--- /dev/null
+libav (6:10.2-1) unstable; urgency=high
+
+ * Disable avserver (Closes: #734335)
+
+ It turns out that avserver is pretty much unmaintained these days and
+ contains obvious bugs. The next Libav upstream release has it already
+ removed, and further maintenance is currently rather unlikely. With
+ this in mind, the libav package proactively disables the avserver build
+ anticipating its removal upstream.
+
+ If you are interested in having avserver back and functional, please
+ help upstream with reinstantiating it.
+
+ -- Reinhard Tartler <siretart@tauware.de> Fri, 27 Jun 2014 22:11:18 -0400
+
--- /dev/null
+lintian override shlib-with-non-pic-codeshlib-with-non-pic-code
+==================================================================
+
+The lintian overrides for the non-pic shared libs error messages is not
+really a matter of silencing lintian. The general idea is that the
+override would serve as an indication that we know about the error
+message and we're avoiding any bug reports or complaints by others about
+the errors.
+
+We are aware that this override is too strict. It should only cover the
+i386 architecture, as we know that the upstream build system will
+produce PIC libraries where necessary. Only architectures like i386 will
+be built non-PIC, mainly for performance reasons.
+
+ -- Reinhard Tartler <siretart@tauware.de>, Sat, 28 Jun 2014 09:38:52 -0400
+
+Source package
+==============
+
+Libav represents the successor of the former ffmpeg source package. It
+provides all libraries and provides an upgrade path for existing
+application packages.
+
+ -- Reinhard Tartler <siretart@tauware.de> Sat, 19 Mar 2011 08:13:46 +0100
+
+License of the Debian ffmpeg packages
+=====================================
+
+The license for the whole work is the GPL, not the LGPL, because
+GPL-only parts of ffmpeg were activated -- namely libswscale, x11grab
+and other GPL licensed libraries. If you need LGPL versions of the
+libraries, please comment out the appropriate line in debian/confflags.
+
+Because libavcodec-extra-* links against libraries that are licensed
+under Apache License 2.0, the resulting binaries are distributed under
+the GPL version 3 or later.
--- /dev/null
+Circular Build-Depends and bootstrapping libav on new architectures
+===================================================================
+
+libav is involved in several circular build-dependencies that give porters a
+hard time (c.f. #671302) at bootstrapping, e.g.:
+
+ libav -> frei0r -> opencv -> libav
+ libav -> opencv -> libav
+ libav -> x264 -> libav
+ libav -> x264 -> gpac -> libav
+
+However, please note that all these libraries are strictly optional to libav
+and are only enabled at build time if available. For bootstrapping purposes
+it is thus perfectly sufficient to remove all *-dev packages from the
+Build-Depends field in debian/control and generate packages with a reduced
+feature set that are still usable to build other packages.
+
+Using the nomenclature of the EmdebianSprint2011 [0,1] one would write e.g.:
+
+ Build-Depends-Bootstrap1:
+ debhelper (>= 9)
+
+[0] http://wiki.debian.org/DebianBootstrap/EmdebianSprint2011
+[1] http://lists.debian.org/debian-devel-announce/2011/03/msg00000.html
+
+ -- Fabian Greffrath <fabian+debian@greffrath.com> Tue, 19 Jun 2012 16:06:05 +0200
--- /dev/null
+libav (6:11.12-1~deb8u8) jessie-security; urgency=medium
+
+ * CVE-2019-14442: avformat/mpc8: fix hang with fuzzed file.
+ * CVE-2018-5766: lavc/avpacket: Fix undefined behaviour, do not pass a null
+ pointer to memcpy().
+ * CVE-2019-14372: wvdec: check for eof in wv_read_block_header().
+ * CVE-2017-9987: avcodec/mpegvideo_motion: Fix off by 1 error in MV bounds
+ checking.
+ * CVE-2018-11102:
+ - mov_probe: fix integer overflows.
+ - mov.c: Check for stsd + m1s tag indicating MOV-wrapped MPEG-PS, and force
+ continued probing if found.
+
+ -- Mike Gabriel <sunweaver@debian.org> Sat, 31 Aug 2019 17:36:55 +0200
+
+libav (6:11.12-1~deb8u7) jessie-security; urgency=medium
+
+ * Non-maintainer upload by the LTS team.
+ * CVE-2019-11338: avcodec/hevc: Avoid only partly skiping duplicate first
+ slices.
+ * CVE-2018-15822: avformat/flvenc: Check audio packet size.
+
+ -- Mike Gabriel <sunweaver@debian.org> Tue, 28 May 2019 14:14:01 +0200
+
+libav (6:11.12-1~deb8u6) jessie-security; urgency=medium
+
+ * Non-maintainer upload by the LTS team.
+ * CVE-2018-1999012: avformat/pva: Check for EOF before retrying in
+ read_part_of_packet().
+ * CVE-2015-1872: avcodec/mjpegdec: Check number of components for
+ JPEG-LS.
+ * CVE-2018-6392: avfilter/vf_transpose: Fix out of array access (including
+ later regression fix with packed pixel formats).
+ * CVE-2017-14058: avformat/hls: Fix DoS due to infinite loop.
+ * CVE-2017-1000460: h264dec: handle zero-sized NAL units in
+ get_last_needed_nal().
+
+ -- Mike Gabriel <sunweaver@debian.org> Sat, 30 Mar 2019 21:44:13 +0100
+
+libav (6:11.12-1~deb8u5) jessie-security; urgency=medium
+
+ * Non-maintainer upload by the LTS team..
+ * CVE-2015-1207: avformat/mov: Fix integer overflow in
+ mov_read_udta_string().
+ * CVE-2017-14169: In mxf_read_primer_pack() function, catch item_num
+ being negative, to avoid bypassing the check for a large value.
+ * CVE-2017-14223: avformat/asfdec: Fix DoS in asf_build_simple_index().
+ Fix missing EOF check in loop.
+ * CVE-2017-7863: Bail out if trns was found before IHDR or IDAT in PNG data.
+ * CVE-2014-8542: Add case for jv to avcodec_align_dimensions2().
+ * CVE-2017-7865: Add case for interplay_video to avcodec_align_dimensions2().
+
+ -- Mike Gabriel <sunweaver@debian.org> Mon, 21 Jan 2019 15:30:50 +0100
+
+libav (6:11.12-1~deb8u4) jessie-security; urgency=high
+
+ * Non-maintainer upload by the LTS team.
+ * Fix the following security vulnerabilities:
+ * CVE-2017-14055: a DoS in mv_read_header() due to lack of an EOF (End of
+ File) check might cause huge CPU and memory consumption.
+ * CVE-2017-14056: a DoS in rl2_read_header() due to lack of an EOF (End of
+ File) check might cause huge CPU and memory consumption.
+ * CVE-2017-14057: a DoS in asf_read_marker() due to lack of an EOF (End of
+ File) check might cause huge CPU and memory consumption.
+ * CVE-2017-14170: a DoS in mxf_read_index_entry_array() due to lack of an EOF
+ (End of File) check might cause huge CPU consumption.
+ * CVE-2017-14171: a DoS in nsv_parse_NSVf_header() due to lack of an EOF (End
+ of File) check might cause huge CPU consumption.
+ * CVE-2017-14767: The sdp_parse_fmtp_config_h264 function in
+ libavformat/rtpdec_h264.c mishandles empty sprop-parameter-sets values, which
+ allows remote attackers to cause a denial of service (heap buffer overflow)
+ or possibly have unspecified other impact via a crafted sdp file.
+ * CVE-2017-15672: The read_header function in libavcodec/ffv1dec.c allows
+ remote attackers to have unspecified impact via a crafted MP4 file, which
+ triggers an out-of-bounds read.
+ * CVE-2017-17130: The ff_free_picture_tables function in
+ libavcodec/mpegpicture.c allows remote attackers to cause a denial of service
+ (heap-based buffer overflow and application crash) or possibly have
+ unspecified other impact via a crafted file, related to
+ vc1_decode_i_blocks_adv.
+ * CVE-2017-9993: Libav does not properly restrict HTTP Live Streaming
+ filename extensions and demuxer names, which allows attackers to read
+ arbitrary files via crafted playlist data.
+ * CVE-2017-9994: libavcodec/webp.c in Libav before does not ensure that
+ pix_fmt is set, which allows remote attackers to cause a denial of service
+ (heap-based buffer overflow and application crash) or possibly have
+ unspecified other impact via a crafted file, related to the
+ vp8_decode_mb_row_no_filter and pred8x8_128_dc_8_c functions.
+ * CVE-2018-14394: libavformat/movenc.c in Libav allows attackers to cause a
+ denial of service (application crash caused by a divide-by-zero error) with a
+ user crafted Waveform audio file.
+ * CVE-2018-1999010: Libav contains multiple out of array access
+ vulnerabilities in the mms protocol that can result in attackers accessing
+ out of bound data.
+ * CVE-2018-6621: The decode_frame function in libavcodec/utvideodec.c in
+ Libav allows remote attackers to cause a denial of service (out of array
+ read) via a crafted AVI file.
+ * CVE-2018-7557: The decode_init function in libavcodec/utvideodec.c in
+ Libav allows remote attackers to cause a denial of service (Out of array
+ read) via an AVI file with crafted dimensions within chroma subsampling
+ data.
+
+ -- Markus Koschany <apo@debian.org> Mon, 07 Jan 2019 19:45:12 +0100
+
+libav (6:11.12-1~deb8u3) jessie-security; urgency=medium
+
+ * Non-maintainer upload by the Debian LTS Team.
+ * debian/patches:
+ + Rename CVE-2015-6822+6823+6824.patch to CVE-2015-6822.patch..
+ * CVE-2015-6823: avcodec/alac: Clear pointers in allocate_buffers().
+ * CVE-2015-6824: swscale/utils: Clear pix buffers. Fixes use of
+ uninitialized memory.
+
+ -- Mike Gabriel <sunweaver@debian.org> Thu, 20 Dec 2018 22:56:40 +0100
+
+libav (6:11.12-1~deb8u2) jessie-security; urgency=medium
+
+ * Non-maintainer upload by the Debian LTS Team.
+ * CVE-2014-9317: avcodec/pngdec: Check IHDR/IDAT order. Prevent remote
+ attackers from causing a denial of service (out-of-bounds heap access)
+ and possibly have other unspecified impact via an IDAT before an IHDR
+ in a PNG file.
+ * CVE-2015-6761: avcodec/vp8: Do not use num_coeff_partitions in
+ thread/buffer setup. The variable is not a constant and can lead to
+ race conditions.
+ * CVE-2015-6818: avcodec/pngdec: Only allow one IHDR chunk. Multiple IHDR
+ chunks are forbidden in PNG. Fixes inconsistency and out of array accesses.
+ * CVE-2015-6820: avcodec/aacsbr: check that the element type matches before
+ applying SBR. Fixes out of array access.
+ * CVE-2015-6821: avcodec/mpegvideo: Clear pointers in ff_mpv_common_init().
+ This ensures that no stale pointers leak through on any path.
+ * CVE-2015-6822, CVE-2015-6823, CVE-2015-6824: avcodec/sanm: Reset sizes in
+ destroy_buffers().
+ * CVE-2015-6825: avcodec/pthread_frame: clear priv_data, avoid stale pointer
+ in error case.
+ * CVE-2015-6826: avcodec/rv34: Clear pointers in
+ ff_rv34_decode_init_thread_copy(). Avoids leaving stale pointers.
+ * CVE-2015-8216: avcodec/mjpegdec: Check index in ljpeg_decode_yuv_scan()
+ before using it. Fixes out of array access.
+ * CVE-2015-8217: avcodec/hevc_ps: Check chroma_format_idc. Fixes out of
+ array access.
+ * CVE-2015-8363: avcodec/jpeg2000dec: Check for duplicate SIZ marker.
+ * CVE-2015-8364: avcodec/ivi: Check image dimensions. Fixes integer overflow.
+ * CVE-2015-8661: avcodec/h264_slice: Limit max_contexts when
+ slice_context_count is initialized. Fixes out of array access.
+ * CVE-2015-8662: avcodec/jpeg2000dwt: Check ndeclevels before calling
+ dwt_decode*(). Fixes out of array access.
+ * CVE-2015-8663: avcodec/utils: Clear dimensions in ff_get_buffer() on
+ failure. Fixes out of array access.
+ * CVE-2016-10190: http: make length/offset-related variables unsigned.
+ Required cherry-picking 3668701f and 362c17e6 from ffmpeg.git.
+ * CVE-2016-10191: avformat/rtmppkt: Check for packet size mismatches.
+ Fixes out of array access.
+
+ -- Mike Gabriel <sunweaver@debian.org> Wed, 19 Dec 2018 14:31:49 +0100
+
+libav (6:11.12-1~deb8u1) jessie-security; urgency=medium
+
+ * New upstream release.
+ - smacker: add sanity check for length in smacker_decode_tree()
+ (CVE-2017-16803)
+
+ -- Sebastian Ramacher <sramacher@debian.org> Sun, 18 Feb 2018 21:20:56 +0100
+
+libav (6:11.11-1~deb8u1) jessie-security; urgency=medium
+
+ * Non-maintainer upload by the Security Team.
+ * New upstream release fixing multiple security issues.
+ - dfa: Disallow odd width/height and add proper bounds check for DDS1 chunks
+ (CVE-2017-9992)
+ - pictor: Correctly check frame dimensions (CVE-2017-7862)
+ - h264_cavlc: check the value of run_before
+ - dvbsubdec: improve error checking
+ - dvbsubdec: Fixed segfault when decoding subtitles
+ - rmdec: don't ignore the return value of av_get_packet()
+ - caf: add an Opus tag
+ - yadif: Account for the buffer alignment while processing the frame edges
+ - mov: log and return early on non-positive stsd entry counts
+ - arm: Fix SIGBUS on ARM when compiled with binutils 2.29
+ - smacker: return meaningful error codes on failure
+ - smacker: fix integer overflow with pts_inc
+ - mm: Skip unexpected audio packets
+ - aacsbr: Turnoff in the event of over read.
+ - smacker: Check that the data size is a multiple of a sample vector
+ (CVE-2015-8365)
+ - build: Add an option for passing linker flags to the shared library build
+ - flv: Validate the packet size
+ - mjpeg: Report non-3 component rgb lossless as not supported
+ - vc1dec: raise an error if sprite picture data is missing
+ - doc: Drop the legacy symlink to README
+
+ -- Hugo Lefeuvre <hle@debian.org> Sat, 21 Oct 2017 15:08:38 +0200
+
+libav (6:11.9-1~deb8u1) jessie-security; urgency=medium
+
+ * New upstream release.
+ - mpegvideo_parser: avoid signed overflow in bitrate calculation.
+ (CVE-2016-9821)
+ - mpeg12dec: avoid signed overflow in bitrate calculation. (CVE-2016-9822)
+ * debian/patches/mpegvideo_motion-Handle-edge-emulation-even-without-.patch:
+ Removed, included upstream.
+
+ -- Sebastian Ramacher <sramacher@debian.org> Sun, 23 Apr 2017 18:36:31 +0200
+
+libav (6:11.8-1~deb8u1) jessie-security; urgency=medium
+
+ * New upstream release.
+ * debian/upstream-signing-key.pgp: Update upstream signing key.
+ * debian/patches/mpegvideo_motion-Handle-edge-emulation-even-without-.patch:
+ Fix NULL pointer dereference in put_no_rnd_pixels8_xy2_mmx. (CVE-2016-7424)
+
+ -- Sebastian Ramacher <sramacher@debian.org> Sat, 24 Sep 2016 15:23:39 +0200
+
+libav (6:11.7-1~deb8u1) jessie-security; urgency=medium
+
+ * New upstream release fixing a security issue.
+ - mov: Check the entries value when parsing dref boxes (CVE-2016-3062)
+ * debian/patches/CVE-2016-2326.patch: Removed, included upstream.
+
+ -- Sebastian Ramacher <sramacher@debian.org> Sun, 12 Jun 2016 11:36:21 +0200
+
+libav (6:11.6-1~deb8u1) jessie-security; urgency=medium
+
+ * New upstream release fixing multiple security issues.
+ - concat: disable by default (CVE-2016-1897, CVE-2016-1898)
+ - aac_parser: add required padding for GetBitContext buffer
+ - ac3_parser: add required padding for GetBitContext buffer
+ - imc: add required padding for GetBitContext buffer
+ - h263: Always check both dimensions
+ - opusdec: properly handle mismatching configurations in multichannel
+ streams
+ - mov: Correctly allocate ctts_data
+ - aac: Wait to know the channels before allocating frame
+ - rtpdec_asf: Check memory allocation and free memory on error
+ - jack: Check memory allocation
+ - mov: Check memory allocation
+ - mkv: Correctly report the latest packet had been flushed
+ - aic: Fix slice size computation for widths multiples of 32 macroblocks
+ - webp: Make sure enough bytes are available
+ - g726: Do not crash on user mistake
+ - bytestream2: set the reader to the end when reading more than available
+ - vp7: bound checking in vp7_decode_frame_header
+ - mux: Make sure that the data is actually written
+ - file: properly forward errors from file_read() and file_write()
+ - mmvideo: Make sure the rle does not write over the frame boundaries
+ - opus: Buffer the samples from the correct offset
+ - nut: Use the correct codec_tag when multiple are available
+ - truemotion2: Fix the buffer check
+ - mimic: Always return on failure
+ - msnwc_tcp: Correctly report failure
+ - rpza: Check the blocks left before processing one
+ - dvdsubdec: Validate the RLE offsets
+ - avi: Validate the stream-id for DV as well
+ - mov: Use the correct type for size
+ * debian/confflags: Force --disable-protocol=concat.
+ * debian/patches/CVE-2016-2326.patch: avformat/asfenc: Check pts.
+ (CVE-2016-2326)
+
+ -- Sebastian Ramacher <sramacher@debian.org> Wed, 02 Mar 2016 23:13:43 +0100
+
+libav (6:11.4-1~deb8u1) jessie-security; urgency=high
+
+ [ Sebastian Ramacher ]
+ * New upstream release fixing multiple security issues.
+ - h264: Make sure reinit failures mark the context as not initialized
+ (CVE-2015-3417)
+ - msrle: Use FFABS to determine the frame size in msrle_decode_pal4
+ (CVE-2015-3395)
+ - cavs: Remove an unneeded scratch buffer
+ - configure: Disable i686 for i586 and lower CPUs (debian/783082)
+ - mjpegenc: Fix JFIF header byte ordering (bug/808)
+ - nut: Make sure to clean up on read_header failure
+ - png: Set the color range as full range
+ - avi: Validate sample_size
+ - nut: Check chapter creation in decode_info_header
+ - alac: Reject rice_limit 0 if compression is used
+ - ape: Support _0000 files with nblock smaller than 64
+ - mux: Do not leave stale side data pointers in ff_interleave_add_packet()
+ - avresample: Reallocate the internal buffer to the correct size (bug/825)
+ - mpegts: Update the PSI/SI table only if the version change
+ - rtsp: Make sure we don't write too many transport entries into a
+ fixed-size array
+ - rtpenc_jpeg: Handle case of picture dimensions not dividing by 8
+ - mov: Fix little endian audio detection
+ - x86: Put COPY3_IF_LT under HAVE_6REGS (gentoo/541930)
+ - roqvideoenc: set enc->avctx in roq_encode_init
+ - mp3: Properly use AVCodecContext API
+ - libvpx: Fix mixed use of av_malloc() and av_reallocp()
+ - Revert "lavfi: always check av_expr_parse_and_eval() return value"
+ - alsdec: only adapt order for positive max_order
+ - alsdec: check sample pointer range in revert_channel_correlation
+ - aacpsy: correct calculation of minath in psy_3gpp_init
+ - alsdec: limit avctx->bits_per_raw_sample to 32
+ - aasc: return correct buffer size from aasc_decode_frame
+ - matroskadec: fix crash when parsing invalid mkv
+ - avconv: do not overwrite the stream codec context for streamcopy
+ - webp: ensure that each transform is only used once
+ - h264_ps: properly check cropping parameters against overflow
+ - hevc: zero the correct variables on invalid crop parameters
+ - hevc: make the crop sizes unsigned
+
+ [ Reinhard Tartler]
+ * drop 01-configure-disable-i686-for-i586
+
+ -- Sebastian Ramacher <sramacher@debian.org> Mon, 01 Jun 2015 11:12:42 +0200
+
+libav (6:11.3-1+deb8u1) jessie; urgency=medium
+
+ * Fix use of illegal instruction on i586. (Closes: #783082)
+ - debian/confflags: Pass correct value to --cpu. Thanks to Bernhard
+ Übelacker for the patch.
+ - debian/patches:
+ + 01-configure-disable-i686-for-i586.patch: Upstream patch to disable
+ i686 instructions on i586.
+ + 02-configure-disable-ebx-gcc-4.9.patch: Workaround build failure with
+ gcc 4.9 and newer by disabling the use of ebx in handwritten assembler
+ code. Thanks to Bernhard Übelacker for the initial patch.
+
+ -- Sebastian Ramacher <sramacher@debian.org> Tue, 05 May 2015 21:59:47 +0200
+
+libav (6:11.3-1) unstable; urgency=medium
+
+ * New upstream release fixing multiple security issues.
+ - utvideodec: Handle slice_height being zero (CVE-2014-9604)
+ - adxdec: set avctx->channels in adx_read_header
+ - rmenc: limit packet size
+ - webp: validate the distance prefix code
+ - rv10: check size of s->mb_width * s->mb_height
+ - eamad: check for out of bounds read (CID/1257500)
+ - mdec: check for out of bounds read (CID/1257501)
+ - configure: Properly fail when libcdio/cdparanoia is not found
+ - tiff: Check that there is no aliasing in pixel format selection (CVE-2014-8544)
+ - aic: Fix decoding files with odd dimensions
+ - vorbis: Check the vlc value in setup_classifs
+ - arm: Suppress tags about used cpu arch and extensions
+ - prores: Extend the padding check to 16bit
+ - icecast: Do not use chunked post, allows feeding to icecast properly
+ - img2dec: correctly use the parsed value from -start_number
+ - h264_cabac: Break infinite loops
+ - hevc_deblock: Fix compilation with nasm (libav #795)
+ - h264: initialize H264Context.avctx in init_thread_copy
+ - h264: Do not share rbsp_buffer across threads
+ - h264: only ref cur_pic in update_thread_context if it is initialized
+ - matroskadec: Fix read-after-free in matroska_read_seek() (chromium #427266)
+ - log: Unbreak no-tty support on 256color terminals
+
+ -- Sebastian Ramacher <sramacher@debian.org> Fri, 13 Mar 2015 23:27:25 +0100
+
+libav (6:11.2-1) unstable; urgency=medium
+
+ * New upstream release fixing multiple security issues. (Closes: #773626)
+ - h264: restore a block mistakenly removed in e10fd08a
+ - on2avc: check number of channels (CVE-2014-8549)
+ - smc: fix the bounds check (CVE-2014-8548)
+ - gifdec: refactor interleave end handling (CVE-2014-8547)
+ - mmvideo: check frame dimensions (CVE-2014-8543)
+ - jvdec: check frame dimensions (CVE-2014-8542)
+ - mjpegdec: check for pixel format changes (CVE-2014-8541)
+ - mov: avoid a memleak when multiple stss boxes are present
+ - vc1: Do not assume seek happens after decoding
+ - avconv: Use the mpeg12 private option scan_offset (Closes: #773055)
+ - xsub: Support DXSA subtitles
+ - mp3dec: fix reading the Xing tag
+ - matroskaenc: write correct Display{Width, Height} in stereo encoding
+ - configure: Fix enabling memalign_hack automatically
+ - mp3enc: fix a triggerable assert
+ - latm: Do not give a score for a single instance
+ - mp3: Tweak the probe scores
+ - matroskaenc: write correct Display{Width, Height} in stereo encoding
+ - coverity: Fix most of the reported warnings and issues
+ * debian/control: Add myself to Uploaders.
+
+ -- Sebastian Ramacher <sramacher@debian.org> Sat, 17 Jan 2015 20:56:19 +0100
+
+libav (6:11.1-1) unstable; urgency=medium
+
+ * Team upload.
+ * Upload to unstable.
+
+ -- Sebastian Ramacher <sramacher@debian.org> Tue, 30 Dec 2014 17:08:42 +0100
+
+libav (6:11.1-1~exp1) experimental; urgency=medium
+
+ [ upstream ]
+ * New release.
