error code from decode_frame_common
* swscale/ppc/swscale_altivec.c: POWER LE support in yuv2planeX_8()
  delete macro GET_VF() it was wrong
* matroskadec: export cover art correctly
* mxfenc: don't try to write footer without header
- Enable building avresample for extra API compat
- Remove ffmpeg-pkgconfig-requires.diff: RPM's pkgconfigdeps.sh is
  scanning Requires.private too.

-------------------------------------------------------------------
Mon May 11 07:28:10 UTC 2015 - dimstar@opensuse.org

- Add baselibs.conf: provide -32bit libraries (used by xine-32bit).

-------------------------------------------------------------------
Mon Apr 13 08:18:11 UTC 2015 - jengelh@inai.de

- Update to new upstream release 2.6.2
* avformat/utils: avoid discarded streams in
  av_find_default_stream_index()
* avutil/cpu: add missing check for mmxext to av_force_cpu_flags
* avformat/http: replace cookies with updated values instead of
  appending forever

-------------------------------------------------------------------
Thu Mar 19 17:58:35 UTC 2015 - jengelh@inai.de

- Update to new upstream release 2.6.1
* Maintenance release with some bugfixes

-------------------------------------------------------------------
Sun Mar  8 09:17:15 UTC 2015 - jengelh@inai.de

- Update to new upstream release 2.6
* The VP9 decoder is now usable on x86(-32) and pre-SSSE3 CPUs.
* 10-bit support in the SPP video filter
* New video filters: "colorlevels", "tblend", "palettegen",
  "paletteuse". New audio filters: "dcshift".
* The old libmpcodecs wrapper is finally gone
* API changes: introduction of device inputs and outputs

-------------------------------------------------------------------
Tue Jan 27 22:22:42 UTC 2015 - jengelh@inai.de

- Update to new upstream release 2.5.3
* AVFoundation screen-grabbing support, animated WebP decoding
  support, and Animated PNG support. UDP-Lite support was added.

-------------------------------------------------------------------
Sun Jan  4 17:32:48 UTC 2015 - jengelh@inai.de

- Initial package (version 2.5.3) for build.opensuse.org
openSUSE Build Service is sponsored by