+ + Replace lena.pnm.
+ Closes: bug#771126.
+ + Treat all '*.pnm' files as non-text file.
+ + opusdec: Ensure all substreams have same number of coded samples.
+ + lavu: Fix memory leaks by using a mutex instead of atomics.
+ + lavu: Add wrappers for the pthreads mutex API.
+ + mp3enc: Fix a triggerable assert.
+ + resample: Avoid off-by-1 errors in PTS calcs.
+ + imc: Fix order of operations in coefficients read.
+ + hevc_mvs: Ensure to always initialize the temporal MV fully.
+ + hevc_mvs: Initialize the temporal MV in case of missing ref.
+ + h264: Reset ret to avoid propagating minor failures.
+ + hevc: Initialize mergecand_list to 0.
+ + mpeg12: Always invoke the get_format() callback.
+ + h264: Always invoke the get_format() callback.
+ + Update default FATE URL for release/11.
+ + apetag: Fix APE tag size check.
+
+ [ Jonas Smedegaard ]
+ * Drop patches now included upstream.
+
+ -- Jonas Smedegaard <dr@jones.dk> Tue, 02 Dec 2014 16:37:04 +0100
+
+libav (6:11-2) unstable; urgency=medium
+
+ * add patches post v11 release, all of which will be included in the
+ next point release:
+ - 0001-apetag-Fix-APE-tag-size-check.patch
+ - 0002-Update-default-FATE-URL-for-release-11.patch
+ - 0003-h264-Always-invoke-the-get_format-callback.patch
+ - 0004-mpeg12-Always-invoke-the-get_format-callback.patch
+ - 0005-hevc-Initialize-mergecand_list-to-0.patch
+ - 0006-h264-reset-ret-to-avoid-propagating-minor-failures.patch
+ - 0007-hevc_mvs-initialize-the-temporal-MV-in-case-of-missi.patch
+ - 0008-hevc_mvs-make-sure-to-always-initialize-the-temporal.patch
+ - 0009-imc-fix-order-of-operations-in-coefficients-read.patch
+ - 0010-resample-Avoid-off-by-1-errors-in-PTS-calcs.patch
+
+ -- Reinhard Tartler <siretart@tauware.de> Sun, 19 Oct 2014 16:18:48 -0400
+
+libav (6:11-1) unstable; urgency=low
+
+ * Upload final 11 release
+ - matroskadec: parse stereo mode on decoding (Closes: #757185)
+
+ -- Reinhard Tartler <siretart@tauware.de> Sat, 13 Sep 2014 15:36:38 -0400
+
+libav (6:11~beta1-3) unstable; urgency=low
+
+ * Add post-release upstream patches
+ * Remove unapplied patches
+ * Remove /etc/avserver.conf (Closes: #760763)
+
+ -- Reinhard Tartler <siretart@tauware.de> Sat, 13 Sep 2014 07:58:42 -0400
+
+libav (6:11~beta1-2) unstable; urgency=medium
+
+ [ Reinhard Tartler ]
+ * Make libavcodec-dev depend on libavresample-dev
+
+ [ Rico Tzschichholz ]
+ * Some fixes and leftovers from soname bumps
+
+ -- Reinhard Tartler <siretart@tauware.de> Sat, 30 Aug 2014 11:02:45 -0400
+
+libav (6:11~beta1-1) experimental; urgency=low
+
+ * New upstream Release v11~alpha2
+ * build against libgnutls28-dev (Closes: #758447)
+ * Bump shlibs
+
+ -- Reinhard Tartler <siretart@tauware.de> Sun, 17 Aug 2014 22:33:40 -0400
+
+libav (6:11~alpha2-1) experimental; urgency=low
+
+ * New upstream Release v11~alpha2
+ - ffv1dec: check global parameters (CVE-2013-7020)
+ - mpegts: Check writing a PMTs (CVE-2014-2263)
+ - avcodec: Postpone FF_IDCT_XVIDMMX removal until the next version
+ bump (fixes gst-libav FTBFS)
+ * Bump shlibs
+ * Add helper scripts for doing mass rebuilds
+
+ -- Reinhard Tartler <siretart@tauware.de> Wed, 13 Aug 2014 22:11:14 -0400
+
+libav (6:11~alpha1-1) experimental; urgency=low
+
+ * New upstream Release v11~alpha1
+ - Fixes Unchecked conversion from double to enum (Closes: #749164)
+ * Add some post v11_alpha1 patches from upstream
+ * All SONAMEs bumped because of internal changes, but external API is
+ promised to have not changed
+
+ -- Reinhard Tartler <siretart@tauware.de> Sun, 10 Aug 2014 09:45:02 -0400
+
+libav (6:10.4-1) unstable; urgency=medium
+
+ * New Upstream Release v10.3
+ - mpegts: Do not try to write a PMT larger than SECTION_SIZE
+ (CVE-2014-2263)
+ - mpegts: Define the section length with a constant
+ - ffv1dec: check that global parameters do not change in version 0/1
+ (CVE-2013-7020)
+ - h264: fix interpretation of interleaved stereo modes
+ - svq1: do not modify the input packet
+ - cdgraphics: do not return 0 from the decode function
+ - cdgraphics: switch to bytestream2 (CVE-2013-3674)
+ - jpeg2000: enable 4 component pixel formats
+ - stereo3d: add missing include guards
+ - huffyuvdec: check width size for yuv422p (CVE-2013-0848)
+ - mmvideo: check horizontal coordinate too (CVE-2013-3672)
+ - wmalosslessdec: fix mclms_coeffs* array size (CVE-2014-2098)
+ * build against libgnutls28-dev (Closes: #758447)
+
+ -- Reinhard Tartler <siretart@tauware.de> Sun, 17 Aug 2014 21:55:47 -0400
+
+libav (6:10.3-1) unstable; urgency=medium
+
+ * New Upstream Release v10.3
+ - huffyuv: Check and propagate function return values (CVE-2013-0868)
+ - h264: prevent theoretical infinite loop in SEI parsing (CVE-2011-3946)
+ - pgssubdec: Check RLE size before copying (CVE-2013-0852)
+ - video4linux2: Avoid a floating point exception
+ - vf_select: Drop a debug av_log with an unchecked double to enum conversion
+ - librtmp: Don't free the temp url at the end of rtmp_open
+ - arm: Avoid using the 'setend' instruction on ARMv7 and newer
+ - avplay: Handle pixel aspect ratio properly
+ - eamad: use the bytestream2 API instead of AV_RL (CVE-2013-0851)
+ - pg2meet: allow size changes within original sizes
+ - af_compand: make sure request_frame always outputs at least one frame
+
+ -- Reinhard Tartler <siretart@tauware.de> Sun, 03 Aug 2014 22:30:41 -0400
+
+libav (6:10.2-2) unstable; urgency=low
+
+ [ Reinhard Tartler ]
+ * Fixed typo in debian/NEWS (Closes: #753453)
+
+ [ Stefan Lippers-Hollmann ]
+ * libavcodec-extra: declare as Section: metapackages (Closes: #747921)
+
+ -- Reinhard Tartler <siretart@tauware.de> Sun, 20 Jul 2014 14:57:15 -0400
+
+libav (6:10.2-1) unstable; urgency=high
+
+ * Bumping severity for critical LZO security issue.
+ * New Upstream Release v10.2
+ - aarch64: Use the correct syntax for relocations (Closes: #751856,
+ - LP: #1323144)
+ - ppc: Fix compilation for ppc64le (ELFv2) (LP: #1263802)
+ - avconv: make -shortest work with streamcopy
+ - lzo: Handle integer overflow (Reported by Don A. Bailey)
+ - Check if an mp3 header is using a reserved sample rate.
+ - Check mp3 header before calling avpriv_mpegaudio_decode_header().
+ - jpeg2000: fix dereferencing invalid pointers during cleanup
+ - avpacket: fix copying side data in av_packet_copy_props()
+ - oggenc: Set the right AVOption size for the pref_duration option
+ - adpcm: Avoid reading out of bounds in the IMA QT trellis encoder
+ - adpcm: Write the proper predictor in trellis mode in IMA QT
+ * No longer build avserver (Closes: #734335)
+ * Clarify licensing in debian/copyright (Closes: #698019)
+
+ -- Reinhard Tartler <siretart@tauware.de> Fri, 27 Jun 2014 22:23:32 -0400
+
+libav (6:10.1-1) unstable; urgency=low
+
+ * New upstream release 10:
+ - pcm-dvd: Fix 20bit decoding (bug/592)
+ - avi: Improve non-interleaved detection (bug/666)
+ - arm: hpeldsp: fix put_pixels8_y2_{,no_rnd_}armv6
+ - arm: hpeldsp: prevent overreads in armv6 asm (bug/646)
+ - avfilter: Add missing emms_c when needed
+ - rtmpproto: Check the buffer sizes when copying app/playpath strings
+ - swscale: Fix an undefined behaviour
+ - vp9: Read the frame size as unsigned
+ - dcadec: Use correct channel count in stereo downmix check
+ - dcadec: Do not decode the XCh extension when downmixing to stereo
+ - matroska: add the Opus mapping
+ - matroskadec: read the CodecDelay element
+ - rtmpproto: Make sure to pass on the error code if read_connect failed
+ - lavr: allocate the resampling buffer with a positive size
+ - mp3enc: Properly write bitrate value in XING header (Closes: #736088)
+ - golomb: Fix the implementation of get_se_golomb_long
+ * Drop debian/libav-tools.maintscript. ffserver is no longer found in
+ stable, and this seems to cause other problems today (Closes: #742676)
+
+ -- Reinhard Tartler <siretart@tauware.de> Sun, 11 May 2014 12:28:45 -0400
+
+libav (6:10-2) experimental; urgency=low
+
+ * Recompile against libx264-142 and librtmp1
+ * Bump standards version, no changes needed
+ * Drop Andres Meija from uploaders. Thanks Andres for your contributions
+ to the libav package! (Closes: #743526).
+
+ -- Reinhard Tartler <siretart@tauware.de> Sat, 12 Apr 2014 08:44:31 -0400
+
+libav (6:10-1) experimental; urgency=low
+
+ * New upstream release 10. Full changelog avaialble at:
+ http://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v10
+
+ -- Reinhard Tartler <siretart@tauware.de> Sun, 23 Mar 2014 14:23:55 -0400
+
+libav (6:10~beta2-2) experimental; urgency=low
+
+ * Drop unnecessary packages: libavformat-extra-, libavutil-extra,
+ libavfilter-extra and libavdevice-extra.
+ * Incorporate post-beta2 patches, including the icy header detection
+ patches (Closes: #740421)
+ * Add a note about 'ffmpeg' in libav-tools's package description
+ (Closes: #729469)
+
+ -- Reinhard Tartler <siretart@tauware.de> Sat, 15 Mar 2014 14:46:20 +0000
+
+libav (6:10~beta2-1) experimental; urgency=low
+
+ * New Upstream release 10_beta2. This upstream git snapshot has too many
+ changes to list here, cf. to the upstream Changelog:
+ http://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v10_beta2
+
+ -- Reinhard Tartler <siretart@tauware.de> Sat, 15 Mar 2014 00:34:08 +0000
+
+libav (6:10~beta1-2) experimental; urgency=low
+
+ * New Upstream release 10_beta1. This upstream git snapshot has too many
+ changes to list here, cf. to the upstream Changelog:
+ http://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v10_beta1
+ - works with H.264 that has different bit depth between chroma and luma,
+ Closes: #738599
+ * Bump shlibs
+
+ -- Reinhard Tartler <siretart@tauware.de> Mon, 17 Feb 2014 22:07:03 +0000
+
+libav (6:10~alpha2-1) experimental; urgency=low
+
+ * New Upstream release 10_alpha2. This upstream git snapshot has too many
+ changes to list here, cf. to the upstream Changelog:
+ http://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v10_alpha2
+
+ -- Reinhard Tartler <siretart@tauware.de> Sat, 18 Jan 2014 15:46:55 +0000
+
+libav (6:10~alpha1-1) experimental; urgency=low
+
+ * New Upstream release 10_alpha1. This upstream git snapshot has too many
+ changes to list here, cf. to the upstream Changelog:
+ http://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v10_alpha1
+ - Opus in Ogg demuxing Closes: #733884, #720563, LP: #1265196
+ - avprobe output is now standard INI or JSON. Closes: #715467
+ - Properly working defaults in libx264 wrapper, Closes: #687048
+ - avconv -t option can now be used for inputs, to limit the duration of
+ data read from an input file, Closes: #722003
+
+ -- Reinhard Tartler <siretart@tauware.de> Wed, 18 Dec 2013 15:16:03 +0000
+
+libav (6:9.13-1) unstable; urgency=medium
+
+ * New upstream release 9.13:
+ - swscale: Fix an undefined behaviour
+ - matroska: add the Opus mapping
+ - mp3enc: Properly write bitrate value in XING header (Closes: #736088)
+ - origin/pu/9 oggdec: add support for Opus in Ogg demuxing
+ (Fixes: libav/603, Closes: #720563)
+ - apedec: do not buffer decoded samples over AVPackets (Closes: #744901)
+ - isom: lpcm in mov default to big endian
+ - movdec: handle 0x7fff langcode as macintosh per the specs
+ - h264: reset next_output_pic earlier in start_frame()
+ (Fixes: libav/672, Closes: #741240, LP: #1288206)
+ - rtmpproto: Make sure to pass on the error code if read_connect failed
+ - lavr: allocate the resampling buffer with a positive size
+ - tiffdec: use bytestream2 to simplify overread/overwrite protection
+ - resample: fix avresample_get_delay() return value
+ - avi: Improve non-interleaved detection (Fixes: libav/666)
+ - af_channelmap: fix ONE_STR mapping mode
+ - movenc: allow override of "writing application" tag
+ - matroskaenc: allow override of "writing application" tag
+ - avfilter: Add missing emms_c when needed
+ - build: Use pkg-config for openjpeg (Fixes: libav/387)
+ - mpeg12: check scantable indices in all decode_block functions
+ - sgidec: fix buffer size check in expand_rle_row()
+ - adx: check that the offset is not negative
+ - mpegvideo: set reference/pict_type on generated reference frames
+ - h264: Fix various crashes found in samples pointed by Mateusz
+ "j00ru" Jurczyk and Gynvael Coldwind - Thanks!
+ * Rebuild is reported to fix vaapi, Closes: #745655
+ * Fix invocation of dpkg-maintscript helper, LP: #1315672
+ * cleanup leftovers of the former libav-source package
+ * Simplify listing packages with dh_listpackage
+ * Drop transitional arch:all -extra- packages
+ * Bump standards version to 3.9.5, no changes needed
+
+ -- Reinhard Tartler <siretart@tauware.de> Sun, 04 May 2014 16:11:03 -0400
+
+libav (6:9.11-4) unstable; urgency=medium
+
+ * Imported Upstream version 9.11
+ - bumped severity because of many security relevant changes
+ - update freetype header detection
+
+ -- Reinhard Tartler <siretart@tauware.de> Sat, 15 Mar 2014 02:05:34 +0000
+
+libav (6:9.11-3) unstable; urgency=low
+
+ * Add upstream patch to enable PIC on s390(x), Closes: #726733
+
+ -- Reinhard Tartler <siretart@tauware.de> Wed, 05 Mar 2014 02:49:52 +0000
+
+libav (6:9.11-2) unstable; urgency=low
+
+ * Avoid the use of pipes to not cover segfaulting libavcodecs (cf. #726733)
+ * refactor call_and_install_avconv_dump functionality
+ * Rebuild against libfreetype 2.5.1 (closes: #731307)
+ * i386 shared builds must be optimized for 586, (closes: 728928, #688384)
+
+ -- Reinhard Tartler <siretart@tauware.de> Sat, 22 Feb 2014 14:34:54 +0000
+
+libav (6:9.11-1) unstable; urgency=low
+
+ * Imported Upstream version 9.11
+ - drop patch mathematics-remove-asserts-from-av_rescale_rnd.patch,
+ merged upstream
+ - mathematics: remove asserts from av_rescale_rnd, (Closes: #718805)
+ * Support Opus in Ogg containers (Closes: #733884, 720563)
+ * Refactor conffile moving
+ * No longer build-depend on libtiff4-dev. Closes: #736020
+ * Disable opencv filter because of #737584
+ * Check upstream OpenPGP signatures (Closes: #723692)
+
+ -- Reinhard Tartler <siretart@tauware.de> Wed, 05 Feb 2014 00:24:42 +0000
+
+libav (6:9.10-3) unstable; urgency=low
+
+ * Add upstream patch: mathematics: remove asserts from av_rescale_rnd
+ Closes: #718805
+ * Remove the makeinfo patch, it just disables generation of the html
+ equivalents of the manpages
+ * No longer build-depend on libtiff4-dev. Closes: #736020
+
+ -- Reinhard Tartler <siretart@tauware.de> Wed, 22 Jan 2014 08:13:40 -0500
+
+libav (6:9.10-2) unstable; urgency=low
+
+ [ Fabian Greffrath ]
+ * Fix upstream changelog link in previous changelog entry.
+ * Transition from the "texi2html" utility to the "makeinfo" utility from the
+ texinfo package, fixes build-depends-on-obsolete-package lintian error and
+ addresses <https://lists.debian.org/debian-devel/2013/05/msg01516.html>.
+ * debhelper (>= 9) is now available in stable and old-bpo.
+ * Use "set -e" in the body of the libav-tools maintainer scripts.
+ * Fix vcs-field-not-canonical lintian warning.
+ * Set executable permissions for qt-faststart, fixes unstripped-binary-or-object
+ lintian warning.
+ * Fix some spelling errors detected by lintian.
+
+ [ Reinhard Tartler ]
+ * compile against libtiff5-dev
+ * Drop some special code paths for building the ubuntu flavor
+ (no longer necessary over there)
+
+ -- Reinhard Tartler <siretart@tauware.de> Sun, 03 Nov 2013 08:35:04 -0500
+
+libav (6:9.10-1) unstable; urgency=medium
+
+ * New upstream release 9.10
+ * Too many security related upstream changes to list here, please cf. to
+ upstream changelog:
+ http://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v9.10
+ * Urgency set to medium because new upstream release fixes many security
+ issues.
+ * Do not accidentally overwrite installed binaries from different flavors.
+ Thanks to Fabian Greffrath for the patch (Closes: #725956)
+
+ -- Reinhard Tartler <siretart@tauware.de> Thu, 10 Oct 2013 10:53:54 -0400
+
+libav (6:9.9-1) experimental; urgency=low
+
+ * New upstream release 9.9
+ * Too many security related upstream changes to list here, please cf. to
+ upstream changelog. Closes: #717009
+
+ -- Reinhard Tartler <siretart@tauware.de> Mon, 07 Oct 2013 18:07:14 -0400
+
+libav (6:9.8-2) unstable; urgency=low
+
+ * Upload to unstable
+ * Weaken dependencies on libx264, opencv and frei0r for now to allow
+ compilation. This dependency will be tightened as soon as the
+ libraries have been updated in unstable.
+
+ -- Reinhard Tartler <siretart@tauware.de> Tue, 13 Aug 2013 15:10:05 +0200
+
+libav (6:9.8-1) experimental; urgency=low
+
+ * New upstream release 9.8, Closes: #716734, #716735
+ * Upstream Changes:
+ - kmvc: Clip pixel position to valid range
+ - kmvc: Use fixed sized arrays in the context
+ - indeo: Reject negative array indexes
+ - indeo: Check for reference when inheriting motion vectors
+ - indeo: Properly forward the error codes
+ - mjpeg: Check the unescaped size for overflows
+ - wmapro: Error out on impossible scale factor offsets
+ - wmapro: Check the min_samples_per_subframe
+ - wmapro: Return early on unsupported condition
+ - wmapro: Check num_vec_coeffs against the actual available buffer
+ - wmapro: Make sure there is room to store the current packet
+ - lavc: Move put_bits_left in put_bits.h
+ - 4xm: Do not overread the source buffer in decode_p_block
+ - 4xm: Check bitstream_size boundary before using it
+
+ -- Reinhard Tartler <siretart@tauware.de> Sat, 13 Jul 2013 08:26:24 +0200
+
+libav (6:9.7-1) experimental; urgency=low
+
+ * New upstream release 9.7, Most of the following fixes resulted from
+ test samples that the Google Security Team has kindly made available:
+
+ - 4xm: fix several programming errors to avoid crashes, etc.
+ - apetag: use int64_t for filesize
+ - jpegls: Fix invalid writes to memory
+ - ljpeg: use the correct number of components in YUV
+ - mjpeg: Validate sampling factors
+ - mjpegdec: properly report unsupported disabled features
+ - mjpegdec: validate parameters in mjpeg_decode_scan_progressive_ac
+ - mpegvideo: allocate sufficiently large scratch buffer for interlaced vid
+ - pixdesc: mark gray8 as pseudopal
+ - smacker: fix several programming errors to avoid crashes, etc.
+ - tiff: do not overread the source buffer
+ - vmd: drop incomplete chunks and spurious samples
+ - vmdav: convert to bytestream2 to avoid invalid reads and writes
+ - wavpack: check packet size early
+ - wavpack: use bytestream2 in wavpack_decode_block
+ - wavpack: validate samples size parsed in wavpack_decode_block
+
+ -- Reinhard Tartler <siretart@tauware.de> Sun, 30 Jun 2013 17:21:27 +0200
+
+libav (6:9.6-2) experimental; urgency=low
+
+ * Tighten build dependency on libx264, Closes: #709817
+ * Introduce the libavcodec-extra meta-package
+ * No longer check for --enable-dirac switch
+ * Bump standards version
+ * Cleanup some obsolete Package relationship fields
+ * Drop obsolete DM-Upload field
+ * libavcodec-extra: add misc:Depends substvar
+ * Factor out binary-indep builds
+ * Install tool HTML documentation into libav-tools package
+
+ -- Reinhard Tartler <siretart@tauware.de> Wed, 29 May 2013 22:07:02 +0200
+
+libav (6:9.6-1) experimental; urgency=low
+
+ * New Upstream release 9.6
+ - wav: Always seek to an even offset, Bug #500, LP: #1174737
+ - various security relevant patches
+
+ -- Reinhard Tartler <siretart@tauware.de> Mon, 20 May 2013 10:54:36 +0200
+
+libav (6:9.5-1) experimental; urgency=low
+
+ * New Upstream version 9.5:
+ - Most of the following fixes resulted from test samples that
+ the Google Security Team has kindly made available
+
+ -- Reinhard Tartler <siretart@tauware.de> Thu, 25 Apr 2013 22:32:11 +0200
+
+libav (6:9.4-1) experimental; urgency=low
+
+ * Imported Upstream version 9.4
+ - h264: check for luma and chroma bit dept being equal (CVE-2013-2277)
+ - iff: validate CMAP palette size (CVE-2013-2495)
+ - Thus, closes: #703200
+ * debian/watch: download xz files and tigthen checks
+
+ -- Reinhard Tartler <siretart@tauware.de> Sun, 24 Mar 2013 07:30:01 +0100
+
+libav (6:9.3-1) experimental; urgency=low
+
+ [ Jonas Smedegaard ]
+ * Stop using CDBS.
+
+ [ Reinhard Tartler ]
+ * Imported Upstream version 9.2 (never uploaded, though)
+ * Imported Upstream version 9.3:
+ - Fixes CVE-2013-0894
+ * drop 02-fix-build-on-non-armv5te.patch, merged upstream
+
+ -- Reinhard Tartler <siretart@tauware.de> Sat, 02 Mar 2013 14:34:27 +0100
+
+libav (6:9.1-3) experimental; urgency=low
+
+ * Build-depend on libopus-dev.
+ * Stop needlessly build-depending on libcv-dev.
+ * Tighten build-dependencies on frei0r-plugins-dev, libopencv-dev and
+ libx264-dev, to use experimental packages.
+ * Have libav-tools and libavfilter3 suggest frei0r-plugins.
+ * Add upstream patch 02 to fix build on armel without armv5te support.
+
+ -- Jonas Smedegaard <dr@jones.dk> Sun, 20 Jan 2013 15:54:42 +0100
+
+libav (6:9.1-2) experimental; urgency=low
+
+ [ Jonas Smedegaard ]
+ * Document all licensing of binary packages in README.Debian (not
+ partly as comment in copyright file), to avoid confusing source
+ issued licenses with binary resolved licensing.
+
+ [ Reinhard Tartler ]
+ * Bump shlibs to 6:9.1-1
+ * Fix internal shlibs
+
+ -- Reinhard Tartler <siretart@tauware.de> Sat, 19 Jan 2013 10:06:15 +0100
+
+libav (6:9.1-1) experimental; urgency=low
+
+ [ Jonas Smedegaard ]
+ * Rewrite copyright file using copyright format 1.0.
+ Closes: bug#694657. Thanks to Francesco Poli.
+ * Include CDBS utils.mk, to track future copyright/licensing changes.
+ Build-depend on cdbs. Update README.source.
+
+ [ Reinhard Tartler ]
+ * Imported Upstream version 9
+ - New releases fixes (among others) CVE-2012-2882 CVE-2012-5359
+ CVE-2012-5360 CVE-2012-5361, Closes: #694483
+ * drop debian/recordshow.sh
+ * ignore shlib-with-non-pic-code also for libavcodec-extra-54
+ * make libavcodec54/libavcodec-extra-54 properly conflict/replace each other
+
+ -- Reinhard Tartler <siretart@tauware.de> Mon, 07 Jan 2013 22:42:25 +0100
+
+libav (6:9~beta3-1) experimental; urgency=low
+
+ * New upstream version.
+
+ -- Reinhard Tartler <siretart@tauware.de> Fri, 21 Dec 2012 15:32:13 +0100
+
+libav (6:9~beta2-4) experimental; urgency=low
+
+ * Fix compilation on the buildds
+
+ -- Reinhard Tartler <siretart@tauware.de> Fri, 16 Nov 2012 07:56:59 +0100
+
+libav (6:9~beta2-3) experimental; urgency=low
+
+ * Include all post 9beta2 patches
+ - Fixes linking with libavfilter/libavutil, Closes: #693040
+ * libavresample1: Unbreak partial updates by adding Replaces
+ relationship with libavresample0, Closes: #693327
+ * Fix installation of doxygen HTML pages.
+ * add lintian override for libavcodec-extra-54
+
+ -- Reinhard Tartler <siretart@tauware.de> Thu, 15 Nov 2012 21:29:50 +0100
+
+libav (6:9~beta2-2) experimental; urgency=low
+
+ * add post 9 beta2 patches
+ * import bits from ubuntu to minimize the diff
+ * Remove stale Conflicts/Replaces on libavutil51, fixes instability
+ issues with libavutil51.
+
+ -- Reinhard Tartler <siretart@tauware.de> Sun, 11 Nov 2012 17:21:15 +0100
+
+libav (6:9~beta2-1) experimental; urgency=low
+
+ * new upstream release: libav 9 beta2
+ * Imported Upstream version 9~beta2
+ * SONAME bump: libavutil51->libavutil52, (Closes: #691088)
+ * bump shlibs file
+ * fix package names to follow correct soname of libavresample1
+
+ -- Reinhard Tartler <siretart@tauware.de> Tue, 23 Oct 2012 18:49:26 +0200
+
+libav (6:9~beta1-1) experimental; urgency=low
+
+ [ Fabian Greffrath ]
+ * Imported Upstream version 6:0.8.99-3213-gd16860a
+
+ [ Andres Mejia ]
+ * Update libav-doc doc base. (Closes: #674139)
+
+ [ Fabian Greffrath ]
+ * Use the cond_enable() macro for all additional features in
+ debian/confflags.
+ * Tidy up and sort configuration flags.
+ * Add a debian/README.source file that describes how to rebuild libav with a
+ reduced feature set in order to avoid circular build-dependencies for
+ bootstrapping.
+ * Restrict Build-Depends to "yasm [any-amd64 any-i386]" and explicitely
+ disable it if not found.
+
+ [ Reinhard Tartler ]
+ * add dependency on libavcodec54 to libav-dbg
+ * add Pre-Depend on dpkg to libav-tools to ensure smooth updates
+ * libav-tools.install: make files to install more explicit
+
+ [ Loïc Minier ]
+ * Install the shared flavor last
+ * control/Uploaders: update my email address
+
+ [ Reinhard Tartler ]
+ * Declare a 'Breaks' relationship against mplayer, Closes: #671934
+ * Bug fix: "Multi-Arch: foreign libraries", thanks to Stepan Golosunov.
+ * Remove Multi-arch header from the empty, transitional -extra- packages
+
+ [ Fabian Greffrath ]
+ * Mention qt-faststart in the long description (Closes: #681491.)
+ * Install all debug symbols into libav-dbg (Closes: #680602).
+ * Do not run doxygen if it is not installed.
+ * Fix up debian/changelog and get dependencies right accordingly.
+
+ [ Reinhard Tartler ]
+ * Make libav-extra-dbg arch:all
+ * Fix generation of shlibs file (Closes: #679542)
+
+ [ Fabian Greffrath ]
+ * Also make libav-regular-dbg 'arch: all' for consistency with the other debug packages.
+ * Fix generation of shlibs file not only for libavcodec*, but for all the other library packages as well.
+ * Use xz compression for binary packages, thanks Ansgar Burchardt (Closes: #683895).
+
+ [ Reinhard Tartler ]
+ * Drop the package libav-regular-dbg
+
+ [ Fabian Greffrath ]
+ * Clarify relations between libavcodec54 and libavcodec-extra-54 in debian/control.
+
+ [ Reinhard Tartler ]
+ * New Upstream version: 9 beta1
+ * remove compatibility links for ff* tools.
+ * New release fixes all known CVE entries so far (Closes: #688847)
+ * libav-dbg: avoid dependency on 'ffmpeg' package
+ * remove package libav-extra-dbg
+ * allow co-installation of libav-dbg with libavcodec-extra-54
+ * temporarily disable libopus support until #690563 is fixed
+
+ -- Reinhard Tartler <siretart@tauware.de> Tue, 16 Oct 2012 18:38:46 +0200
+
+libav (6:0.8.99-1537-gacb2c79-2) experimental; urgency=low
+
+ [ Rico Tzschichholz ]
+ * Fix lintian-overrides after soname bump
+ * Fix some conflicts/replaces
+ * Bump shlibs version
+
+ [ Reinhard Tartler ]
+ * Update changelog
+
+ -- Reinhard Tartler <siretart@tauware.de> Tue, 15 May 2012 09:21:24 +0200
+
+libav (6:0.8.99-1537-gacb2c79-1) experimental; urgency=low
+
+ * New upstream snapshot
+ - Drop patches applied upstream
+ - Longer build libpostproc, dropped upstream
+ - follow soname bump of libavcodec and libavformat 53->54
+ - New library: libswresample
+ * no longer build and use dirac, removed upstream in favor of libschroedinger
+ * remove deprecated ffmpeg package
+ * bump shlibs version
+
+ -- Reinhard Tartler <siretart@tauware.de> Sat, 12 May 2012 22:02:03 +0200
+
+libav (6:0.8.8-1) unstable; urgency=low
+
+ * Imported Upstream version 0.8.7, new releases fixes a number of
+ security relevant patches.
+ * backport patch from upstream to make samplefmt auto-aling buffers
+ (Closes: #713856)
+
+ -- Reinhard Tartler <siretart@tauware.de> Fri, 12 Jul 2013 22:00:28 +0200
+
+libav (6:0.8.7-1) unstable; urgency=medium
+
+ * Imported Upstream version 0.8.7, new releases fixes:
+ - wav: Always seek to an even offset, Bug #500, LP: #1174737
+ - A number of further security relevant patches.
+
+ -- Reinhard Tartler <siretart@tauware.de> Mon, 20 May 2013 11:04:00 +0200
+
+libav (6:0.8.6-1) unstable; urgency=low
+
+ * Imported Upstream version 0.8.6, new releases fixes:
+ - h264: check for luma and chroma bit depth being equal (CVE-2013-2277)
+ - iff: validate CMAP palette size (CVE-2013-2495)
+ - msrledec: convert to bytestream2 API and add proper bounds checking (CVE-2013-2496)
+ - vorbisdec: Error on bark_map_size equal to 0 (CVE-2013-0894)
+ - Thus, closes: #703200
+
+ -- Reinhard Tartler <siretart@tauware.de> Sun, 24 Mar 2013 07:35:51 +0100
+
+libav (6:0.8.5-1) unstable; urgency=low
+
+ * New upstream security/bugfix release. New releases fixes
+ (bug numbers reference http://bugzilla.libav.org, Closes: #694483)
+ - Indeo 4 (CVE-2012-2791)
+ - VP5/VP6 (CVE-2012-2783)
+ - Indeo 3 (CVE-2012-2804)
+ - MPEG-1/2 (CVE-2012-2803)
+ - MP3 (CVE-2012-2797)
+ - AAC (CVE-2012-5144)
+ - AC-3 (CVE-2012-2802)
+ - AVS (CVE-2012-2801)
+ - DFA (CVE-2012-2798)
+ - ID3v2 (Bug 395)
+ - Serious Memory leaks on broken Ogg files
+ * drop recordshow script. This clearly undermaintained script has
+ unclear copyright status and is unlikely to work properly anyway.
+
+ -- Reinhard Tartler <siretart@tauware.de> Sun, 13 Jan 2013 11:56:59 +0100
+
+libav (6:0.8.4-1) unstable; urgency=low
+
+ * New upstream security/bugfix release. New release fixes:
+ (bug numbers reference http://bugzilla.libav.org, Closes: #688847)
+ - h264 (Bug 118), vc1dec (CVE-2012-2796), sipr, bmpdec (bug 367), alsdec
+ (CVE-2012-2775), rv34/rv40 (CVE-2012-2772), indeo3/indeo4
+ (CVE-2012-2776, CVE-2012-2779, CVE-2012-2787, CVE-2012-2794,
+ CVE-2012-2800), vorbisenc, vorbisdec (Bug 277), snow, ac3dec
+ (CVE-2012-2802), avsdec (CVE-2012-2801), dfa (CVE-2012-2786,
+ CVE-2012-2798), lagrith (CVE-2012-2793), wmaprodec (CVE-2012-2789 &
+ Bug 327), avidec (CVE-2012-2788, CVE-2012-2790), cavsdec
+ (CVE-2012-2777, CVE-2012-2784), wav (Bug 379), yuff4mpeg (Bug 373),
+ mpegaudio, tiffenc, smacker (Bug 265).
+ - smaller bug fixes in avconv (Bug 352)
+ - fix lt() and lte() in function evaluator
+ - fix segfault in avformat_open_input()
+ - fix segfault in golomb decoder (bug 310)
+ - fix segfault (double free) in libavfilter
+ - convert dfa decoder to bytestream2 API to protect from overreads
+ - bugfix in vf_pad/scale filter (Bug 203 & 245)
+ - lavc: remove stats_out and stats_in from the options table.
+ (Bug 380, Closes: #690726)
+ * Drop patches applied upstream.
+
+ -- Reinhard Tartler <siretart@tauware.de> Mon, 22 Oct 2012 20:57:08 +0200
+
+libav (6:0.8.3-7) unstable; urgency=low
+
+ [ Fabian Greffrath ]
+ * Fix generation of shlibs file not only for libavcodec*, but for all the
+ other library packages as well. Really closes: #679542
+ * Use xz compression for binary packages, thanks Ansgar Burchardt
+ (Closes: #683895).
+
+ [ Reinhard Tartler ]
+ * use EPOCH macro in SHLIBS_VERSION
+ * Drop the package 'libav-regular-dbg'. It was not included in squeeze.
+
+ -- Reinhard Tartler <siretart@tauware.de> Sat, 25 Aug 2012 11:08:48 +0200
+
+libav (6:0.8.3-6) unstable; urgency=low
+
+ * Clarify the changes in the 6:0.8.3-5 upload, as discussed in bug
+ #683247.
+ * Make ffmpeg-dbg 'arch: all' for consistency with the libav-extra-dbg
+ package.
+ * Fix generation of shlibs file. (Closes: #679542)
+ Wrong make variables where used for the shlibs generation.
+
+ -- Reinhard Tartler <siretart@tauware.de> Sat, 04 Aug 2012 09:03:54 +0200
+
+libav (6:0.8.3-5) unstable; urgency=low
+
+ [ Reinhard Tartler ]
+ * Bug fix: "Multi-Arch: foreign libraries", thanks to Stepan Golosunov.
+ Make the transitional libavfoo-extra-NN packages 'arch: all' and
+ remove the 'Multi-Arch: foreign' fields to avoid that the dependency
+ can be satisfied by packages of other architectures, which would break
+ applications. Closes: #680613
+ * Make libav-extra-dbg 'arch: all'. As empty, transitional package
+ without strict dependencies, we can safely ship it as arch:all
+ package.
+
+ [ Fabian Greffrath ]
+ * Mention qt-faststart in the long description (Closes: #681491).
+ * Install all debug symbols into libav-dbg (Closes: #680602).
+ * Do not run doxygen if it is not installed. This does not change anything
+ for regular builds, but helps with bootstrapping the package to new
+ architectures that may not have doxygen available yet.
+ * Fix up debian/changelog and tighten dependencies.
+ * Do not declare "ffmpeg" as virtual package (provided by libav-tools).
+ Instead, we provide it as transitional package for libav-tools. Note
+ the next upstream version will no longer provide neither an 'ffmpeg'
+ package, nor a /usr/bin/ffmpeg binary. This means that front-end
+ applications in Debian that previously used this binary needs to be
+ ported to /usr/bin/avconv for jessie.
+
+ -- Reinhard Tartler <siretart@tauware.de> Sun, 15 Jul 2012 23:13:42 +0200
+
+libav (6:0.8.3-4) unstable; urgency=low
+
+ * Declare a 'Breaks' relationship against mplayer, Closes: #671934
+
+ -- Reinhard Tartler <siretart@tauware.de> Tue, 26 Jun 2012 08:46:42 +0200
+
+libav (6:0.8.3-3) unstable; urgency=low
+
+ * Install the shared flavor last; the binaries from the optimized flavor(s)
+ would overwrite the ones from the shared baseline flavor causing SIGILL;
+ closes: #657885.
+ * control/Uploaders: update my email address
+
+ -- Loïc Minier <lool@debian.org> Mon, 25 Jun 2012 21:21:24 +0200
+
+libav (6:0.8.3-2) unstable; urgency=low
+
+ [ Fabian Greffrath ]
+ * Clarify relations between libavcodec53 and libavcodec-extra-53
+ in debian/control.
+ * Use the cond_enable() macro for all additional features in debian/confflags.
+ * Tidy up and sort configuration flags.
+ * Add a debian/README.source file that describes how to rebuild libav
+ with a reduced feature set in order to avoid circular build-dependencies
+ for bootstrapping.
+ * Restrict Build-Depends to "yasm [any-amd64 any-i386]"
+ and explicitly disable it if not found.
+
+ [ Reinhard Tartler ]
+ * add patch from upstream to fix playback of Canon AVHCD movies.
+ (Fixes: LP: #937561)
+ * fix location in ffmpeg.NEWS file
+ * add dependency on libavcodec53 to libav-dbg
+ * add Pre-Depend on dpkg to libav-tools to ensure smooth updates
+ * {ffmpeg,libav-tools}.install: make files to install more explicit
+
+ -- Reinhard Tartler <siretart@tauware.de> Mon, 25 Jun 2012 19:06:49 +0200
+
+libav (6:0.8.3-1) unstable; urgency=medium
+
+ [ Andres Mejia ]
+ * Update libav-doc doc base. (Closes: #674139)
+
+ [ Reinhard Tartler ]
+ * New upstream release 0.8.3:
+ - Several bugs and crashes have been fixed in the following codecs: PNG,
+ Electronic Arts TQI, H.264 (CVE-2012-0851) and H.263 (CVE-2011-3937)
+ * Raising severity because of security issues.
+
+ -- Reinhard Tartler <siretart@tauware.de> Sat, 09 Jun 2012 13:25:31 +0200
+
+libav (6:0.8.2-2) unstable; urgency=low
+
+ * Revert "temporarily disable opencv to work around dependency troubles"
+ * Simplify internal dependencies (Closes: #672791)
+
+ -- Reinhard Tartler <siretart@tauware.de> Mon, 14 May 2012 21:37:59 +0200
+
+libav (6:0.8.2-1) unstable; urgency=medium
+
+ * New upstream release:
+ - Several bugs and crashes have been fixed in the following codecs: AAC,
+ APE, H.263, H.264, Indeo 4, Mimic, MJPEG, Motion Pixels Video, RAW,
+ TTA, VC1, VQA, WMA Voice, vqavideo (CVE-2012-0947).
+ - Several bugs and crashes have been fixed in the following formats:
+ ASF, ID3v2, MOV, xWMA
+ - This release additionally updates the following codecs to the
+ bytestream2 API, and therefore benefit from additional overflow
+ checks: truemotion2, utvideo, vqavideo
+ * drop 02-fix-avpreset-extension.patch, applied upstream
+ * Revert "Revert "temporarily disable opencv to work around dependency
+ troubles"" (Closes: #671302)
+ * Bumped urgency because of security issue.
+
+ -- Reinhard Tartler <siretart@tauware.de> Sat, 05 May 2012 11:08:44 +0200
+
+libav (6:0.8.1-7) unstable; urgency=low
+
+ * Fix build for hurd. Thanks to Samuel Thibault for patch. (Closes: #613034)
+ (Closes: #671038)
+ * Properly migrate /etc/ffserver.conf to /etc/avserver.conf.
+ (Closes: #660786)
+ * Renable opencv support.
+
+ -- Andres Mejia <amejia@debian.org> Tue, 01 May 2012 21:33:13 -0400
+
+libav (6:0.8.1-6) unstable; urgency=low
+
+ * Fix epoch in strict internal dependencies. Closes: #670861
+ * Temporarily disable opencv to work around dependency trouble
+
+ -- Reinhard Tartler <siretart@tauware.de> Mon, 30 Apr 2012 08:14:20 +0200
+
+libav (6:0.8.1-5) unstable; urgency=low
+
+ [ Andres Mejia ]
+ * Fix issue with file not being multiarch compatible. (Closes: #669988)
+
+ [ Reinhard Tartler ]
+ * Bump epoch to fix messed upload to unstable (Closes: #670762)
+
+ -- Reinhard Tartler <siretart@tauware.de> Sun, 29 Apr 2012 10:30:26 +0200
+
+libav (5:0.8.1-4) unstable; urgency=low
+
+ * Use a Provides field to provide transitional packages instead of Conflicts.
+ (Closes: #666401)
+ * Have both libavcodec and libavcodec-extra package conflict with each other.
+
+ -- Andres Mejia <amejia@debian.org> Fri, 30 Mar 2012 10:15:50 -0400
+
+libav (5:0.8.1-3) unstable; urgency=low
+
+ * Separate the ffmpeg program into the transitional package.
+ * Change ffmpeg warning so that it's clearer the program is
+ deprecated (LP: #939863)
+
+ -- Andres Mejia <amejia@debian.org> Thu, 29 Mar 2012 13:13:01 -0400
+
+libav (5:0.8.1-2) experimental; urgency=low
+
+ [ Andres Mejia ]
+ * Merge libav-extra packages to libav. (Closes: #658084)
+ * Provide only libavcodec-extra package, the other packages are unnecessary.
+ * Remove libav-source package. No longer necessary.
+ * Remove dependencies and suggests of FAAD, no longer needed.
+ * Set Enhances field and update package description for libavcodec-extra
+ package. (Closes: #653451)
+ * Fix issue with installation of debug symbols. (Closes: #642798)
+
+ [ Fabian Greffrath ]
+ * Mention license impact in libavcodec-extra-53's package description.
+
+ -- Andres Mejia <amejia@debian.org> Wed, 21 Mar 2012 15:52:58 -0400
+
+libav (4:0.8.1-1) unstable; urgency=medium
+
+ [ Reinhard Tartler ]
+ * Bump shlibs (Closes: #662793)
+ * force upgrades of older libavcodec-extra-53 packages
+ * drop all post-0.8 patches, applied upstream
+ * bump standards version, no changes needed
+ * Imported Upstream version 0.8.1
+ * Bumped urgency to medium because of included security fixes:
+ CVE-2012-0848, CVE-2012-0853, CVE-2012-0858, CVE-2011-3929,
+ CVE-2011-3936, CVE-2011-3937, CVE-2011-3940, CVE-2011-3945,
+ CVE-2011-3947, CVE-2011-3951, CVE-2011-3952
+
+ [ Andres Mejia ]
+ * Enable frei0r support.
+ * Enable tls support through gnutls.
+ * Enable libcdio support.
+ * Enable opencv support.
+ * Enable pulse support.
+ * Enable vaapi for all architectures.
+
+ -- Reinhard Tartler <siretart@tauware.de> Mon, 19 Mar 2012 08:39:18 +0100
+
+libav (4:0.8-2) unstable; urgency=low
+
+ [ Reinhard Tartler ]
+ * confflags: use --enable-pic instead of manually messing with cflags
+ * Import post 0.8 patches
+ * Bugfix: expects wrong preset file extension (Closes: #660978)
+ Thanks to Laurento <laurento.frittella@gmail.com> for spotting this.
+
+ [ Alessio Treglia ]
+ * Fix maintainer's name.
+
+ [ Fabian Greffrath ]
+ * Enable hardened build flags through dpkg-buildflags (Closes: #658929).
+ * Fix format string vulnerability detected by -Wformat-security.
+ * Filter out system-wide setting of -Bsymbolic-functions to avoid FTBFS.
+ * Set CPPFLAGS separately.
+
+ -- Reinhard Tartler <siretart@tauware.de> Mon, 05 Mar 2012 19:47:54 +0100
+
+libav (4:0.8-1) unstable; urgency=medium
+
+ [ Fabian Greffrath ]
+ * Remove the last remainders of explicit quilt usage in
+ pre-3.0 source formats.
+ * Urgency bumped to medium because of RC bugs and unfixed security
+ issues in testing.
+ * Imported Upstream version 0.8
+ - Bug fix: "Segfaults when using vaapi", thanks to Andrey Rahmatullin
+ (Closes: #656572). That crash is most likely caused by auto-enabling
+ multi-threading. This behavior got reverted just before this release.
+ * Drop post-0.8b2 patches
+ * Bump shlibs for addition of new audio encoding API
+ * Extend package descriptions to include a note what libav actually is
+ * debian/watch: fix mangling of '_' characters.
+ * drop unused lintian override in debian/control
+ * provide compatibility links for ffserver, ffplay and ffprobe
+ (Closes: #655683)
+
+ -- Reinhard Tartler <siretart@tauware.de> Sun, 22 Jan 2012 21:24:22 +0100
+
+libav (4:0.8~beta2-3) unstable; urgency=low
+
+ [ Fabian Greffrath ]
+ * Fix debian/*.install file generation on archs (e.g. armel) that build
+ more than only one optimized shared library (Closes: #656184).
+
+ [ Reinhard Tartler ]
+ * add additional post-0.8b2 patches
+
+ -- Reinhard Tartler <siretart@tauware.de> Tue, 17 Jan 2012 22:31:32 +0100
+
+libav (4:0.8~beta2-2) unstable; urgency=low
+
+ [ Fabian Greffrath ]
+ * Properly set the library paths for multiarch and shared libs in
+ debian/*.install instead of using brace expansion and asterisks.
+
+ [ Reinhard Tartler ]
+ * Fix upgrade path from earlier versions of the 'ffmpeg' package
+ (Closes: #655917)
+ * Sync post v0.8b2 commits
+ * extend package description to include a note what libav actuall is
+ * place transitional packages in oldlibs/extra section to assist package
+ managers
+ * drop unused lintian override in debian/control
+
+ -- Reinhard Tartler <siretart@tauware.de> Sun, 15 Jan 2012 16:19:41 +0100
+
+libav (4:0.8~beta2-1) unstable; urgency=low
+
+ * New Upstream version 0.8~beta2:
+ - Confirm that this release does not inhibit the following security issues:
+ - DoS in MKV demuxer,
+ - CVE-2011-3893, Closes: #654572
+ - Double free vuln in the Theora decoder,
+ - CVE-2011-3892, Closes: #654571
+ - heap-based buffer overflow in vorbis decoder:
+ - CVE-2011-3895, Closes: #654573
+ - Closes: #654534
+ - Bug fix: "libswscale crashes when upscaling pictures using
+ hyscale_fast2, MMX variant on amd64 with gcc-4.6 and later",
+ thanks to Harald Dunkel (Closes: #647824).
+ - Clarify that libavutil/avutil.h doesn't include mathematics.h any more in
+ APIchanges documentation. Thanks: Jonathan Nieder <jrnieder@gmail.com>,
+ Closes: #654303
+ * Disable configuration mismatch warnings (Closes: #619530)
+ * Rename package libav to libav-tools (Closes: #654984)
+ * Refresh patches
+
+ -- Reinhard Tartler <siretart@tauware.de> Wed, 11 Jan 2012 16:45:28 +0100
+
+libav (4:0.8~beta1-2) experimental; urgency=low
+
+ * fix build failures by dropping unnecessary configure flags
+
+ -- Reinhard Tartler <siretart@tauware.de> Sun, 01 Jan 2012 08:48:06 +0100
+
+libav (4:0.8~beta1-1) experimental; urgency=low
+
+ * New upstream release.
+ - too many changes to list, please refer to upstream's Changelog file
+ for details
+
+ -- Reinhard Tartler <siretart@tauware.de> Fri, 30 Dec 2011 23:45:34 +0100
+
+libav (4:0.7.3-2) unstable; urgency=low
+
+ * forcefully disable v4l on kfreebsd, fixes an FTBFS on kFreeBSD
+
+ -- Reinhard Tartler <siretart@tauware.de> Mon, 26 Dec 2011 10:50:36 +0100
+
+libav (4:0.7.3-1) unstable; urgency=high
+
+ * New upstream version. Includes fixes for:
+ - VP3 decoder (CVE-2011-4352)
+ - svq1 decoder (CVE-2011-4579)
+ - DoS in the VP5/VP6 decoders (CVE-2011-4353)
+ - QDM2 decoder (CVE-2011-4351)
+ - Sierra VMD decoder (CVE-2011-4364)
+ * Bumped urgency.
+ * Enable drawtext filter (Closes: #647132)
+ * Imported Upstream version 0.7.3
+ * Bump shlibs for backported avcodec_open2() API
+
+ -- Reinhard Tartler <siretart@tauware.de> Sun, 25 Dec 2011 22:04:54 +0100
+
+libav (4:0.7.2-1) unstable; urgency=low
+
+ * New upstream release: 0.7.2
+ - Security focused release
+ - Includes Matroska reallocation checks, Closes: #643859
+ * Drop all post 0.7.1 patches, included upstream.
+
+ -- Reinhard Tartler <siretart@tauware.de> Fri, 30 Sep 2011 21:01:25 +0200
+
+libav (4:0.7.1-7) unstable; urgency=medium
+
+ * Add 63 (!) additional post 0.7.1 patches
+ - all scheduled for next upstream point release
+ - Fix missing CAVS boundary checks, Closes: #641478, Fixes: CVE-2011-3362
+ * Medium urgency for fixing a security issue
+ * Drop debian/patches/03-fix-movrel.patch, better patch upstream
+ * prefer libtiff4 over libtiff5 for now
+
+ -- Reinhard Tartler <siretart@tauware.de> Mon, 26 Sep 2011 22:24:47 +0200
+
+libav (4:0.7.1-6) unstable; urgency=low
+
+ * Convert package to include multiarch support.
+
+ -- Andres Mejia <amejia@debian.org> Fri, 23 Sep 2011 22:03:39 -0400
+
+libav (4:0.7.1-5) unstable; urgency=low
+
+ * sync patches with upstream release branch
+ * Fix segmentation fault on ppc32, Closes: #639948
+
+ -- Reinhard Tartler <siretart@tauware.de> Mon, 05 Sep 2011 07:25:06 +0200
+
+libav (4:0.7.1-4) unstable; urgency=low
+
+ * upload to unstable
+
+ -- Reinhard Tartler <siretart@tauware.de> Thu, 01 Sep 2011 22:45:43 +0200
+
+libav (4:0.7.1-3) experimental; urgency=low
+
+ * add post 0.7.1 patches
+ * make MAP_ANONYMOUS available on Linux and the Hurd, Closes: #637516
+ * libpostproc: filter name needs to be double 0 terminated
+ * relax dependencies in the shlibs file to accomodate
+ the new versioning scheme in libav-extra. Fixes LP: #818619
+ * libswscale-dev: fix alternate on libswscale-extra-2, Fixes LP: #829857
+
+ -- Reinhard Tartler <siretart@tauware.de> Thu, 25 Aug 2011 22:45:47 +0200
+
+libav (4:0.7.1-2) experimental; urgency=low
+
+ * Build against libx264. Closes: #418228, #440681
+ * Build against libmp3lame, Closes: #587904
+ * Build against xvidcore to enable xvid encoding
+ * use yasm on every architecture. Should allow building on the Hurd
+
+ -- Reinhard Tartler <siretart@tauware.de> Tue, 26 Jul 2011 21:58:18 +0200
+
+libav (4:0.7.1-1) experimental; urgency=low
+
+ [ Andres Mejia ]
+ * Update to my @debian.org email.
+
+ [ Reinhard Tartler ]
+ * Pass --arch to configure
+ * no longer generate 'snapshot_version'
+ * disable jackd output support on the hurd
+ * Use proper architecture wildcards for Linux-only dependencies,
+ Closes: #634460
+ * Drop "backported patches"
+ * Imported Upstream version 0.7.1
+ * Fix installation of codecs.txt and formats.txt
+
+ -- Reinhard Tartler <siretart@tauware.de> Thu, 21 Jul 2011 12:18:48 +0200
+
+libav (4:0.7-2) experimental; urgency=low
+
+ [ Arnout Engelen ]
+ * libavformat-dev depends on libavutil-dev
+
+ [ Reinhard Tartler ]
+ * Add backported patches for 0.7.1
+
+ -- Reinhard Tartler <siretart@tauware.de> Sat, 16 Jul 2011 14:38:21 +0200
+
+libav (4:0.7-1) experimental; urgency=low
+
+ * New upstream release.
+ * Fixes several potential security issues, Closes: #628448
+ * Much imporved libavfilter, Closes: #594108
+ * Fixes some overlapping memcpys my using memmove instead, Closes: #627818
+ * Bump libswscale SONAME
+ * Bump shlibs
+ * Bump Standards version to 3.9.2
+
+ -- Reinhard Tartler <siretart@tauware.de> Tue, 21 Jun 2011 07:49:59 +0200
+
+libav (4:0.7~rc1-1) experimental; urgency=low
+
+ * New upstream version
+ * Bug fix: "Please add ffmpeg-mt for multithreading support", branch has
+ been finally merged now upstream properly (Closes: #575600).
+ * remove 02-Fix-kfreeBSD-FTBFS.patch, applied upstream
+
+ -- Reinhard Tartler <siretart@tauware.de> Tue, 14 Jun 2011 22:03:36 +0200
+
+libav (4:0.7~beta2-2) experimental; urgency=low
+
+ * refresh patches
+ * rename Tweak-doxygen-config patch
+ * add patch from upstream to fix build failure on kFreeBSD
+ * ignore quilt .pc status directory
+
+ -- Reinhard Tartler <siretart@tauware.de> Sun, 15 May 2011 10:49:54 +0200
+
+libav (4:0.7~beta2-1) experimental; urgency=low
+
+ [ Jonathan Nieder ]
+ * only install doc/APIChanges in *-dev and libav-doc packages
+ * move note on source package lineage to README.Debian
+ * install NEWS.Debian in libavcodec-dev
+ * use dpkg source format 3.0 (quilt)
+ * allow "debian/rules clean" as unprivileged user
+
+ [ Reinhard Tartler ]
+ * New upstream release
+
+ -- Reinhard Tartler <siretart@tauware.de> Fri, 13 May 2011 12:31:33 +0200
+
+libav (4:0.7~b1-2) experimental; urgency=low
+
+ * don't try to install non-existing documentation, fixes FTBFS on powerpc
+ * add NEWS.Debian file
+ * install doc/APIChanges and refer to them in NEWS.Debian (Closes: #623682)
+ * readd deprecated avcodec_thread_init in libavformat
+
+ -- Reinhard Tartler <siretart@tauware.de> Sun, 01 May 2011 18:58:40 +0200
+
+libav (4:0.7~b1-1) experimental; urgency=low
+
+ * New upstream version
+ * bump SONAME and SHLIBS
+ * configure flags --disable-stripping was removed upstream
+ * the MAINTAINERS file was removed upstream
+ * remove patch disable-configuration-warning.patch
+ * drop avfilter confflags, it is enable by default in 0.7
+ * libfaad wrapper has been removed upstream
+ * also update the *contents* of the lintian overrides
+
+ -- Reinhard Tartler <siretart@tauware.de> Tue, 19 Apr 2011 15:04:55 +0200
+
+libav (4:0.6.2-1) unstable; urgency=medium
+
+ [ Reinhard Tartler ]
+ * Imported Upstream version 0.6.2
+ - include security fixes (Closes: #611495)
+ * rename source package to libav
+ * Switch to libav packages
+ * copy in changelog entries from the 0.5 packaging branch (Closes: #616190)
+ * update version numbering
+ * make buildlogs verbose
+ * Introduce 'libav-source', which contains the patched sources of libav
+ * rename source package to libav
+
+ [ Fabian Greffrath ]
+ * Fix cp of doxy documentation fails with "Argument list too long" (Closes: #618679)
+
+ -- Reinhard Tartler <siretart@tauware.de> Sat, 19 Mar 2011 08:13:46 +0100
+
+ffmpeg (4:0.6.1-5) unstable; urgency=low
+
+ * don't enable vaapi support on the hurd, Closes: #613034
+ * minor updates to libswscale0's package description
+ * Force upgrade of mplayer pre-rc4 for upgrades of libswscale,
+ Closes: #612292
+
+ -- Reinhard Tartler <siretart@tauware.de> Sun, 13 Feb 2011 09:25:42 +0100
+
+ffmpeg (4:0.6.1-4) unstable; urgency=low
+
+ * no change rebuild to fix broken last upload.
+
+ -- Reinhard Tartler <siretart@tauware.de> Sun, 06 Feb 2011 09:20:39 +0100
+
+ffmpeg (4:0.6.1-3) unstable; urgency=low
+
+ * add libxfixes-dev to build depends
+ * minor packaging cleanups
+ * revised package description
+ * detect libopenjpeg and dirac at build-time
+ * remove note about packages being "Debian-specific"
+ * simplify lintian-overrides
+ * Sanitize LDFLAGS variable; it seems that dpkg-buildflags injects
+ -Wl,-Bsymbolic-functions to LDFLAGS, which breaks the build on amd64
+
+ -- Reinhard Tartler <siretart@tauware.de> Sun, 30 Jan 2011 09:22:11 +0100
+
+ffmpeg (4:0.6.1-2) experimental; urgency=low
+
+ [ Jonas Smedegaard ]
+ * Relax mplayer Breaks to permit backports and other early releases.
+
+ [ Reinhard Tartler ]
+ * Bump Standards-Version, no changes needed.
+
+ [ Matthias Klose ]
+ * Configure with --enable-pic on powerpc. LP: #654666.
+
+ -- Reinhard Tartler <siretart@tauware.de> Fri, 19 Nov 2010 10:50:51 +0100
+
+ffmpeg (4:0.6.1-1) experimental; urgency=low
+
+ * Imported Upstream version 0.6.1
+ * prepare new upload
+ * remove patches merged upstream
+ * add gitignore file
+
+ -- Reinhard Tartler <siretart@tauware.de> Mon, 01 Nov 2010 09:18:08 +0100
+
+ffmpeg (4:0.6-2) experimental; urgency=low
+
+ [ Fabian Greffrath ]
+ * Enable RTMP[E] support via librtmp.
+ * Disable aac encoder, see README.Debian.
+ * Fix obsolete-relation-form for the internal dependencies.
+ * Merge debian/README.Source into debian/README.source and add section
+ headers.
+ * Remove obsoleted support for the non-free libamr-nb/wb.
+
+ [ Reinhard Tartler ]
+ * enable runtime-cpudetect
+ * conditionally build against opencore-amr if installed in the build
+ environment
+ * update upstream url in debian/copyright
+ * fix usage documentation in debian/get-orig-source.sh
+ * update dep3 headers for debian/patches/900_doxyfile
+ * add proper replaces for moving presets back to ffmpeg
+ * make debian/patches gbp-pq friendly
+ * Add VP80 fourcc to libavformat/riff.c
+ * Backport-AAC-HE-v2
+ * bump Standards-Version, no changes needed
+
+ -- Reinhard Tartler <siretart@tauware.de> Tue, 29 Jun 2010 09:07:56 +0200
+
+ffmpeg (4:0.6-1) experimental; urgency=low
+
+ * new upstream release
+ - adds VP8 support via libvpx, Closes: #582274
+ * depend on libavfilter-extra-1 instead of -0, Closes: #583728
+ * add conflicts to the ffprobe package, it has been merged upstream now
+
+ -- Reinhard Tartler <siretart@tauware.de> Wed, 16 Jun 2010 09:25:28 +0200
+
+ffmpeg (4:0.6~svn20100505-1) experimental; urgency=low
+
+ * update to new upstream. Closes: #569727
+ - fixes various segfaults and other minor feature improvements
+ Closes: #374931, #522449, #501891, #559712, #420231, #369127, #538082,
+ #298095, #294422, #561553, #525385, #495274, #420230
+ LP: #305286, #457106, #529200, #301723, #305315, #336479, #420230,
+ #412063, #428912, #432181, #440591, #453732, #453732, #453732,
+ #514259, #515243, #521472, #530186, #530186, #197842, #483317,
+ #483317, #539407, #280098, #331255, #566107, #569823, #570305,
+ #573190
+ * Fixup lintian overrides for new upstream snapshot
+ * Bump Standards-Version to 3.8.4
+ * Many upstream changes, see upstream Changelog for details
+
+ -- Reinhard Tartler <siretart@tauware.de> Sun, 24 Jan 2010 21:24:56 +0100
+
+ffmpeg (4:0.5.2-6) unstable; urgency=high
+
+ * Fix several security issues in flicvideo.c.
+ Fixes: CVE-2010-3429, Closes: #598590
+ * Raising severity to high because of security issue.
+
+ -- Reinhard Tartler <siretart@tauware.de> Sun, 03 Oct 2010 16:59:39 +0200
+
+ffmpeg (4:0.5.2-5) unstable; urgency=low
+
+ [ Dominic Evans ]
+ * add libxfixes-dev to build-depends to unbreak x11grab input,
+ Closes: #596342, LP: #631103
+
+ [ Reinhard Tartler ]
+ * fix x11grab example in e.g. the manpage so that they actually work
+
+ -- Reinhard Tartler <siretart@tauware.de> Mon, 13 Sep 2010 15:29:49 +0200
+
+ffmpeg (4:0.5.2-4) unstable; urgency=low
+
+ [ Loïc Minier ]
+ * Fix typo: use -march=armv7-a instead of -marmv7-a
+
+ -- Reinhard Tartler <siretart@tauware.de> Tue, 31 Aug 2010 15:31:05 +0200
+
+ffmpeg (4:0.5.2-3) unstable; urgency=low
+
+ [ Reinhard Tartler ]
+ * Move breaks declaration from libavformat to libavcodec to help the
+ apt solver, Closes: #591881
+
+ [ Loïc Minier ]
+ debian/confflags: detect whether the toolchain supports ARMv7 ("dmb")
+ by default as the NEON pass needs at least ARMv6t2; if it's not enabled by
+ default, pass -marmv7-a in extra-cflags for the NEON pass since NEON
+ implies ARMv7; closes: #594417.
+
+ -- Reinhard Tartler <siretart@tauware.de> Fri, 27 Aug 2010 01:24:10 +0200
+
+ffmpeg (4:0.5.2-2) unstable; urgency=low
+
+ * Enable some encoders:
+ - h263, h263p, mpeg2video, mpeg4, msmpeg4v1, msmpeg4v2, msmpeg4v3
+ Closes: #418231, #433287, #440216, #587898, #525349
+ * Bump Standards Version, no changes needed
+
+ -- Reinhard Tartler <siretart@tauware.de> Thu, 05 Aug 2010 11:59:26 -0400
+
+ffmpeg (4:0.5.2-1) unstable; urgency=low
+
+ [ Andres Mejia ]
+ * Fix dependency problem for ffmpeg so it can use extra ffmpeg libs.
+
+ [ Reinhard Tartler ]
+ * move presets back to 'ffmpeg' package. Closes: #581748
+
+ [ Fabian Greffrath ]
+ * Imported Upstream version 0.5.2
+ * Remove ffmpeg-debian_hurd.patch, applied upstream.
+ * Remove fix-ftbfs-altivec.patch, applied upstream.
+
+ -- Reinhard Tartler <siretart@tauware.de> Tue, 25 May 2010 23:01:08 +0200
+
+ffmpeg (4:0.5.1-3) unstable; urgency=low
+
+ * fix ftbfs on powerpc
+
+ -- Reinhard Tartler <siretart@tauware.de> Fri, 12 Mar 2010 21:43:55 +0100
+
+ffmpeg (4:0.5.1-2) unstable; urgency=low
+
+ * reintroduce gnu/hurd patch
+ * Fix compilation on powerpc with --disable-altivec
+
+ -- Reinhard Tartler <siretart@tauware.de> Wed, 10 Mar 2010 21:19:40 +0100
+
+ffmpeg (4:0.5.1-1) unstable; urgency=low
+
+ * new upstream release:
+ - clarifies documentation on metadata, Closes: #570050, LP: #501729
+ - further security backports, Closes: #570713
+ * adapt to new versioning scheme
+ * use '<<' instead of '<' relationship for internal shlib file
+ * merge changes from ubuntu packaging
+ * drop wmapro backport again as discussed with upstream. The unrelated
+ changes seem too risky for a stable release.
+
+ -- Reinhard Tartler <siretart@tauware.de> Wed, 03 Mar 2010 22:28:24 +0100
+
+ffmpeg (4:0.5+svn20090706-6) unstable; urgency=low
+
+ [ Fabian Greffrath ]
+ * debian/patches/901-fix-misc-typos.patch: New patch taken from
+ upstream GIT (slightly modified) to fix some spelling errors.
+ * Document our calling of debhelper programs in an odd order in
+ debian/rules.
+
+ [ Reinhard Tartler ]
+ * document some unattributed patches
+ * enable cpu autodetection in libswscale, Closes: #567725, LP: #386397
+
+ [ Christopher Martin ]
+ * backport wmapro codec from ffmpeg trunk
+
+ -- Reinhard Tartler <siretart@tauware.de> Sun, 31 Jan 2010 16:53:47 +0100
+
+ffmpeg (4:0.5+svn20090706-5) unstable; urgency=medium
+
+ * Upload to unstable
+ * Urgency medium because of fixed RC bugs (security issues)
+
+ -- Reinhard Tartler <siretart@tauware.de> Fri, 22 Jan 2010 16:04:39 +0000
+
+ffmpeg (4:0.5+svn20090706-4) experimental; urgency=low
+
+ [ Loïc Minier ]
+ * Use default toolchain setup on ARM flavors for noopt and only add FPU
+ CFLAGS in the VFP and NEON flavors; this is ok since internally, cpu will
+ be set to "generic" but -march=generic or -mcpu=generic will NOT be added
+ to the build flags.
+ * Build all armel flavours with -marm since ffmpeg has a lot of hand crafted
+ assembly which doesn't build in the new lucid default mode (Thumb 2);
+ LP: #488267
+ * Build all armel flavours with -fPIC -DPIC instead of just the neon flavour
+ as the new flags/toolchain require this in Ubuntu lucid.
+ * Build some assembly test code -- just like configure -- to decide whether
+ the *default* toolchain uses vfp or neon to decided whether to build the
+ vfp and neon flavors.
+ * Drop --disable/--enable opt flags such as --disable-neon or
+ --enable-armvfp on ARM since the upstream configure script will do the
+ right thing when the proper flags are set.
+
+ [ Reinhard Tartler ]
+ * build with PIC on powerpc (Closes: #561956)
+
+ -- Reinhard Tartler <siretart@tauware.de> Fri, 15 Jan 2010 21:46:49 +0100
+
+ffmpeg (4:0.5+svn20090706-3) experimental; urgency=low
+
+ [ Loïc Minier ]
+ * Disable more autodetecter ARM arch features
+ * Enable neon flavour
+ * Update NEON confflags to assume v7 and VFP
+ * Add backported NEON patches from ffmpeg trunk
+ * Pass proper --cpu and --extra-flags on armel
+ * Pass -fPIC -DPIC to neon pass
+
+ [ Fabian Greffrath ]
+ * Initialize the FLAVORS variable to static instead of appending to
+ it. Also, we do not support the internalencoders variable anymore.
+
+ [ Andres Mejia ]
+ * Remove unused patches from packaging.
+ * Update Vcs-* entries to new location.
+ * Bump Standards-Version to 3.8.3.
+
+ [ Reinhard Tartler ]
+ * change shlibs file to make applications depend on the -extra- packages
+ * loosen dependencies further, so that the -dev packages remain
+ installable even if ffmpeg-extra is 'out-of-date'
+ * add patch for issue1245: Make arguments of av_set_pts_info() unsigned.
+ * Support constant-quant encoding for libtheora, LP: #356322
+ * increase swscale compile time width (VOF/VOFW), LP: #443264
+ * Backports of various security patches, Closes: #550442, including:
+ - backport fixes for vorbis_dec
+ - backport oggparsevorbis fix
+ - backport vp3 fixes
+ - backport ffv1 fix
+ - libavcodec/mpegaudiodec.c backports
+ - h264 security backports
+ - backported libavformat/mov.c security fixes
+ - backported libavformat/oggdec.c security fixes
+ - backport svn r18016 aka 'MOV-Support-stz2-Compact-Sample-Size-Box'
+ to fix FTBFS
+ * enable symbol versioning
+ * bump shlibs version
+ * add README.source describing how this source package manages patches
+ * make sure the ${misc:Depends} substvar is used for each binary package
+
+ -- Reinhard Tartler <siretart@tauware.de> Wed, 06 Jan 2010 16:27:40 +0100
+
+ffmpeg (4:0.5+svn20090706-2) unstable; urgency=low
+
+ [ Fabian Greffrath ]
+ * Enable support for libdirac, now that it has entered Debian.
+
+ [ Andres Mejia ]
+ * Fix ordering of FLAVORS that are installed. (Closes: #543595)
+
+ [ Reinhard Tartler ]
+ * prepare new upload
+ * simply debian/confflags by removing the case of renaming the source
+ package
+
+ -- Reinhard Tartler <siretart@tauware.de> Wed, 26 Aug 2009 09:12:49 +0200
+
+ffmpeg (4:0.5+svn20090706-1) unstable; urgency=low
+
+ * preparing new upstream version, 0.5 release branch, rev 19352
+ - this version is capable of compiling swscale in LGPL mode
+ * rename source package back
+ - The replacement package with the 'missing bits' will be called
+ 'ffmpeg-extra'
+ - simplify README.upstream-upgrade
+ - rename the source package from 'ffmpeg-debian' -> 'ffmpeg'
+ * fix aac playback regression, thanks to Matthew Wakeling for reporting
+ (Closes: #540729)
+ * fix seeking in DIF (DV) movies
+ Thanks to Dan Dennedy for identifying the patch! (Closes: #540424)
+ * debian/rules:
+ - merge cond_enable_nf macro from master.extra branch
+ - don't disable ffserver in various optimized variants
+ - don't disable building of statically linked helper binaries
+ - simply by removing the case of renaming the source package
+ - change the shlibs file: s/-unstripped-/-extra-/
+
+ -- Reinhard Tartler <siretart@tauware.de> Thu, 13 Aug 2009 12:48:27 +0200
+
+ffmpeg-debian (4:0.5+svn20090609-2) unstable; urgency=low
+
+ [ Fabian Greffrath ]
+ * Remove .install files for unstripped packages that we do not build
+ from this branch anyway.
+ * Remove debian/fixup-config.sh which was only a hack needed to repair
+ the crippled config.h
+ * Finally remove strip.sh.
+
+ [ Andres Mejia ]
+ * Add vdpau support by including vdpau headers in deb packaging.
+ (Closes: #511544)
+ * Don't disable encoders if internalencoders is set in
+ DEB_BUILD_OPTIONS.
+ * Enable yasm for i386 and amd64.
+
+ [ Reinhard Tartler ]
+ * clarifications suggested by upstream in README.Source
+ * refresh patches
+
+ [ Fabian Greffrath ]
+ * Document the copyright notice and license for the VDPAU headers in
+ debian/copyright.
+ * Remove parallel make support from debian/confflags, it's overridden
+ in debian/rules anyway.
+ * Quote opts in debian/watch.
+ * Bump debhelper compat to 7.
+ * Clean up clean target in debian/rules in favour of debian/clean.
+ * Replace "dh_clean -k" by dh_prep.
+
+ [ Reinhard Tartler ]
+ * remove duplicated libxvmc-dev build dependency
+ * sort build dependencies alphabetically
+ * remove section numbering from README.Debian
+ * add note about the lintian override
+
+ -- Reinhard Tartler <siretart@tauware.de> Thu, 13 Aug 2009 12:46:46 +0200
+
+ffmpeg-debian (4:0.5+svn20090609-1) unstable; urgency=low
+
+ [ Andres Mejia ]
+ * Add myself to Uploaders list.
+ * Reorder when dh_strip is done so qt-faststart is also
+ stripped.
+ * Update to control files.
+ * Add new confflags for new build dependencies.
+ * Use <package>.docs files to add ffmpeg and ffmpeg-doc documentation.
+ * Use <package>.docs files for installing documentation.
+ * Add comment to 900_doxyfile patch.
+ * Add man page for qt-faststart.
+ * Bump version in changelog to prepare new release
+ * Fix FTBFS for ffmpeg source package with -dev packages (Closes: #527761)
+ * Use dh_lintian to install lintian overrides
+ * Update comment on fpic-* patches
+ * Build-Depend on debhelper (>= 6.0.7~) for dh_lintian.
+ * Add lintian overrides for remaining fpic lintian errors.
+ * Shorten comment on lintian-overrides.
+ * Allow passing in extra confflags, removes the need for fix-fpic
+ DEB_BUILD_OPTIONS.
+ * Fix FTBFS on kfreebsd. (Closes: #528591)
+ * Include patches to allow us to use opencore-amr libraries.
+
+ [ Reinhard Tartler ]
+ * remove debian/control.* mechanism
+ * improve patch description for debian/patches/100_kfreebsd
+
+ [ Andres Mejia ]
+ * Add lintian overrides for ffmpeg-debian source warnings.
+ * Only use .svnrevision if it's readable.
+ * Update source lintian-overrides for modifications to debian/rules.
+ * Add fix for FTBFS for GNU Hurd OS. Thanks Marc Dequènes.
+ (Closes: #530436)
+
+ [ Felipe Sateler ]
+ * Don't add -unstripped to the unstripped variant version number
+ in debian/README.upstream-upgrade.
+ * In the same file, pass explicit version to git-import-orig
+
+ [ Fabian Greffrath ]
+ * Cleaned up debian/watch file.
+ * Add notes why we no longer strip the orig.tar.gz.
+
+ [ Andres Mejia ]
+ * Fix watch file to ignore daily snapshots.
+ * Make get-orig-source.sh executable.
+
+ [ Reinhard Tartler ]
+ * add patch for qtrle encoding (Closes: #530016)
+ * Enable xvmc support by adding libxvmc-dev to build dependencies
+ * really add libopenjpeg-dev to build depends, actually enabling
+ the openjpeg decoder.
+ * reorganise README.Debian for the new plan [tm]
+ * no longer strip the source on upstream upgrades
+ * Imported Upstream version 0.5+svn20090609
+ * adjust notes in README.upstream-upgrade for the now unstripped
+ debian source package
+ * remove hack to build with stripped sources
+ * bump standards version, no changes needed
+
+ -- Reinhard Tartler <siretart@tauware.de> Sun, 05 Jul 2009 22:52:43 +0200
+
+ffmpeg-debian (4:0.5+svn20090420-2) unstable; urgency=low
+
+ * debian/control: fix dependencies for libavutil-dev and libavfilter-dev
+ so that they can be used with the unstripped variants properly.
+ * debian/rules: set nooptflags only for relevant architectures.
+ * explicitly disable 'dangerous' encoders on the --configure line.
+ * fix SHLIBS_VERSION in debian/rules (Closes: #527350).
+
+ -- Reinhard Tartler <siretart@tauware.de> Mon, 04 May 2009 07:41:19 +0200
+
+ffmpeg-debian (4:0.5+svn20090420-1) unstable; urgency=low
+
+ [ Fabian Greffrath ]
+ * Merge the contents of patents.txt into README.Debian and change some
+ paragraphs to (hopefully) add some more clarity on the removed encoders
+ and the package naming scheme. Based on suggestions by Xavier Douville
+ <debian@douville.org>, thank you very much for the review. (Closes: #519025)
+ * Reorder some confflags to account for GPL licensed libraries.
+ * Remove patents.txt
+ * Explicitely mention that no decoders are disabled in our packages.
+
+ [ Loïc Minier ]
+ * Disable more autodetecter ARM arch features
+ * Add neon and vfp flavors to armel disabled for now
+ * vfp CFLAGS: add "-mfpu=vfp -mfloat-abi=softfp"
+
+ [ Reinhard Tartler ]
+ * New Upstream Version (svn revision 18630)
+ * bump epoch as 0.5 was released. Future version will use '+' to indicate
+ that the package is based on a release branch and '~' to indicate that
+ the package is based on the 'trunk' branch.
+ * update from the upstream release branch to generate a new upstream
+ tarball.
+ * add a git-buildpackage config file at debian/gbp.conf
+ * beautify identification string
+ * debian/rules: bump epoch to '4'
+ * update section names in control file
+ * update upstream svn server url
+ * fixup get-orig-source rules in debian/rules
+ * create right filenames for the orig.tar.gz files
+ * update README.upstream-upgrate for new versioning scheme
+ * remove debian/005_release_branch_changes.diff
+ * remove reference to 020_visibility_patch
+ * install the upstream license file and release notes
+ * allow -dev packages be installed with the unstripped variants
+ Closes: #526007, LP: #312898
+ * be more careful with svn:externals in debian/get-orig-source.sh.
+ (Closes: #525348)
+
+ -- Reinhard Tartler <siretart@tauware.de> Sat, 02 May 2009 09:09:54 +0200
+
+ffmpeg-debian (3:0.svn20090303-1) unstable; urgency=low
+
+ * New Upstream Version (svn revision 17737 libswscale revision 28799)
+ - Electronic Arts TQI decoder
+ - OpenJPEG based JPEG 2000 decoder
+ - NC (NC4600) camera file demuxer
+ - Gopher client support
+ - MXF D-10 muxer
+ - generic metadata API
+ * debian/get-orig-source.sh: Track the version 0.5 release branch. The
+ version number does not really reflect this, but this package is
+ actually very close to the 0.5 release branch.
+ * various cleanups to improve get-orig-source.sh
+ * Remove liba52 from the suggests field in debian/control.ffmpeg, as
+ ffmpeg does no longer use it since upload 0.svn20080206-10.
+ * Fix the Vcs-Git urls to the correct locations.
+ * The libavformat52 now links against libavcodec52, which breaks
+ applications that *ALSO* link against libavcodec51. Adding a
+ Breaks: libavcodec51 should prevent this and (hopefully) Closes: #516885.
+ * improve parallel builds on SMP/multicores by supporting the parallel
+ flag in DEB_BUILD_OPTIONS, and default to the number of available CPUs
+ on i386 and amd64.
+ * Drop unapplied patches from debian/patches.
+ * bump shlibs version.
+
+ -- Reinhard Tartler <siretart@tauware.de> Tue, 03 Mar 2009 21:01:25 +0100
+
+ffmpeg-debian (3:0.svn20090204-3) unstable; urgency=low
+
+ [ Fabian Greffrath ]
+ * remove libasound2-dev from build-depends on non-Linux archs
+
+ [ Reinhard Tartler ]
+ * fix postinst generation by calling dh_installdeb after dh_makeshlibs
+ * upload to unstable
+
+ -- Reinhard Tartler <siretart@tauware.de> Sun, 22 Feb 2009 09:32:49 +0100
+
+ffmpeg-debian (3:0.svn20090204-2) experimental; urgency=low
+
+ * add libxvmc-dev to build-depends in the 'ffmpeg' variant
+ * add libasound2-dev to build-depends. This means that ffplay is now able to
+ actually play using alsa directly instead only via libsdl
+ * add epochs for the "internal" shlibs dependencies
+
+ -- Reinhard Tartler <siretart@tauware.de> Thu, 05 Feb 2009 20:30:05 +0100
+
+ffmpeg-debian (3:0.svn20090204-1) experimental; urgency=low
+
+ [ Reinhard Tartler ]
+ * New Upstream Version (svn revision 16978 libswscale revision 28461)
+
+ Upstream Changes:
+ - R3D REDCODE demuxer
+ - ALSA support for playback and record
+
+ * strighten internal dependencies by using a shlibs.local file
+ Closes: #512844, #512466
+ * New upstream version reintroduces a compatibility symbol ff_gcd
+ Closes: #512946
+ * Bump shlibs because of changes of the Metadata API in libavformat.
+ Actually no other package should use them yet, but let's better play safe
+ here...
+ * no longer install dsputil.h. It exposes lots of function that are private
+ to ffmpeg and may change on any new upstream revision. Please get in touch
+ with the ffmpeg maintainers if you maintain packages that rely on that
+ ffmpeg internal headers like this.
+ * simplify debian/confflags by doing autodetection of headers:
+ - xvid.h
+ - lame/lame.h
+ - faac.h
+ - x264.h
+ - vdpau/vdpau.h
+ Also remove the setting externalcodecs from DEB_BUILD_OPTIONS. The codecs
+ will be enabled as soon as the headers are installed on the filesystem,
+ so there is no need in enabling that separately.
+ * install ffpresets in /usr/share/ffmpeg/. Currently only presets for
+ x264 are avaiable, so a libx264 enabled libavcodec (like
+ libavcodec-unstripped-52) is needed to actually use them.
+
+ [ Fabian Greffrath ]
+ * Enabled Speex decoding via libspeex.
+ * Use an alternative approach to achieve strict internal dependencies
+ by calling dh_makeshlibs twice in debian/rules instead of a
+ debian/shlibs.local file.
+
+ -- Reinhard Tartler <siretart@tauware.de> Sun, 01 Feb 2009 19:54:27 +0100
+
+ffmpeg-debian (3:0.svn20090119-1) experimental; urgency=low
+
+ * New Upstream Version (svn revision 16681 libswscale revision 28341)
+ * update Vcs-Git tags. Packaging has now moved to git
+ * updates to packaging that faciliate building the unstripped and ubuntu
+ variants of this package
+ * enable xvmc support
+
+ Upstream Changes:
+ - SVQ3 watermark decoding support
+ - hybrid WavPack support
+
+ -- Reinhard Tartler <siretart@tauware.de> Tue, 20 Jan 2009 00:55:26 +0100
+
+ffmpeg-debian (3:0.svn20090110-1) experimental; urgency=low
+
+ * new upstream svn snapshot (svn revision 16508, libswscale revision 28286)
+
+ Upstream Changes:
+ - RV30 and RV40 decoder
+ - QCELP / PureVoice decoder
+
+ * removed patch 050_fix_pkgconfig_files.patch. Merged upstream
+ * disabled patch 020_visibility_patch. It needs to be adapted to the new
+ upstream changes. Hopefully it will get merged into ffmpeg properly.
+ * install formats.txt in the libavcodec52 package to document what
+ formats this version of ffmpeg has enabled.
+
+ -- Reinhard Tartler <siretart@tauware.de> Sun, 11 Jan 2009 20:55:48 +0100
+
+ffmpeg-debian (3:0.svn20081115-1) experimental; urgency=low
+
+ * new upstream svn snapshot (svn revision 15824, libswscale revision 27910)
+ * bump standards version to version 3.8.0, no changes needed
+ * Adjust pkg-files to no longer put unnecessary dependencies in the generated
+ .pc files. Closes: #504220
+
+ -- Reinhard Tartler <siretart@tauware.de> Mon, 10 Nov 2008 21:37:16 +0100
+
+ffmpeg-debian (3:0.svn20081108-1) experimental; urgency=low
+
+ * upstream svn snapshot (svn revision 15786, libswscale revision 27900).
+ * apply visibility patch from ffmpeg-devel mailing list. This reduces the
+ number of symbols that are exposed to other applications. Please file
+ bugs if applications fail to link against ffmpeg because of that.
+ * remove 001_fixup_version.diff patch and use upstream --extra-version
+ configure flag instead.
+ * now really remove 015_img_convert.patch from source package.
+
+ -- Reinhard Tartler <siretart@tauware.de> Sat, 08 Nov 2008 16:38:23 +0100
+
+ffmpeg-debian (3:0.svn20080925-1) experimental; urgency=low
+
+ [ Loic Minier ]
+ * Tweak sed versions regexps to deal with epochs and upstream revisions with
+ dashes and be generally stricter.
+ * Large cleanup to rules logic: drop some cruft, rewrite some small chunks
+ in a slightly more readable manner, whitespaces, .PHONY fixes,
+ internalencoders handling, shlibs logic...
+ * Rename SRC_VERSION to UPSTREAM_VERSION in rules.
+ * Use DEB_SOURCE from the Source: field of dpkg-parsechangelog's output
+ instead of hardcoding the name of the source.
+
+ [ Reinhard Tartler ]
+ * new svn snapshot (svn revision 15404, libswscale revision 27636).
+ * SONAME change: libavcodec51 -> libavcodec52
+ * drop old scaler (imgres/imgconvert). Upstream is about to remove it
+ completely.
+ - reporter claims that a newer snapshot fixes a crash in the dca decoder.
+ Thanks to "Alexander E. Patrakov" <patrakov@gmail.com> (Closes: #496612)
+ * reenable h261 encoder (Closes: #459073)
+
+ [ Fabian Greffrath ]
+ * debian/{ffmpeg,lib*-dev}.install:
+ + Simplified, e.g. install the whole /usr/include/ sub-directory for each
+ particular library instead of single header files one by one.
+ * debian/control, debian/confflags:
+ + Enabled Dirac support via libschroedinger. (Closes: #499785)
+ * debian/changelog:
+ + Added an epoch needed for Ubuntu.
+ * debian/control:
+ + Removed Conflicts and Replaces against packages that either aren't even
+ in Debian 4.0 "Etch" anymore or that use the deprecated naming scheme
+ from <http://www.debian-multimedia.org>.
+ + Since ffmpeg-config has been removed from our packages, all inter-package
+ Conflicts and Replaces may be removed, too.
+ + Removed Build-Conflicts against libdc1394-13-dev, because
+ libdc1394-22-dev already does this for us.
+ + Updated inter-package dependencies and demoted Depends on external
+ library packages to Suggests, since we shouldn't encourage package
+ maintainers to link statically against libav*.
+ * debian/confflags, debian/control, debian/rules, debian/libavfilter*:
+ + Built libavfilter and disabled vhook in turn (Closes: #499787).
+
+ [ Loic Minier ]
+ * Remove debug echo which broke shlibs, sorry.
+ * Fix Vcs-* control fields; thanks Gerfried Fuchs.
+ * Mention upstream SVN in debian/copyright; thanks Gerfried Fuchs;
+ closes: #499914.
+
+ -- Reinhard Tartler <siretart@tauware.de> Sat, 06 Sep 2008 20:07:01 +0200
+
+ffmpeg-debian (0.svn20080206-12) unstable; urgency=low
+
+ * enable vhook in all flavors. (Closes: #490272, LP: #260296)
+ * make ffmpeg output a proper version number. (Closes: #496133, #483923)
+
+ -- Reinhard Tartler <siretart@tauware.de> Sat, 23 Aug 2008 10:49:10 +0200
+
+ffmpeg-debian (0.svn20080206-11) unstable; urgency=low
+
+ [ Reinhard Tartler ]
+ * new patch: patches/010_fix_ftbfs_hppa.diff: On hppa shared objects
+ do required object files to be build "-fPIC -DPIC". Patch taken
+ from upstream svn.
+ * bugfix: libraries linked with libX11 on GNU/kFreeBSD. Thanks to
+ Aurelien Jarno for the patch. (Closes: #487252)
+
+ [ Fabian Greffrath ]
+ * debian/confflags, debian/control:
+ + Build-Depend on libdc1394-22-dev explicitely and add
+ Build-Conflicts on libdc1394-13-dev (Closes: #490319).
+
+ -- Reinhard Tartler <siretart@tauware.de> Wed, 16 Jul 2008 10:41:49 +0200
+
+ffmpeg-debian (0.svn20080206-10) unstable; urgency=high
+
+ * enable mmx and sse3 in builds. These CPU features are autodetected
+ at runtime on amd64 and i386 using the 'cpuid' instrcution.
+ (Closes: #489732)
+ * disable support for liba52-dev. ffmpeg has its own implementation.
+ * don't add -fPIC -DPIC forcefully to ./configure. upstream claim that
+ the configure script gets this right on all architectures itself.
+ * Add patch 020_bug489965_bufferoverflow_str_demuxer.diff. Fixes a
+ buffer overflow in the STR demuxer. Thanks to Moritz Muehlenhoff for
+ reporting the issue. (Closes: #489965)
+ * Raising severity to high because of security issue.
+ * rework the shlibs file. Make applications linking against libraries
+ produced by this source package generate an alternate dependency on
+ the 'unstripped' variants of this package. They actually do not exist
+ yet at this point, but this way reverse dependencies are enabled to
+ use them when they eventually appear.
+
+ -- Reinhard Tartler <siretart@tauware.de> Wed, 09 Jul 2008 14:04:06 +0200
+
+ffmpeg-debian (0.svn20080206-9) unstable; urgency=low
+
+ [ Reinhard Tartler ]
+ * cleanup 010_proper_rpath.diff: remove spurious linker search paths.
+ * debian/strip.sh: no need to remove the glue code for x264 and xvid.
+ However, since that code is not built in debian anyway, the orig.tar.gz
+ was not rebuilt with this change.
+ * provide mmx-enabled shared objects on amd64. AFAIK all amd64 machines
+ do support MMX.
+ * Provide optimized versions of the libraries along the unoptimized
+ ones. They are installed in machines and architecture specific
+ directories. Optimized for further target will be added per request,
+ please file bugs to request them.
+ * rename the source package (again), this time on upstream's request.
+ The former name was considered insulting by upstream, because it
+ somewhat indicated the original source was somehow 'non-free', which is
+ not the case. The new name now represents that we modified the package
+ so that it becomes acceptable for debian.
+ * Cleanups in debian/rules file.
+ * Add verbose explanations about the renaming in README.Debian.
+
+ [ Fabian Greffrath ]
+ * debian/control:
+ + Added Conflicts and Replaces against obsolete library packages from
+ <http://debian-multimedia.org/> wearing the 'cvs' suffix in their names
+ (Closes: #484585, #484586, #484587, #484776, #484778).
+ + Added doxygen to Build-Depends.
+ + Introduced new package 'ffmpeg-doc' that contains html doxygen
+ documentation of the ffmpeg API (Closes: #438369).
+ + Changed Build-Depends from libdc1394-13-dev to libdc1394-22-dev,
+ which is supported upstream since r11501.
+ * debian/ffmpeg-doc.install:
+ + Added.
+ * debian/rules:
+ + Build and install html doxygen documentation.
+ + Avoid dependency of build-stamp rule on phony targets.
+ * debian/libavutil-dev.install, debian/rules,
+ debian/patches/010_ffmpeg-config.diff:
+ + Removed ffmpeg-config, use pkg-config instead (maintainers of affected
+ packages have been informed, see #487917 to #487922).
+
+ [ Darren Salt ]
+ * Added patch 900_doxyfile: tell doxyfile to ignore debian* directories.
+ * debian/rules:
+ - Reworked building so that separate source & build directories are
+ used. This makes cleanup simpler and speeds up maintenance by avoiding
+ complete rebuilds when using "debuild binary".
+ - Removed some file installation 'cp' commands, made unnecessary due to
+ the build reworking.
+ - Unpatching is now done *after* cleaning.
+
+ -- Reinhard Tartler <siretart@tauware.de> Mon, 30 Jun 2008 15:27:50 +0200
+
+ffmpeg-free (0.svn20080206-8) unstable; urgency=low
+
+ [ Fabian Greffrath ]
+
+ * debian/control:
+ + Added Conflicts and Replaces on libavutil-dev (<< 0.svn20080206-7)
+ to libavcodec-dev (Closes: #483548).
+
+ [ Reinhard Tartler ]
+
+ * remove patches from the debian package as disussed with upstream:
+ - 005_runtime_cpudetect.diff: it is supposed to fix runtime cpu detection
+ on i386. The code (and the define) has undergone large refactoring wrt.
+ the define RUNTIME_CPUDETECT. It is very likely to have undisired
+ side-effects with this version of ffmpeg. It therefore seem more safe
+ to me to actually remove this patch for now, and reinvestigate the
+ problems that occur, if they do. (Related to: #482717)
+ - 005_m68k_workaround.diff: works around bugs in gcc for m68k.
+ - 006_mips_pthreads.diff: was an workaround for (now fixed) #428741.
+ - 020_fix_sws_scale_crash: patch has been rejected upstream:
+ http://lists.mplayerhq.hu/pipermail/ffmpeg-devel/2008-May/047846.html
+ - 054_h264_mmx_chroma_mc_crash.diff. According to upstream, this has
+ been fixed in a different way and is not reproducible. Verified that
+ the file referenced in bug #404176 does not crash anymore even
+ without this patch.
+ * new patch: 015_reenable-img_convert.diff. Unlike previous version of this
+ patch, this uses a more lightweight approach. With building imgresample, a
+ few symbol clashes occur with libswscale. We therefore strip off symbols
+ that are already provided by libswscale. (Closes: #483960).
+ * remove 011_link_plugins.diff. It is completely unnecessary now.
+ * refactor quilt usage: use /usr/share/quilt/quilt.make.
+ * support building in paralell. make snippet taken from the qemu package.
+ * cleanups in debian/rules.
+ * Move ffmpeg-config back to libavutil. This way we can avoid a circular
+ dependency between libavutil-dev and libavcodec-dev. (Closes: #484132).
+ libavcodec uses libavutil internally, so this dependency cannot be avoided.
+ * disable altivec, at least for now. (Closes: #482717)
+ * always compile with --disable-strip. We strip the binaries afterwards using
+ dh_strip anyways.
+ * Remove depdency substitutions ${shlibs:Depends} and ${misc:Depends} from the
+ -dev packages.
+
+ -- Reinhard Tartler <siretart@tauware.de> Wed, 04 Jun 2008 00:04:08 +0200
+
+ffmpeg-free (0.svn20080206-7) unstable; urgency=low
+
+ * debian/control:
+ + Removed unnecessary Conflicts and Replaces from libswscale0
+ (Closes: #481908), thanks Guillem Jover.
+ + Made libavutil-dev depend on libavcodec-dev.
+ * debian/libavcodec.install, debian/libavutil.install:
+ + Moved ffmpeg-config (script and manpage) from libavutil-dev to
+ libavcodec-dev (really Closes: #482213, #482214).
+
+ -- Fabian Greffrath <fabian@debian-unofficial.org> Tue, 28 May 2008 16:02:03 +0200
+
+ffmpeg-free (0.svn20080206-6) unstable; urgency=low
+
+ * Bug fix: "libavg: FTBFS: ld: cannot find -ldts", thanks to Lucas
+ Nussbaum (Closes: #482213, 482214). Fixed by removing -ldts from
+ ffmpeg-config.
+
+ -- Reinhard Tartler <siretart@tauware.de> Tue, 27 May 2008 12:45:10 +0200
+
+ffmpeg-free (0.svn20080206-5) unstable; urgency=low
+
+ [ Fabian Greffrath ]
+ * debian/control:
+ + Fixed dependency typo, libswscale0 conflicts with libswsacle1d but not
+ libswscale1d (Closes: #481908).
+
+ [ Reinhard Tartler ]
+ * disable 015_build_imgresample.diff. Please port all applications
+ needing the symbols sws_{scale,getContext},
+ sws_{getCachedContext,freeContext} to use libswscale instead.
+ * downgrade debhelper depencency to level 5. We don't use any of the
+ level 6 features, and level 5 faciliates backporting to earlier
+ releases massively.
+ * remove unapplied patches from source to reduce the size of the
+ .diff.gz. The old patches can be retrieved from branches in our svn.
+
+ -- Reinhard Tartler <siretart@tauware.de> Thu, 22 May 2008 09:26:06 +0200
+
+ffmpeg-free (0.svn20080206-4) unstable; urgency=low
+
+ * debian/rules:
+ + Moved confflags, that result in GPL versions of the libraries, into a
+ dedicated variable gpl_confflags. Add this to the common confflags.
+ + Moved --prefix=/usr to the common confflags.
+ + Added some comments and whitespace (nothing special).
+ + Renamed the "risky" keyword to "internalencoders". Set this in
+ DEB_BUILD_OPTIONS in order to create and build from an unstripped tarball
+ in the get-orig-source and build rules (Closes: #478010).
+ + Introduced the "externalcodecs" keyword. Set this in DEB_BUILD_OPTIONS to
+ enable support for additional codecs via external libraries.
+ + Commented out the amr?b codecs among the external codecs, because the
+ resulting packages will be unredistributable.
+
+ -- Fabian Greffrath <fabian@debian-unofficial.org> Tue, 29 Apr 2008 09:07:11 +0100
+
+ffmpeg-free (0.svn20080206-3) experimental; urgency=low
+
+ * install qt-faststart. Thanks Stefan Hermann for the patch from ubuntu.
+ (Closes: #470484)
+ * Reenable 020_fix_libswscale_pic_code, fixes FTBFS on amd64.
+ * Reenable altivec, fixes FTBFS on powerpc.
+ * Add some notes about the removed mpeg encoders (Closes: #440702)
+
+ -- Reinhard Tartler <siretart@tauware.de> Fri, 18 Apr 2008 23:02:24 +0200
+
+ffmpeg-free (0.svn20080206-2) experimental; urgency=low
+
+ [ Reinhard Tartler ]
+ * patches/020_fix_sws_scale_crash: if sws_scale is given an invalid context
+ (e.g. a null pointer), the function will crash because of a null pointer
+ dereference. Add a check for that here.
+ * add Conflicts/Replaces for libswscale1d.
+ * Due to the fact that we no longer build the shared version of ffmpeg with
+ mmx optimisations, the following patches have been dropped:
+ - 020_mmx_optims.diff
+ - 020_mmx_pic_code.diff
+ - 020_disable_snow_mmx_in_pic.diff
+ - 020_fix_libswscale_pic_code
+
+ [ Fabian Greffrath ]
+ * debian/control:
+ + Added libx11-dev and libxext-dev to Build-Depends.
+ * debian/rules:
+ + Build with --enable-x11grab (Closes: #441983).
+ + Build ffmpeg and shared libraries with --extra-cflags="-fPIC -DPIC"
+ (feeling confident that this closes: #472613) and "drop the surgery
+ regarding Makefile.pic and config.mak.pic".
+ + In this context, cleaned up build rule: Run '$(MAKE)' and '$(MAKE) clean'
+ from the top source directory instead of diving into the library
+ directories; force move during backup and recovery of the static
+ libraries; let the build rule itself depend on config-extra-includes.h
+ (instead of build-stamp) to avoid being run again from the binary rule;
+ some more minor changes of cosmetic type.
+ + Renamed config-extra-includes rule to config-extra-includes.h to
+ reflect the file name of the created file (also changed to override it
+ instead of appending) and to avoid the rule to be run twice.
+ + Disabled all architecture-specific optimizations for the time being.
+
+ -- Fabian Greffrath <fabian@debian-unofficial.org> Fri, 1 Apr 2008 17:22:00 +0100
+
+ffmpeg-free (0.svn20080206-1) experimental; urgency=low
+
+ [ Reinhard Tartler ]
+ * new upstream release (Closes: #471136)
+ * refreshed patches
+ * libogg was dropped upstream
+ * no longer install integer.h, as it is not part of the public API (see
+ upstream r11642).
+ * no longer install rtp.h, as it is not part of the public API (see
+ upstream r11505).
+ * install crc.h and sha1.h to libavutil-dev, since it is part of the
+ public API now.
+ * introduce new package: libavdevice52 and libavdevice-dev.
+ * Implemented debian/get-orig-source.sh and adjusted the get-orig-source
+ target in debian/rules to use that.
+ * fix invocation of the testsuite.
+ * bump standards version to 3.7.3 (no changes needed).
+ * add script recordshow.sh (Closes: 461434). Thanks to
+ Daniel Dickinson <cshore@wightman.ca>
+ * Introdcue binary package ffmpeg-dbg, which contains debugging symbols
+ of the shared library packages.
+
+ [ Fabian Greffrath ]
+ * debian/changelog:
+ + Source is exported from SVN, not CVS. Reflect this in the versioning
+ scheme (Closes: #468319).
+ * debian/control:
+ + Changed Build-Depends to liba52-0.7.4-dev | liba52-dev.
+ + Improved descriptions and dependencies for libavdevice packages.
+ * debian/control, debian/compat:
+ + Bumped debhelper Build-Depends to (>= 6.0.0).
+ * debian/control, debian/*.install:
+ + Adopted shared library package names to upstream SONAMEs.
+ * debian/README.Debian:
+ + Updated, since AAC decoding (through FAAD) is now enabled.
+ + Updated URL for unofficial ffmpeg packages.
+ * debian/rules:
+ + Reordered confflags to optionally build LGPL versions of the libraries.
+ + Removed trailing whitespace.
+ + Removed unused strip rule.
+ + Added libxvidcore4-dev to weak-build-deps and fixed confflags
+ in DEB_BUILD_OPTIONS=risky accordingly.
+ + Added a get-orig-source rule to reproduce the source tarball. Produce an
+ unstripped tarball if DEB_BUILD_OPTIONS=risky.
+ + Do not run debian/fixup-config.sh if DEB_BUILD_OPTIONS=risky.
+ * debian/patches/011_link_plugins.diff:
+ + Updated to link all plugins against libavutil since they all use symbols
+ from this library. Resolves "symbols found in none of the libraries"
+ warnings from dpkg-shlibdeps.
+
+ -- Reinhard Tartler <siretart@tauware.de> Thu, 20 Mar 2008 17:57:21 +0100
+
+ffmpeg-free (0.cvs20071007-4) experimental; urgency=low
+
+ [ Fabian Greffrath ]
+ * debian/control:
+ + Wrapped Uploaders, Build-Depends and Depends,
+ Conflicts and Replaces fields.
+ + Added libfaad-dev to Build-Depends.
+ + Added Homepage field.
+ + Added ${misc:Depends} to all Depends.
+ * debian/rules:
+ + Enabled faad support via libfaad
+ (Closes: #400094, #418230, #447089, #448068, #449387).
+ + Added libmp3lame-dev to weak-build-deps in DEB_BUILD_OPTIONS=risky.
+ + Added support for amrnb, amrwb and x264 (Closes: #432170) in
+ DEB_BUILD_OPTIONS=risky.
+
+ [ Reinhard Tartler ]
+ * added Fabian Greffrath to Uploaders
+
+ -- Reinhard Tartler <siretart@tauware.de> Thu, 20 Mar 2008 15:55:11 +0100
+
+ffmpeg-free (0.cvs20071007-3) experimental; urgency=low
+
+ * disable armv6 code generation. Thanks to Joey Hess for the patch
+ (Closes: #438923).
+
+ -- Reinhard Tartler <siretart@tauware.de> Sun, 13 Jan 2008 23:28:25 +0100
+
+ffmpeg-free (0.cvs20071007-2) experimental; urgency=low
+
+ * restore soname on libavutil. got dropped on previous upload.
+ * Bug fix: "needs libavutil-dev headers but doesn't depend on it",
+ thanks to rmh@aybabtu.com (Closes: #434494). This was actually already
+ fixed in a previous upload.
+ * build dependencies in debian/control are now multiline.
+ * Drop the XS- from the Vcs-Browser and Vcs-Svn field.
+
+ -- Reinhard Tartler <siretart@tauware.de> Sun, 16 Dec 2007 21:36:49 +0100
+
+ffmpeg-free (0.cvs20071007-1) experimental; urgency=low
+
+ * new upstream snapshot, using the same day as the mplayer release
+ * Refreshing patches:
+ -005_altivec_flags.diff: dropped, merged upstream
+ -005_m68k_workaround.diff: refreshed
+ -005_runtime_cpudetect.diff: refreshed
+ -006_mips_pthreads.diff: refreshed
+ -010_proper_rpath.diff: refreshed
+ -010_shared_library_versioning.diff: refreshed
+ -011_link_plugins.diff: refreshed (moved to top level makefile)
+ -015_build_imgresample.diff: refreshed
+ -020_disable_snow_mmx_in_pic.diff: refreshed
+ -020_fix_libswscale_pic_code.diff: refreshed
+ -020_mmx_optims.diff: refreshed
+ -020_mmx_pic_code.diff: refreshed
+ -040_early_altivec_detection.diff: disabled, doesn't apply anymore
+ -040_only_use_maltivec_when_needed.diff disabled, (causes ftbfs, needs revising)
+ -040_only_use_maltivec_when_needed.diff: refresh
+ -051_mjpeg_gray_support.diff, removed applied upstream
+ -053_rm_demux_crash.diff removed, applied upstream.
+ -060_fix_avi_skip.diff removed, does not apply anymore
+ * remove --enable-libdts. ffmpeg now has an internal dts decoder since
+ r9051 (2007-05-17). It seems that at least some packages link to libdts and
+ rely on the transitive dependency via ffmpeg. Please add explicit dependencies
+ on libdts instead!
+ * Don't ignore errors in upstream Makefile. Bug found via lintian.
+
+ -- Reinhard Tartler <siretart@tauware.de> Wed, 05 Dec 2007 17:33:34 +0100
+
+ffmpeg-free (0.cvs20070307-7) UNRELEASED; urgency=low
+
+ * debian/patches/051_mjpeg_gray_support.diff:
+ + Support grayscale MJPEG streams as sent by Axis cameras.
+
+ -- Sam Hocevar (Debian packages) <sam+deb@zoy.org> Tue, 31 Jul 2007 18:55:31 +0200
+
+ffmpeg-free (0.cvs20070307-6) unstable; urgency=low
+
+ * Rename the source package. We are (again) no longer shipping the
+ 'real' upstream source of ffmpeg.
+ * Add debian/strip.sh to strip ffmpeg upstream source disabling mpeg
+ based encoders as discussed with ftp-master at debconf7
+ * update XS-Vcs tags in debian/control.
+ * make ffmpeg binNMU-able by using ${binary:Version} rather than
+ ${Source-Version}
+
+ -- Reinhard Tartler <siretart@tauware.de> Sat, 23 Jun 2007 15:11:21 +0100
+
+ffmpeg (0.cvs20070307-5) unstable; urgency=low
+
+ * upload to unstable
+ * remove x264 support, as it has been removed from unstable
+
+ -- Reinhard Tartler <siretart@tauware.de> Wed, 30 May 2007 15:19:20 +0200
+
+ffmpeg (0.cvs20070307-4) experimental; urgency=low
+
+ * added myself to uploaders
+
+ * 020_fix_libswscale_pic_code:
+ + added, avoid some MMX code to avoid PIC code
+
+ [ Sam Hocevar ]
+
+ * fixed path in library installation.
+
+ -- Reinhard Tartler <siretart@tauware.de> Wed, 11 Apr 2007 23:17:47 +0200
+
+ffmpeg (0.cvs20070307-3) experimental; urgency=low
+
+ * debian/patches/015_build_imgresample.diff:
+ + Build imgresample functions even with swscaler activated, or legacy
+ applications will stop working.
+
+ * debian/patches/053_rm_demux_crash.diff:
+ + New patch: fix a double free with corrupted rm files (Closes: #379922).
+
+ * debian/patches/054_h264_mmx_chroma_mc_crash.diff:
+ + New patch: workaround for a buffer overflow in the MMX H264 chroma
+ motion compensation until upstream fixes it properly (Closes: #404176).
+
+ * debian/patches/300_c++_compliant_headers.diff:
+ + Define INT64_C() when the system headers don't provide it, for instance
+ when building C++ code.
+
+ * debian/control:
+ + Set pkg-multimedia-maintainers as main maintainer.
+ + Updated VCS fields.
+ * debian/rules:
+ + Huge cleanup.
+
+ -- Sam Hocevar (Debian packages) <sam+deb@zoy.org> Wed, 14 Mar 2007 19:40:42 +0100
+
+ffmpeg (0.cvs20070307-2) experimental; urgency=low
+
+ * debian/rules:
+ + Activate x264 support now that it is in unstable.
+ * debian/control:
+ + Build-depend on libx264-dev.
+
+ -- Sam Hocevar (Debian packages) <sam+deb@zoy.org> Mon, 12 Mar 2007 21:10:45 +0100
+
+ffmpeg (0.cvs20070307-1) experimental; urgency=low
+
+ [ Sam Hocevar ]
+
+ * New upstream snapshot (Closes: #403330, #404788).
+ * This snapshot fixes numerous file parsing crashes (Closes: #404176,
+ Closes: #407003, #396282, #365006, #403398).
+
+ * debian/patches/010_proper_rpath.diff:
+ + New patch. Link objects with the libraries that we generate, not the
+ ones installed on the system.
+
+ * debian/patches/010_shared_library_versioning.diff:
+ + Strip unneeded prefix from .pc files (Closes: #404758).
+
+ * debian/patches/011_link_plugins.diff:
+ + New patch. Link vhook plugins with the appropriate libraries.
+
+ * debian/patches/013_strip_unneeded_linker_flags.diff:
+ + Remove unneeded -l flags from .pc files (Closes: #373986).
+
+ * debian/patches/020_mmx_optims.diff:
+ * debian/patches/020_disable_snow_mmx_in_pic.diff:
+ + Sync patches.
+
+ * debian/patches/020_really_use_liba52.diff:
+ * debian/patches/050_h264-misc-security-fixes.diff:
+ * debian/patches/051_asf-misc-security-fixes.diff:
+ + Drop patches, applied upstream or no longer relevant.
+
+ * debian/patches/040_only_use_maltivec_when_needed.diff:
+ + Upgraded patch to cover libswscale.
+
+ * debian/libavcodec-dev.install:
+ + Ship lzo.h and random.h.
+
+ * debian/rules:
+ + Fix syntax for a few --enable flags.
+ + Only ship ffmpeg_powerpc_performance_evaluation_howto.txt.gz on
+ powerpc machines (Closes: #385079).
+ + Readded --enable-libtheora, it's here again.
+ + Activate --enable-swscaler (Closes: #399141, #398442).
+
+ [ Reinhard Tartler ]
+
+ * debian/rules:
+ + Ignore libswscale.pc and rgb2rgb.h.
+
+ * debian/libavcodec-dev.install:
+ + Ship fifo.h and opt.h.
+
+ * debian/patches/005_altivec_flags.diff:
+ * debian/patches/005_m68k_workaround.diff:
+ * debian/patches/005_runtime_cpudetect.diff:
+ * debian/patches/006_mips_pthreads.diff:
+ * debian/patches/020_really_use_liba52.diff:
+ + Sync patches.
+
+ * debian/patches/007_disable_ffmpeg_option.diff:
+ * debian/patches/030_arm_cpu_detect.diff:
+ * debian/patches/030_arm_workaround.diff:
+ + Drop patches, applied upstream or no longer relevant.
+
+ -- Sam Hocevar (Debian packages) <sam+deb@zoy.org> Fri, 9 Mar 2007 15:13:16 +0100
+
+ffmpeg (0.cvs20060823-7) unstable; urgency=high
+
+ * debian/patches/040_only_use_maltivec_when_needed.diff:
+ + Fix a static function prototype that prevented programs using libpostproc
+ from working on PowerPC (Closes: #412214).
+
+ * debian/control:
+ + Added Xs-Vcs-Browser and XS-Vcs-Svn fields.
+
+ -- Sam Hocevar (Debian packages) <sam+deb@zoy.org> Thu, 8 Mar 2007 17:51:37 +0100
+
+ffmpeg (0.cvs20060823-6) unstable; urgency=high
+
+ * Upload to unstable.
+
+ -- Loic Minier <lool@dooz.org> Thu, 1 Feb 2007 21:36:47 +0100
+
+ffmpeg (0.cvs20060823-5) testing-proposed-updates; urgency=high
+
+ [ Loïc Minier ]
+ * Add myself to Uploaders.
+ * Exclude firewire libs from ffmpeg-config under kFreeBSD; based on a patch
+ by Petr Salinger; closes: #399701.
+ * Fix handling of debug in DEB_BUILD_OPTIONS; thanks Andreas Henriksson;
+ closes: #406474.
+ * SECURITY: New patch, 050_h264-misc-security-fixes, to properly check the
+ sps and pps ids before use and to check more bitstram values and fix
+ potential security holes; from upstream SVN r7585, r7586, and r7591.
+ * SECURITY: New patch, 051_asf-misc-security-fixes, to properly check
+ packet sizes, chunk sizes, and fragment positions; from upstream SVN r7640
+ and r7650.
+
+ [ Sam Hocevar ]
+ * debian/copyright:
+ + Fix typo and clarify licensing terms (Closes: #398235).
+ * debian/README.Debian:
+ + Removed mention of ffmpeg-config now that we ship .pc files.
+ * debian/patches/020_mmx_optims.diff:
+ + New patch, fix FTBFS with DEB_BUILD_OPTIONS=debug.
+ * debian/patches/040_early_altivec_detection.diff:
+ + New patch, detect AltiVec earlier on and only once so that we don't
+ risk using signal handlers in a multithreaded environment or when
+ the caller already installed a SIGILL handler.
+ * debian/patches/040_only_use_maltivec_when_needed.diff:
+ + New patch, only use -maltivec with files that use AltiVec intrinsics,
+ and make sure no codepath leads to these files on a non-AltiVec
+ machine (Closes: #405926).
+ * debian/patches/060_fix_avi_skip.diff:
+ + New patch, courtesy of Ben Hutchings: do not attempt to skip the ODML
+ if the current seek offset is already beyond it (Closes: #383734).
+
+ -- Sam Hocevar (Debian packages) <sam+deb@zoy.org> Mon, 29 Jan 2007 16:58:44 +0100
+
+ffmpeg (0.cvs20060823-4) unstable; urgency=high
+
+ * Maintainer upload.
+ * Acknowledging NMU (Closes: #386458).
+
+ * High urgency because of FTBFS fix.
+
+ * debian/patches/030_arm_workaround.diff:
+ + New patch courtesy of Aurélien Jarno: disable the broken ARM assembly
+ code in libavcodec/mpegaudiodec.c.
+
+ * debian/patches/030_arm_cpu_detect.diff:
+ + New patch courtesy of Aurélien Jarno: correctly detect the newer ARM
+ CPUs.
+
+ -- Sam Hocevar (Debian packages) <sam+deb@zoy.org> Sun, 24 Sep 2006 23:38:29 +0200
+
+ffmpeg (0.cvs20060823-3.1) unstable; urgency=medium
+
+ * Non-maintainer upload.
+ * Fix variable substitution trick in debian/rules (Closes: #386458).
+
+ -- Luk Claes <luk@debian.org> Fri, 15 Sep 2006 21:29:07 +0200
+
+ffmpeg (0.cvs20060823-3) unstable; urgency=low
+
+ * debian/rules:
+ + Take local packages into account when computing shlibs dependencies, so
+ that ffplay/ffserver depend on the proper libraries (Closes: #386029).
+
+ -- Sam Hocevar (Debian packages) <sam+deb@zoy.org> Tue, 5 Sep 2006 17:44:00 +0200
+
+ffmpeg (0.cvs20060823-2) unstable; urgency=low
+
+ * debian/patches/020_really_use_liba52.diff:
+ + New patch: link with the shared liba52 instead of the built-in one.
+
+ * debian/patches/006_mips_pthreads.diff:
+ + New patch: link libraries with -lpthreads on Linux MIPS because of a
+ known ld bug.
+
+ * debian/patches/007_disable_ffmpeg_option.diff:
+ + New patch: add a --disable-ffmpeg option.
+
+ -- Sam Hocevar (Debian packages) <sam+deb@zoy.org> Wed, 30 Aug 2006 18:36:52 +0200
+
+ffmpeg (0.cvs20060823-1) unstable; urgency=low
+
+ * New SVN snapshot (Closes: #368904).
+ * debian/control:
+ + Set policy to 3.7.2.
+ + Do not build 1394 support on GNU/kFreeBSD or Hurd. Patch courtesy of
+ Petr Salinger (Closes: #372290).
+ * debian/rules:
+ + Minor cleanup.
+ + Removed --enable-theora, upstream dropped that option.
+
+ * debian/patches/020_mmx_intrinsics.diff:
+ + Disabled intrinsics workaround because it is no longer necessary and it
+ causes trouble with some codecs such as H264 (Closes: #373765).
+
+ -- Sam Hocevar (Debian packages) <sam+deb@zoy.org> Wed, 23 Aug 2006 12:09:58 +0200
+
+ffmpeg (0.cvs20060329-4) unstable; urgency=low
+
+ * debian/control:
+ + Make each -dev package depend on the corresponding shared library
+ package (Closes: #361348).
+ + Moved libavutil files from libavformat-dev to libavcodec-dev which is
+ the real common dependency (Closes: #361269).
+
+ -- Sam Hocevar (Debian packages) <sam+deb@zoy.org> Sun, 9 Apr 2006 15:23:37 +0200
+
+ffmpeg (0.cvs20060329-3) unstable; urgency=low
+
+ * debian/rules: that build system is hopeless. We now run configure and
+ make twice, backup static libraries inbetween, then update timestamps
+ to fool make. That should fix the FTBFS (Closes: #361215).
+
+ -- Sam Hocevar (Debian packages) <sam+deb@zoy.org> Fri, 7 Apr 2006 11:33:15 +0200
+
+ffmpeg (0.cvs20060329-2) unstable; urgency=low
+
+ * debian/rules: fixed Makefile.pic generation.
+
+ -- Sam Hocevar (Debian packages) <sam+deb@zoy.org> Thu, 6 Apr 2006 16:37:05 +0200
+
+ffmpeg (0.cvs20060329-1) unstable; urgency=low
+
+ * New CVS snapshot.
+ * Upstream fixed a double free in img.c (Closes: #351455).
+ * Upstream fixed the libvorbisenc dependency in libavcodec.pc
+ (Closes: #357352).
+
+ * debian/rules:
+ + Activated threading support (Closes: #335677).
+ + Manually reinstall dsputil.h.
+
+ * debian/README.Debian:
+ + Removed mention of --plugin-libs.
+ + Added a note about the unofficial packages (Closes: #306752).
+
+ * 020_disable_snow_mmx_in_pic.diff: (new patch) disable MMX acceleration in
+ the Snow encoder in PIC mode.
+
+ -- Sam Hocevar (Debian packages) <sam+deb@zoy.org> Thu, 30 Mar 2006 10:41:17 +0200
+
+ffmpeg (0.cvs20060306-3) unstable; urgency=low
+
+ * Switched patch system to quilt.
+ * debian/control:
+ + Build-depend on quilt.
+
+ * 005_altivec_flags.diff: (new patch from old diff.gz) proper gcc flags to
+ only generate AltiVec code when explicitely asked.
+
+ * 005_m68k_workaround.diff: (new patch from old diff.gz) use -O2 instead of
+ -O3 on m68k.
+
+ * 005_runtime_cpudetect.diff: (new patch from old diff.gz) fix runtime CPU
+ detection on m68k and x86.
+
+ * 010_ffmpeg-config.diff: (new patch from old diff.gz) the ffmpeg-config
+ script and associated manpage (legacy).
+
+ * 010_shared_library_versioning.diff: (new patch from old diff.gz) use a
+ Debian-specific scheme for shared library versioning to avoid spreading
+ libraries incompatible with every other version.
+
+ * 020_mmx_intrinsics.diff: (new patch from old diff.gz) use MMX intrinsics
+ in dsputil_mmx.c because gcc is unable to compute some register constraints
+ in PIC mode.
+
+ * 020_mmx_pic_code.diff: (new patch from old diff.gz) ported some MMX code
+ to be PIC.
+
+ -- Sam Hocevar (Debian packages) <sam+deb@zoy.org> Wed, 29 Mar 2006 18:53:35 +0200
+
+ffmpeg (0.cvs20060306-2) unstable; urgency=low
+
+ * ffmpeg-config.in: removed references to _pic libraries.
+
+ -- Sam Hocevar (Debian packages) <sam+deb@zoy.org> Fri, 17 Mar 2006 20:08:29 +0100
+
+ffmpeg (0.cvs20060306-1) unstable; urgency=low
+
+ * New CVS snapshot.
+ * Upstream now properly installs dsputil.h (Closes: #354391).
+ * debian/control:
+ + Distribute shared versions of the libraries with a Debian-specific
+ soname.
+ * debian/rules:
+ + Removed all custom PIC rules.
+ + Moved ffmpeg-config to libavformat-dev instead of libavcodec-dev so that
+ it is present by default (Closes: #350750).
+ + Include apiexample.c in libavcodec-dev (Closes: #350027).
+
+ -- Sam Hocevar (Debian packages) <sam+deb@zoy.org> Mon, 6 Mar 2006 11:05:26 +0100
+
+ffmpeg (0.cvs20050918-6) unstable; urgency=low
+
+ * Developer upload.
+ * Acknowledge NMU. Thanks to Samuel Mimram (Closes: #342207).
+ * configure:
+ + Set RUNTIME_CPUDETECT (except on m68k where it ICEs and on x86 where it
+ fails to build some asm constructs) (Closes: #337846).
+ * debian/rules:
+ + Make the build process aware of DEB_BUILD_OPTIONS, thanks to Timo
+ Lindfors (Closes: #338895).
+
+ -- Sam Hocevar (Debian packages) <sam+deb@zoy.org> Sat, 21 Jan 2006 16:51:26 +0100
+
+ffmpeg (0.cvs20050918-5.1) unstable; urgency=low
+
+ * NMU.
+ * Fix exploitable heap overflow in libavcodec's handling of images with
+ PIX_FMT_PAL8 pixel formats (CVE-2005-4048), closes: #342207.
+
+ -- Samuel Mimram <smimram@debian.org> Sun, 15 Jan 2006 14:44:36 +0100
+
+ffmpeg (0.cvs20050918-5) unstable; urgency=low
+
+ * ffmpeg-config.1: fixed the examples and added a note that static libraries
+ should be put after the objects that refer to them (Closes: #339803).
+
+ -- Sam Hocevar (Debian packages) <sam+deb@zoy.org> Fri, 18 Nov 2005 23:58:16 +0100
+
+ffmpeg (0.cvs20050918-4) unstable; urgency=low
+
+ * configure:
+ + Tell the configure script about m68k, ia64 and others.
+
+ -- Sam Hocevar (Debian packages) <sam+deb@zoy.org> Thu, 22 Sep 2005 14:43:59 +0200
+
+ffmpeg (0.cvs20050918-3) unstable; urgency=low
+
+ * configure:
+ + Use -O2 instead of -O3 on m68k to avoid ICEs.
+
+ -- Sam Hocevar (Debian packages) <sam+deb@zoy.org> Tue, 20 Sep 2005 17:33:14 +0200
+
+ffmpeg (0.cvs20050918-2) unstable; urgency=low
+
+ * libavcodec/i386/dsputil_mmx.c:
+ + Reworked the MMX intrinsics.
+ * tests/libav.regression.ref:
+ + Minor cosmetic fix to use double-digit numbers in test sequences.
+ * debian/control:
+ + PowerPC no longer needs to use gcc-3.4, since 4.x is the default.
+ * libavcodec/Makefile:
+ + Removed special compilation case for HPPA now that we use 4.x.
+
+ -- Sam Hocevar (Debian packages) <sam+deb@zoy.org> Sun, 18 Sep 2005 17:43:48 +0200
+
+ffmpeg (0.cvs20050918-1) unstable; urgency=low
+
+ * New CVS snapshot.
+ * Upstream applied most Debian patches.
+ * configure:
+ + Do not use -mabi=altivec (-maltivec is enough for our AltiVec code) so
+ that our code still runs on a G3 computer (Closes: #319151).
+ * debian/rules:
+ + When not cross-compiling, run the regression tests (Closes: #292102).
+ * debian/changelog:
+ + Updated the FSF address.
+ * ffmpeg-config.in:
+ + Fixed avcodec linkage (Closes: #328505).
+ * libavcodec/i386/mpegvideo_mmx_template.c:
+ + Applied patch from Tobias Grimm to fix the PIC MMX code for MPEG
+ encoding (Closes: #318493).
+ * libavcodec/i386/dsputil_mmx.c:
+ + Applied patch from Joshua Kwan to fix the AMD64 build (Closes: #324026).
+ + Reworked that patch so that it still compiles on x86.
+
+ -- Sam Hocevar (Debian packages) <sam+deb@zoy.org> Fri, 16 Sep 2005 13:03:47 +0200
+
+ffmpeg (0.cvs20050811-2) unstable; urgency=low
+
+ * ffmpeg-config.in: added a missing -lgsm.
+
+ -- Sam Hocevar (Debian packages) <sam+deb@zoy.org> Mon, 22 Aug 2005 19:51:53 +0200
+
+ffmpeg (0.cvs20050811-1) unstable; urgency=low
+
+ * New CVS snapshot.
+ * Upstream fixed an integer overflow in the MPEG encoder (Closes: #320150).
+ * debian/rules:
+ + Activated libgsm support.
+ + Fixed theora support.
+ + Switched installation method to dh_install.
+ * Applied patch from Christian Aichinger and others to fix the clobbering
+ of the %ebx register during build (Closes: #319563).
+
+ -- Sam Hocevar (Debian packages) <sam+deb@zoy.org> Thu, 11 Aug 2005 14:22:03 +0200
+
+ffmpeg (0.cvs20050626-2) unstable; urgency=low
+
+ * ffmpeg-config.in: fixed the theora link that caused FTBFS.
+
+ -- Sam Hocevar (Debian packages) <sam+deb@zoy.org> Fri, 1 Jul 2005 17:20:59 +0200
+
+ffmpeg (0.cvs20050626-1) unstable; urgency=low
+
+ * New CVS snapshot.
+ * debian/control:
+ + Set policy to 3.6.2.1.
+ * debian/rules:
+ + Fixed Vorbis support (Closes: #306023).
+ + Patch by Jonas Smedegaard <dr@jones.dk>: conditionally enable these
+ unofficial libraries if DEB_BUILD_OPTIONS includes "risky":
+ o Mpeg2 layer 3 / MP3 (liblame-dev).
+ o FAAD (libfaad2-dev).
+ o FAAC (libfaac-dev).
+ o XviD (libxvidcore-dev).
+ + Activated theora support.
+ + Activated IEEE 1394 support (Closes: #296737).
+
+ -- Sam Hocevar (Debian packages) <sam+deb@zoy.org> Sun, 26 Jun 2005 15:46:54 +0200
+
+ffmpeg (0.cvs20050313-2) unstable; urgency=low
+
+ * libavcodec/libpostproc/postprocess_template.c
+ libavcodec/i386/mpegvideo_mmx_template.c: fixed my PIC MMX code (Closes: #299700).
+ * debian/rules: use gcc-3.4 on PowerPC (Closes: #300686).
+
+ -- Sam Hocevar (Debian packages) <sam+deb@zoy.org> Mon, 21 Mar 2005 23:38:46 +0100
+
+ffmpeg (0.cvs20050313-1) unstable; urgency=low
+
+ * New CVS snapshot.
+ * configure: fixed the builtin vector test (Closes: #293284), thanks
+ to Jacob L. Anawalt.
+ * libavcodec/libpostproc/postprocess_template.c
+ libavcodec/i386/mpegvideo_mmx_template.c: fixed MMX code so that it can
+ be compiled in PIC mode, and reactivated MMX (Closes: #290447, #290358).
+
+ -- Sam Hocevar (Debian packages) <sam+deb@zoy.org> Sat, 12 Mar 2005 18:34:29 +0100
+
+ffmpeg (0.cvs20050121-1) unstable; urgency=low
+
+ * New CVS snapshot.
+ * This snapshot fixes integer overflows that may lead to arbitrary code
+ execution (Closes: #291566).
+
+ -- Sam Hocevar (Debian packages) <sam+deb@zoy.org> Fri, 21 Jan 2005 17:41:47 +0100
+
+ffmpeg (0.cvs20050108-1) unstable; urgency=low
+
+ * Re-done tarball snapshot so that it does not contain binaries.
+ * ffmpeg-config.in:
+ + Added missing -lvorbisenc (Closes: #289030).
+ * debian/rules:
+ + Install missing headers that are not in the install rule: bwswap.h,
+ dsputil.h, os_support.h (Closes: #289033).
+
+ -- Sam Hocevar (Debian packages) <sam+deb@zoy.org> Sat, 8 Jan 2005 11:30:58 +0100
+
+ffmpeg (0.cvs20050106-1) unstable; urgency=low
+
+ * New upstream snapshot.
+ * The extern/static declaration conflict was fixed upstream (Closes: #288906).
+
+ -- Sam Hocevar (Debian packages) <sam+deb@zoy.org> Thu, 6 Jan 2005 15:44:49 +0100
+
+ffmpeg (0.cvs20040716-2) unstable; urgency=low
+
+ * debian/rules:
+ + Include missing rtp.h / rtsp.h in libavformat-dev.
+ * ffmpeg-config.in:
+ + Added -lz to the libavcodec linking flags.
+ + Added -ldts / -ldts_pic, -la52, -lvorbis to the libavcodec linking flags.
+
+ -- Sam Hocevar (Debian packages) <sam+deb@zoy.org> Tue, 17 Aug 2004 13:27:41 +0200
+
+ffmpeg (0.cvs20040716-1) unstable; urgency=low
+
+ * Initial release (Closes: #199266).
+
+ -- Sam Hocevar (Debian packages) <sam+deb@zoy.org> Fri, 16 Jul 2004 12:47:27 +0200
--- /dev/null
+config-extra-includes.h
+EXTRA
+codecs.txt
+formats.txt
--- /dev/null
+# -*- mode: makefile -*-
+# vim:syntax=make
+
+export DEB_HOST_MULTIARCH ?= $(shell dpkg-architecture -qDEB_HOST_MULTIARCH)
+export DEB_BUILD_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE)
+export DEB_HOST_ARCH ?= $(shell dpkg-architecture -qDEB_HOST_ARCH)
+export DEB_HOST_ARCH_CPU ?= $(shell dpkg-architecture -qDEB_HOST_ARCH_CPU)
+export DEB_HOST_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_HOST_GNU_TYPE)
+
+SVNREVISION=$(shell cat .svnrevision 2>/dev/null || echo "UNKNOWN")
+
+CROSS :=
+ifneq ($(DEB_BUILD_GNU_TYPE),$(DEB_HOST_GNU_TYPE))
+ CROSS := $(DEB_HOST_GNU_TYPE)-
+endif
+
+# list of flavors we want to build
+FLAVORS :=
+
+# this outputs 0 or 1 depending on whether a macro appears in the *default* cpp
+# -dM -P output; this is used to test the toolchain *default* configuration
+check_cpp = $(shell $(CROSS)cpp -dM -P /dev/null | grep -q '^\#define $(1)' && echo 1 || echo 0)
+
+# this outputs 0 or 1 depending on whether a piece of assembly can be compiled
+# with the *default* gcc flags; this is used to test the toolchain *default*
+# configuration
+check_asm = $(shell echo 'void foo(void) { __asm__ volatile("$(1)"); }' | $(CROSS)gcc -x c -c - -o /dev/null 2>/dev/null && echo 1 || echo 0)
+
+# the other flavors always build dynamic versions
+# Also, disable architecture-specific optimizations for default shared build
+ifeq ($(DEB_HOST_ARCH_CPU),arm)
+ # whether the toolchain *default* configuration includes vfp
+ vfp_asm := fadds s0, s0, s0
+ has_vfp := $(call check_asm, $(vfp_asm))
+ # whether the toolchain *default* configuration includes neon
+ neon_asm := vadd.i16 q0, q0, q0
+ has_neon := $(call check_asm, $(neon_asm))
+ # whether the toolchain *default* configuration enables ARMv7
+ v7_asm := dmb
+ has_v7 := $(call check_asm, $(v7_asm))
+ # whether the toolchain *default* configuration uses -mfloat-abi=soft
+ has_soft := $(call check_cpp,__SOFTFP__ 1)
+
+ # only build a VFP flavour if the toolchain doesn't enable VFP by default
+ ifneq ($(has_vfp),1)
+ FLAVORS += vfp
+ endif
+ # only build a NEON flavour if the toolchain doesn't enable NEON by default
+ ifneq ($(has_neon),1)
+ FLAVORS += neon
+ endif
+ # calling-conventions for VFP and NEON flavours: if the toolchain uses
+ # -mfloat-abi=soft, we want to use softfp, otherwise we want to use the
+ # toolchain default (either softfp or hardfp)
+ ifeq ($(has_soft),1)
+ float_abi := -mfloat-abi=softfp
+ else
+ float_abi :=
+ endif
+else ifeq ($(DEB_HOST_ARCH),i386)
+ FLAVORS += cmov
+else ifeq ($(DEB_HOST_ARCH),powerpc)
+ FLAVORS += altivec
+ nooptflags += --disable-altivec
+else ifeq ($(DEB_HOST_ARCH),sparc)
+ FLAVORS += vis
+ nooptflags += --disable-vis
+endif
+
+# build a static version on every architecture in the 'debian' Libav package
+FLAVORS += static
+
+# shared is generic, i.e. without arch specific opcodes
+# /!\ order matters, you want to list the shared flavor *last* so that the
+# binaries from this flavor overwrite the ones from the optional optimized
+# flavor(s) and from the static flavor
+FLAVORS += shared
+
+$(info Building FLAVORS=$(FLAVORS))
+
+# Conditionally enable certain features depending on
+# the corresponding header file being installed or not
+define cond_enable
+ $(shell test -r $(1) && echo --enable-$(2) )
+endef
+
+# variant that also requires --enable-version3
+define cond_enable_v3
+ $(shell test -r $(1) && echo --enable-$(2) --enable-version3 )
+endef
+
+# variant that also requires --enable-nonfree
+define cond_enable_nf
+ $(shell test -r $(1) && echo --enable-$(2) --enable-nonfree )
+endef
+
+# Common configuration flags
+confflags += --arch='$(DEB_HOST_ARCH_CPU)'
+confflags += --enable-pthreads
+confflags += --enable-runtime-cpudetect
+confflags += --extra-version='$(DEB_VERSION)'
+confflags += --libdir=/usr/lib/$(DEB_HOST_MULTIARCH)
+confflags += --prefix=/usr
+confflags += $(shell test -x /usr/bin/yasm || echo --disable-yasm )
+confflags += --disable-avserver
+# CVE-2016-1897 and CVE-2016-1898
+confflags += --disable-protocol=concat
+
+ifeq ($(DEB_HOST_ARCH),armel)
+# this is required on Ubuntu lucid as it defaults to thumb2 and Libav has
+# plenty of incompatible assembly; not sure how to detect that properly
+confflags += --enable-pic
+endif
+
+ifeq ($(DEB_HOST_ARCH),powerpc)
+confflags += --enable-pic
+endif
+
+# Additional features
+confflags += $(call cond_enable,/usr/include/bzlib.h,bzlib)
+confflags += $(call cond_enable,/usr/include/dc1394/dc1394.h,libdc1394)
+confflags += $(call cond_enable,/usr/include/freetype2/ft2build.h,libfreetype)
+confflags += $(call cond_enable,/usr/include/frei0r.h,frei0r)
+confflags += $(call cond_enable,/usr/include/gnutls/gnutls.h,gnutls)
+confflags += $(call cond_enable,/usr/include/gsm/gsm.h,libgsm)
+confflags += $(call cond_enable,/usr/include/lame/lame.h,libmp3lame)
+confflags += $(call cond_enable,/usr/include/librtmp/http.h,librtmp)
+confflags += $(call cond_enable,/usr/include/opencv/cv.hpp,libopencv)
+confflags += $(call cond_enable,/usr/include/openjpeg.h,libopenjpeg)
+confflags += $(call cond_enable,/usr/include/opus/opus.h,libopus)
+confflags += $(call cond_enable,/usr/include/pulse/simple.h,libpulse)
+confflags += $(call cond_enable,/usr/include/schroedinger-1.0/schroedinger/schro.h,libschroedinger)
+confflags += $(call cond_enable,/usr/include/speex/speex.h,libspeex)
+confflags += $(call cond_enable,/usr/include/theora/theoraenc.h,libtheora)
+confflags += $(call cond_enable,/usr/include/va/va.h,vaapi)
+confflags += $(call cond_enable,/usr/include/vdpau/vdpau.h,vdpau)
+confflags += $(call cond_enable,/usr/include/vorbis/vorbisenc.h,libvorbis)
+confflags += $(call cond_enable,/usr/include/vpx/vpx_encoder.h,libvpx)
+confflags += $(call cond_enable,/usr/include/zlib.h,zlib)
+
+# Configuration flags causing the libs to be GPL tainted
+gpl_confflags += --enable-gpl
+gpl_confflags += --enable-swscale
+gpl_confflags += $(call cond_enable,/usr/include/cdio/paranoia.h,libcdio)
+gpl_confflags += $(call cond_enable,/usr/include/X11/extensions/XShm.h,x11grab)
+gpl_confflags += $(call cond_enable,/usr/include/x264.h,libx264)
+gpl_confflags += $(call cond_enable,/usr/include/xvid.h,libxvid)
+# comment out following line for LGPL versions of the libraries
+confflags += $(gpl_confflags)
+
+# Features that require (L)GPL v3
+v3_confflags += $(call cond_enable_v3,/usr/include/opencore-amrnb/interf_dec.h,libopencore-amrnb)
+v3_confflags += $(call cond_enable_v3,/usr/include/opencore-amrwb/dec_if.h,libopencore-amrwb)
+v3_confflags += $(call cond_enable_v3,/usr/include/vo-aacenc/voAAC.h,libvo-aacenc)
+v3_confflags += $(call cond_enable_v3,/usr/include/vo-amrwbenc/enc_if.h,libvo-amrwbenc)
+
+# FAAC is considered non-free
+confflags += $(call cond_enable_nf,/usr/include/faac.h,libfaac)
+
+# Enable hardened build flags through dpkg-buildflags
+CFLAGS := $(filter-out -g -O2,$(shell dpkg-buildflags --get CFLAGS))
+CPPFLAGS := $(shell dpkg-buildflags --get CPPFLAGS)
+LDFLAGS := $(filter-out %-Bsymbolic-functions,$(shell dpkg-buildflags --get LDFLAGS))
+
+ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS)))
+# Various parts of Libav (and swscale) FTBFS when compiling with -fPIC
+# and with mmx code enabled.
+ confflags += --disable-optimizations
+ confflags += --disable-mmx
+endif
+
+# Configuration flags for the static libraries
+static_build_confflags += $(confflags)
+
+# Configuration flags for the non-optimized shared libraries
+shared_build_confflags += $(confflags) --shlibdir=/usr/lib/$(DEB_HOST_MULTIARCH)
+# amd64 has no problems with optimized shared libs. i386 and arm do.
+ifneq ($(DEB_HOST_ARCH),amd64)
+shared_build_confflags += $(nooptflags)
+endif
+shared_build_confflags += --enable-shared
+shared_build_confflags += --disable-static
+# i386 shared builds must be optimized for 586, cf. #728928, #688384
+ifeq ($(DEB_HOST_ARCH),i386)
+shared_build_confflags += --cpu='i586'
+endif
+
+## specific to arm architectures
+# Configuration flags for the optimised shared libraries
+vfp_shlibdir := vfp
+vfp_build_confflags += $(confflags)
+vfp_build_confflags += --shlibdir=/usr/lib/$(DEB_HOST_MULTIARCH)/$(vfp_shlibdir)
+vfp_build_confflags += --enable-shared
+vfp_build_confflags += --disable-static
+vfp_build_confflags += --extra-cflags="-mfpu=vfp $(float_abi)"
+# NB: NEON always implies v7+ and Libav's NEON implementation requires VFP
+neon_shlibdir := neon/vfp
+neon_build_confflags += $(confflags)
+neon_build_confflags += --shlibdir=/usr/lib/$(DEB_HOST_MULTIARCH)/$(neon_shlibdir)
+# the NEON pass now requires ubfx which was introduced in armv6t2; we need to
+# enable at least armv6t2 for the NEON pass to build, but NEON implies armv7-a
+# so pass armv7-a if it's not already enabled
+ifneq ($(has_v7),1)
+neon_build_confflags += --cpu='armv7-a'
+endif
+neon_build_confflags += --extra-cflags="-mfpu=neon $(float_abi) -fPIC -DPIC"
+neon_build_confflags += --enable-shared
+neon_build_confflags += --disable-static
+
+## i386 architecture specific
+# Configuration flags for the optimized shared libraries
+cmov_shlibdir := i686/cmov
+cmov_build_confflags += $(confflags)
+cmov_build_confflags += $(nooptflags)
+cmov_build_confflags += --shlibdir=/usr/lib/$(DEB_HOST_MULTIARCH)/$(cmov_shlibdir)
+cmov_build_confflags += --cpu='i686'
+cmov_build_confflags += --enable-shared
+cmov_build_confflags += --disable-static
+
+## powerpc architecture specific
+# Configuration flags for the optimized shared libraries
+altivec_shlibdir := altivec
+altivec_build_confflags += $(confflags)
+altivec_build_confflags += --shlibdir=/usr/lib/$(DEB_HOST_MULTIARCH)/$(altivec_shlibdir)
+altivec_build_confflags += --cpu='g4'
+altivec_build_confflags += --enable-shared
+altivec_build_confflags += --disable-static
+altivec_build_confflags += --enable-altivec
+
+## sparc architecture specific
+# Configuration flags for the optimized shared libraries
+vis_shlibdir := v9
+vis_build_confflags += $(confflags)
+vis_build_confflags += --shlibdir=/usr/lib/$(DEB_HOST_MULTIARCH)/$(vis_shlibdir)
+vis_build_confflags += --cpu='sparc64'
+vis_build_confflags += --enable-shared
+vis_build_confflags += --disable-static
+vis_build_confflags += --extra-cflags="-fPIC -DPIC"
--- /dev/null
+Source: libav
+Section: libs
+Priority: optional
+Maintainer: Debian Multimedia Maintainers <pkg-multimedia-maintainers@lists.alioth.debian.org>
+Uploaders:
+ Sam Hocevar (Debian packages) <sam+deb@zoy.org>,
+ Loïc Minier <lool@debian.org>,
+ Reinhard Tartler <siretart@tauware.de>,
+ Fabian Greffrath <fabian+debian@greffrath.com>,
+ Jonas Smedegaard <dr@jones.dk>,
+ Sebastian Ramacher <sramacher@debian.org>
+Standards-Version: 3.9.5
+Vcs-Git: git://anonscm.debian.org/pkg-multimedia/libav.git
+Vcs-Browser: http://anonscm.debian.org/gitweb/?p=pkg-multimedia/libav.git;a=summary
+Homepage: http://libav.org/
+Build-Depends-Indep:
+ doxygen
+Build-Depends:
+ debhelper (>= 9),
+ frei0r-plugins-dev,
+ libasound2-dev [linux-any],
+ libbz2-dev,
+ libcdio-cdda-dev,
+ libcdio-dev,
+ libcdio-paranoia-dev,
+ libdc1394-22-dev [linux-any],
+ libfreetype6-dev (>= 2.5.1),
+ libgnutls28-dev,
+ libgsm1-dev,
+ libjack-dev,
+ libmp3lame-dev,
+ libopencore-amrnb-dev,
+ libopencore-amrwb-dev,
+ libopencv-dev,
+ libopenjpeg-dev,
+ libopus-dev (>= 1.0.1),
+ libpulse-dev,
+ libraw1394-dev [linux-any],
+ librtmp-dev (>= 2.2e-4),
+ libschroedinger-dev,
+ libsdl1.2-dev,
+ libspeex-dev,
+ libtheora-dev (>> 0.0.0.alpha4),
+ libtiff-dev,
+ libva-dev [!hurd-any],
+ libvdpau-dev,
+ libvo-aacenc-dev,
+ libvo-amrwbenc-dev,
+ libvorbis-dev,
+ libvpx-dev,
+ libx11-dev,
+ libx264-dev,
+ libxext-dev,
+ libxfixes-dev,
+ libxvidcore-dev,
+ libxvmc-dev,
+ texi2html,
+ yasm [any-amd64 any-i386],
+ zlib1g-dev
+
+Package: libav-tools
+Section: video
+Architecture: any
+Replaces:
+ libavcodec-extra-53 (<< 4:0.6~)
+Pre-Depends:
+ ${misc:Pre-Depends},
+ dpkg (>= 1.15.7.2~)
+Depends:
+ ${misc:Depends},
+ ${shlibs:Depends}
+Suggests:
+ frei0r-plugins (>= 1.3)
+Conflicts:
+ ffprobe
+Description: Multimedia player, encoder and transcoder
+ Libav is a complete, cross-platform solution to decode, encode, record,
+ convert and stream audio and video.
+ .
+ This package contains the avplay multimedia player, the avconv audio
+ and video encoder, and the avprobe stream analyzer. They support most
+ existing file formats (AVI, MPEG, OGG, Matroska, ASF...) and encoding
+ formats (MPEG, DivX, MPEG4, AC3, DV...). Additionally, it contains the
+ qt-faststart utility which rearranges Quicktime files to facilitate
+ network streaming.
+ .
+ This package replaces the 'ffmpeg' command-line tool that was provided
+ in earlier distroreleases.
+
+Package: libav-dbg
+Section: debug
+Priority: extra
+Architecture: any
+Replaces:
+ ffmpeg-dbg (<< 6:0.8.3-5),
+ libav-extra-dbg (<< 6:0.8.3-5)
+Breaks:
+ ffmpeg-dbg (<< 6:0.8.3-5),
+ libav-extra-dbg (<< 6:0.8.3-5)
+Depends:
+ libav-tools (= ${binary:Version}),
+ libavcodec56 (= ${binary:Version}) | libavcodec-extra-56 (= ${binary:Version}),
+ libavdevice55 (= ${binary:Version}),
+ libavformat56 (= ${binary:Version}),
+ libavutil54 (= ${binary:Version}),
+ libswscale3 (= ${binary:Version}),
+ ${misc:Depends}
+Description: Debug symbols for Libav related packages
+ Libav is a complete, cross-platform solution to decode, encode, record,
+ convert and stream audio and video.
+ .
+ This package contains debug data of the Libav related shared libraries.
+ .
+ Most people will not need this package. Please install it to produce useful
+ stacktraces to help debugging the Libav library.
+
+Package: libav-doc
+Section: doc
+Architecture: all
+Depends:
+ ${misc:Depends}
+Description: Documentation of the Libav API
+ Libav is a complete, cross-platform solution to decode, encode, record,
+ convert and stream audio and video.
+ .
+ This package contains the html doxygen documentation of the Libav API.
+ .
+ Only application developers will find this package useful.
+
+Package: libavutil54
+Architecture: any
+Multi-Arch: same
+Pre-Depends: ${misc:Pre-Depends}
+Depends:
+ ${misc:Depends},
+ ${shlibs:Depends}
+Description: Libav utility library
+ Libav is a complete, cross-platform solution to decode, encode, record,
+ convert and stream audio and video.
+ .
+ This is the common utility library from Libav. It contains shared code
+ used by all other Libav libraries.
+
+Package: libavcodec56
+Architecture: any
+Multi-Arch: same
+Pre-Depends: ${misc:Pre-Depends}
+Depends:
+ ${misc:Depends},
+ ${shlibs:Depends}
+Conflicts:
+ libavcodec-extra-56
+Replaces:
+ libavcodec-extra-56
+Breaks:
+ mplayer (<< 2:1.0~rc4.dfsg1+svn34540-1~)
+Description: Libav codec library
+ Libav is a complete, cross-platform solution to decode, encode, record,
+ convert and stream audio and video.
+ .
+ This is the codec library from Libav (both encoding and decoding).
+ .
+ It supports most existing codecs (MPEG, MPEG2, MPEG4, AC3, DV...).
+
+Package: libavdevice55
+Architecture: any
+Multi-Arch: same
+Pre-Depends: ${misc:Pre-Depends}
+Depends:
+ ${misc:Depends},
+ ${shlibs:Depends}
+Description: Libav device handling library
+ Libav is a complete, cross-platform solution to decode, encode, record,
+ convert and stream audio and video.
+ .
+ This is the device handling library from Libav.
+
+Package: libavformat56
+Architecture: any
+Multi-Arch: same
+Pre-Depends: ${misc:Pre-Depends}
+Depends:
+ ${misc:Depends},
+ ${shlibs:Depends}
+Description: Libav file format library
+ Libav is a complete, cross-platform solution to decode, encode, record,
+ convert and stream audio and video.
+ .
+ This is the library for handling file formats from Libav.
+ .
+ It supports most existing file formats (AVI, MPEG, OGG, Matroska,
+ ASF...).
+
+Package: libavfilter5
+Architecture: any
+Multi-Arch: same
+Pre-Depends: ${misc:Pre-Depends}
+Depends:
+ ${misc:Depends},
+ ${shlibs:Depends}
+Suggests:
+ frei0r-plugins (>= 1.3)
+Description: Libav video filtering library
+ Libav is a complete, cross-platform solution to decode, encode, record,
+ convert and stream audio and video.
+ .
+ This is the video filtering library from Libav.
+
+Package: libswscale3
+Architecture: any
+Multi-Arch: same
+Pre-Depends: ${misc:Pre-Depends}
+Depends:
+ ${misc:Depends},
+ ${shlibs:Depends}
+Description: Libav video scaling library
+ Libav is a complete, cross-platform solution to decode, encode, record,
+ convert and stream audio and video.
+ .
+ This is the video software scaling library from Libav.
+
+Package: libavutil-dev
+Section: libdevel
+Architecture: any
+Depends:
+ libavutil54 (= ${binary:Version}),
+ ${misc:Depends}
+Description: Development files for libavutil
+ Libav is a complete, cross-platform solution to decode, encode, record,
+ convert and stream audio and video.
+ .
+ This is the common utility library from Libav.
+ .
+ This package contains the header files and static libraries needed to
+ compile applications or shared objects that use libavutil.
+
+Package: libavcodec-dev
+Section: libdevel
+Architecture: any
+Depends:
+ libavcodec56 (<= ${source:Upstream-Version}-99) | libavcodec-extra-56 (<= ${source:Upstream-Version}-99),
+ libavcodec56 (>= ${binary:Version}) | libavcodec-extra-56 (>= ${binary:Version}),
+ libavutil-dev (= ${binary:Version}),
+ libavresample-dev (= ${binary:Version}),
+ ${misc:Depends}
+Suggests:
+ libdc1394-22-dev [linux-any],
+ libgsm1-dev,
+ libogg-dev,
+ libraw1394-dev [linux-any],
+ libschroedinger-dev,
+ libspeex-dev,
+ libtheora-dev (>> 0.0.0.alpha4),
+ libvorbis-dev,
+ libx11-dev,
+ libxext-dev,
+ zlib1g-dev
+Description: Development files for libavcodec
+ Libav is a complete, cross-platform solution to decode, encode, record,
+ convert and stream audio and video.
+ .
+ This is the codec library from Libav. It supports most existing
+ encoding formats (MPEG, DivX, MPEG4, AC3, DV...).
+ .
+ This package contains the header files and static libraries needed to
+ compile applications or shared objects that use libavcodec.
+
+Package: libavdevice-dev
+Section: libdevel
+Architecture: any
+Depends:
+ libavdevice55 (= ${binary:Version}),
+ libavformat-dev (= ${binary:Version}),
+ ${misc:Depends}
+Description: Development files for libavdevice
+ Libav is a complete, cross-platform solution to decode, encode, record,
+ convert and stream audio and video.
+ .
+ This is the device handling library from Libav.
+ .
+ This package contains the header files and static libraries needed to
+ compile applications or shared objects that use libavdevice.
+
+Package: libavformat-dev
+Section: libdevel
+Architecture: any
+Depends:
+ libavcodec-dev (= ${binary:Version}),
+ libavformat56 (= ${binary:Version}),
+ libavutil-dev (= ${binary:Version}),
+ ${misc:Depends}
+Description: Development files for libavformat
+ Libav is a complete, cross-platform solution to decode, encode, record,
+ convert and stream audio and video.
+ .
+ This is the demuxer library from Libav. It supports most
+ existing file formats (AVI, MPEG, OGG, Matroska, ASF...).
+ .
+ This package contains the header files and static libraries needed to
+ compile applications or shared objects that use libavformat.
+
+Package: libavfilter-dev
+Section: libdevel
+Architecture: any
+Depends:
+ libavcodec-dev (= ${binary:Version}),
+ libavresample-dev (= ${binary:Version}),
+ libswscale-dev (= ${binary:Version}),
+ libavfilter5 (= ${binary:Version}),
+ ${misc:Depends}
+Description: Development files for libavfilter
+ Libav is a complete, cross-platform solution to decode, encode, record,
+ convert and stream audio and video.
+ .
+ This is the video filtering library from Libav.
+ .
+ This package contains the header files and static libraries needed to
+ compile applications or shared objects that use libavfilter.
+
+Package: libswscale-dev
+Section: libdevel
+Architecture: any
+Depends:
+ libavutil-dev (= ${binary:Version}),
+ libswscale3 (= ${binary:Version}),
+ ${misc:Depends}
+Description: Development files for libswscale
+ Libav is a complete, cross-platform solution to decode, encode, record,
+ convert and stream audio and video.
+ .
+ This is the video scaling library from Libav.
+ .
+ This package contains the header files and static libraries needed to
+ compile applications or shared objects that use libswscale.
+
+Package: libavresample-dev
+Section: libdevel
+Architecture: any
+Depends:
+ libavutil-dev (= ${binary:Version}),
+ libavresample2 (= ${binary:Version}),
+ ${misc:Depends}
+Description: Development files for libavresample
+ Libav is a complete, cross-platform solution to decode, encode, record,
+ convert and stream audio and video.
+ .
+ This is the video scaling library from Libav.
+ .
+ This package contains the header files and static libraries needed to
+ compile applications or shared objects that use libswrescale.
+
+Package: libavresample2
+Architecture: any
+Multi-Arch: same
+Pre-Depends: ${misc:Pre-Depends}
+Replaces:
+ libavresample0
+Depends:
+ ${misc:Depends},
+ ${shlibs:Depends}
+Description: Libav audio resampling library
+ Libav is a complete, cross-platform solution to decode, encode, record,
+ convert and stream audio and video.
+ .
+ This is the audio software resampling library from Libav.
+
+Package: libavcodec-extra-56
+Architecture: any
+Multi-Arch: same
+Pre-Depends: ${misc:Pre-Depends}
+Depends:
+ ${misc:Depends},
+ ${shlibs:Depends}
+Replaces:
+ libavcodec56
+Conflicts:
+ libavcodec56
+Breaks:
+ mplayer (<< 2:1.0~rc4.dfsg1+svn34540-1~)
+Description: Libav codec library (additional codecs)
+ Libav is a complete, cross-platform solution to decode, encode, record,
+ convert and stream audio and video.
+ .
+ This is the codec library from Libav (both encoding and decoding).
+ .
+ This package is a replacement for the regular libavcodec56 library package;
+ it contains the following additional codecs:
+ .
+ * OpenCORE Adaptive Multi-Rate (AMR) Narrow-Band (Encoder/Decoder)
+ * OpenCORE Adaptive Multi-Rate (AMR) Wide-Band (Decoder)
+ * Android VisualOn AAC (Encoder)
+ * Android VisualOn Adaptive Multi-Rate (AMR) Wide-Band (Encoder)
+ .
+ Because this package links against libraries that are licensed under
+ Apache License 2.0, the resulting binaries are distributed under the
+ GPL version 3 or later.
+
+Package: libavcodec-extra
+Section: metapackages
+Priority: extra
+Architecture: all
+Depends:
+ libavcodec-extra-56,
+ ${misc:Depends},
+Description: Libav codec library (additional codecs meta-package)
+ Libav is a complete, cross-platform solution to decode, encode, record,
+ convert and stream audio and video.
+ .
+ This package depends on the latest version of the libavcodec variant
+ that offers additional codec support. Application packages can depend
+ on it if they require or suggest this variant in a robust manner.
--- /dev/null
+Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: Libav
+Upstream-Contact: libav-devel@libav.org
+Source: http://libav.org
+Comment:
+ The license for the whole work is the GPL, not the LGPL, because GPL-only
+ parts of Libav were activated -- namely libswscale, x11grab and
+ other GPL licensed libraries. If you need LGPL versions of the libraries,
+ please comment out the appropriate line in debian/confflags.
+ .
+ Because libavcodec-extra-* links against libraries that are licensed
+ under Apache License 2.0, the resulting binaries are distributed under
+ the GPL version 3 or later.
+
+Files: *
+Copyright: 1994-2012, the Xiph.Org Foundation and contributors
+ 1995, The Bitmap Brothers Ltd.
+ 1999-2000, Sebastien Rougeaux <sebastien.rougeaux@anu.edu.au>
+ 1999, Intel Corporation
+ 1999, Roger Hardiman
+ 2000-2001, Gerard Lantau
+ 2000-2001, Michel Lespinasse <walken@zoy.org>
+ 2000-2001, Peter Gubanov <peter@elecard.net.ru>
+ 2000-2003,2005,2010, Fabrice Bellard
+ 2000-2011, The libav developers
+ 2001-2003, BERO <bero@geocities.co.jp>
+ 2001,2003, Dr. Tim Ferguson
+ 2001-2005, The ffmpeg Project
+ 2001-2012, Michael Niedermayer <michaelni@gmx.at>
+ 2001, Daniel Maas <dmaas@dcine.com>
+ 2001, Juan J. Sierralta P
+ 2001, Lionel Ulmer
+ 2002-2004,2006-2011, Maxim Poliakovski
+ 2002,2005, Francois Revol <revol@free.fr>
+ 2002-2005, Roberto Togni
+ 2002-2006, Alex Beregszaszi
+ 2002-2008, The Libav Project
+ 2002, Brian Foley
+ 2002, Dieter Shirley
+ 2002, Falk Hueffner <falk@debian.org>
+ 2002, Frederic 'dilb' Boulay
+ 2002, Gildas Bazin <gbazin@netcourrier.com>
+ 2002, Gunnar Monell <gmo@linux.nu>
+ 2002, Laszlo Torok <torokl@alpha.dfmk.hu>
+ 2002, Lennert Buytenhek <buytenh@gnu.org>
+ 2002, Mark Hills <mark@pogo.org.uk>
+ 2002, Remi Guyomarch <rguyom@pobox.com>
+ 2002, Steve O'Hara-Smith
+ 2002, the xine project
+ 2003-2004,2006, Roman Shaposhnik
+ 2003-2004,2007, Mike Melanson <melanson@pcisys.net>
+ 2003-2004, Romain Dolbeau <romain@dolbeau.org>
+ 2003-2005, Christopher R. Hertel <crh@ubiqx.mn.org>
+ 2003,2006-2007, Michel Bardiaux <mbardiaux@mediaxim.be>
+ 2003,2008-2011, Sascha Sommer <saschasommer@freenet.de>
+ 2003-2012, x264 project
+ 2003, David S. Miller <davem@redhat.com>
+ 2003, Ewald Snel
+ 2003, Gustavo Sverzut Barbieri <gsbarbieri@yahoo.com.br>
+ 2003, International Business Machines, Corp
+ 2003, Ivan Kalvachev
+ 2003, James Klicman <james@klicman.org>
+ 2003, Max Krasnyansky <maxk@qualcomm.com>
+ 2003, Nick Kurshev
+ 2003, Pascal Massimino <skal@planet-d.net>
+ 2003, Thomas Raivio
+ 2003, Tinic Uro
+ 2004-2005,2007-2010,2012, Loren Merritt <lorenm@u.washignton.edu>
+ 2004-2005,2007, Denes Balatoni <dbalatoni@programozo.hu>
+ 2004,2007, Benjamin Zores <ben@geexbox.org>
+ 2004-2007, Eric Lasota
+ 2004,2007, Marc Hoffman <marc.hoffman@analog.com>
+ 2004-2012, Konstantin Shishkov
+ 2004, Adam Thayer <krevnik@comcast.net>
+ 2004, AGAWA Koji <i@atty.jp>
+ 2004, Gildas Bazin <gbazin@videolan.org>
+ 2004, Maarten Daniels
+ 2005-2006, DivX, Inc
+ 2005-2006, Oded Shimon <ods15@ods15.dyndns.org>
+ 2005-2006, Robert Edele <yartrebo@earthlink.net>
+ 2005,2007-2008, Ian Caulfield
+ 2005,2007,2011-2012, Luca Barbato <lu_zero@gentoo.org>
+ 2005,2007, Wolfram Gloger
+ 2005-2008, Diego Biurrun
+ 2005-2011, Benjamin Larsson
+ 2005-2011, Reimar Döffinger <Reimar.Doeffinger@gmx.de>
+ 2005-2012, Mans Rullgard <mans@mansr.com>
+ 2005, Alban Bedel <albeu@free.fr>
+ 2005, Anonymous
+ 2005, David Hammerton
+ 2005, Jeff Muizelaar
+ 2005, Matthieu CASTET
+ 2005, Ole André Vadla Ravnås <oleavr@gmail.com>
+ 2005, Roine Gustafsson
+ 2005, Steve Underwood <steveu@coppice.org>
+ 2005, Vidar Madsen
+ 2005, Wim Taymans
+ 2005, Zoltan Hidvegi <hzoli@hzoli.com>
+ 2006-2007, Baptiste Coudurier <baptiste.coudurier@smartjog.com>
+ 2006-2007, Maxim Gavrilov <maxim.gavrilov@gmail.com>
+ 2006-2007, Reynaldo H. Verdejo Pinochet
+ 2006-2007, Ryan Martell <rdm4@martellventures.com>
+ 2006-2007, SmartJog S.A.
+ 2006-2008, Baptiste Coudurier <baptiste.coudurier@free.fr>
+ 2006,2008, Gregory Montoir <cyx@users.sourceforge.net>
+ 2006-2009, Luca Abeni <lucabe72@email.it>
+ 2006-2009, Ramiro Polla <ramiro.polla@gmail.com>
+ 2006-2009, Robert Swain <rob@opendot.cl>
+ 2006,2009, Stefan Gehrer <stefan.gehrer@gmx.de>
+ 2006-2010, Aurelien Jacobs <aurel@gnuage.org>
+ 2006-2010, Prakash Punnoor <prakash@punnoor.de>
+ 2006-2012, Justin Ruggles <justin.ruggles@gmail.com>
+ 2006, Corey Hickey
+ 2006, Daniel Maas <dmaas@maasdigital.com>
+ 2006, Guillaume Poirier <gpoirier@mplayerhq.hu>
+ 2006, Kartikey Mahendra BHATT <bhattkm@gmail.com>
+ 2006, Michael Benjamin <michael.benjamin@analog.com>
+ 2006, Patrick Guimond
+ 2006, Paul Richards <paul.richards@gmail.com>
+ 2006, Steve Lhomme
+ 2006, Thijs Vermeir <thijs.vermeir@barco.com>
+ 2007-2008, Ivo van Poorten
+ 2007-2008, Joseph Artsimovich <jart@users.sourceforge.net>
+ 2007-2008, Marco Gerards <marco@gnu.org>
+ 2007-2008, Siarhei Siamashka <ssvb@users.sourceforge.net>
+ 2007-2008, UAB "DKD"
+ 2007,2009-2012, Nicolas George <nicolas.george@normalesup.org>
+ 2007-2009, Bartlomiej Wolowiec <bartek.wolowiec@gmail.com>
+ 2007,2009, Björn Axelsson
+ 2007,2010, Anssi Hannula <anssi.hannula@gmail.com>
+ 2007,2010, Bobby Bingham
+ 2007-2010, David Conrad
+ 2007-2010, Vitor Sessak <vitor1001@gmail.com>
+ 2007-2011, Stefano Sabatini
+ 2007, Alexis Ballier
+ 2007, Benoit Fouet <benoit.fouet@free.fr>
+ 2007, Christian Ohm
+ 2007, Clemens Fruhwirth <clemens@endorphin.org>
+ 2007, Collabora Ltd
+ 2007, Denes Balatoni <dbalatoni@interware.hu>
+ 2007, Edward Hervey
+ 2007, Marc Hoffman <mmhoffm@gmail.com>
+ 2007, Marc Hoffman <mmh@pleasantst.com>
+ 2007, Nicholas Tung
+ 2007, Nokia Corporation
+ 2007, Philippe Kalaf
+ 2007, Ronald S. Bultje <rbultje@ronald.bitfreak.net>
+ 2007, Ulion
+ 2008-2009, Andrej Stepanchuk
+ 2008-2009, Baptiste Coudurier <baptiste.coudurier@gmail.com>
+ 2008-2009, Jaikrishnan Menon <realityman@gmx.net>
+ 2008-2009, Ronald S. Bultje
+ 2008-2009, Splitted-Desktop Systems
+ 2008,2010, Alexander Strange <astrange@ithinksw.com>
+ 2008,2010, Eli Friedman <eli.friedman@gmail.com>
+ 2008-2010, Laurent Aimar <fenrir@videolan.org>
+ 2008-2010, Paul Kendall <paul@kcbbs.gen.nz>
+ 2008,2010, Zhentan Feng <spyfeng at gmail dot com>
+ 2008, Affine Systems, Inc (Michael Sullivan, Bobby Impollonia)
+ 2008, Alessandro Sappia
+ 2008, Anuradha Suraparaju <asuraparaju@gmail.com>
+ 2008, BBC
+ 2008, GUCAS
+ 2008, NVIDIA
+ 2008, Robert Marston
+ 2008, robs@users.sourceforge.net
+ 2008, Sisir Koppaka
+ 2008, Victor Paesa
+ 2008, Vladimir Voroshilov
+ 2008, vmrsss
+ 2009-2010, Alex Converse <alex.converse@gmail.com>
+ 2009-2010, Daniel Verkamp <daniel@drv.nu>
+ 2009-2010, Howard Chu
+ 2009-2010, Thilo Borgmann <thilo.borgmann@googlemail.com>
+ 2009-2012, Martin Storsjo
+ 2009,2012, Nathan Caldwell <saintdev@gmail.com>
+ 2009, Christian Schmidt
+ 2009, Colin McQuillan
+ 2009, Colin McQuillian
+ 2009, Dylan Yudaken
+ 2009, Giliard B. de Freitas <giliarde@gmail.com>
+ 2009, Ivan Schreter
+ 2009, James Darnley
+ 2009, Jimmy Christensen
+ 2009, Kenan Gillet
+ 2009, Michael Tison
+ 2009, Naotoshi Nojiri
+ 2009, Nicolas Martin <martinic@iro.umontreal.ca>
+ 2009, Samalyse
+ 2009, Sebastien Lucas <sebastien.lucas@gmail.com>
+ 2009, Stephen Backway
+ 2009, Thomas P. Higdon <thomas.p.higdon@gmail.com>
+ 2009, Tobias Bindhammer
+ 2009, Toshimitsu Kimura
+ 2009, Xuggle Incorporated
+ 2009, Zuxy Meng <zuxy.meng@gmail.com>
+ 2010-2011, Anatoly Nenashev
+ 2010,2011, Anton Khirnov <anton@khirnov.net>
+ 2010-2011, Janne Grunau <janne-libav@jannau.net>
+ 2010-2011, Vitor Sessak <vitor1001@gmail.com>
+ 2010,2012, Google, Inc
+ 2010,2012, Ronald S. Bultje <rsbultje@gmail.com>
+ 2010, Adrian Daerr
+ 2010, Amanda, Y.N. Wu <amanda11192003@gmail.com>
+ 2010, Baptiste Coudurier
+ 2010, Brandon Mintern
+ 2010, Carl Eugen Hoyos
+ 2010, Daniel G. Taylor <dan@programmer-art.org>
+ 2010, Francesco Lavra <francescolavra@interfree.it>
+ 2010, Holger Lubitz
+ 2010, Jacob Meuser
+ 2010, Jason Garrett-Glaser <darkshikari@gmail.com>
+ 2010, Josh Allmann
+ 2010, Marcelo Galvao Povoa
+ 2010, Mark Nauwelaerts
+ 2010, Michael Chinen
+ 2010, Michele Orrù
+ 2010, Mohamed Naufal Basheer <naufal11@gmail.com>
+ 2010, Nolan Lum <nol888@gmail.com>
+ 2010, Rafael Carre
+ 2010, Rob Clark <rob@ti.com>
+ 2010, Sebastian Vater <cdgs.basty@googlemail.com>
+ 2010, S.N. Hemanth Meenakshisundaram
+ 2010, Tomas Härdin
+ 2011-2012, Daniel Kang
+ 2011-2012, Derek Buitenhuis
+ 2011-2012, Mashiat Sarker Shakkhar
+ 2011-2012, Paul B Mahol
+ 2011, Andreas Öman
+ 2011, Juan Carlos Rodriguez <ing.juancarlosrodriguez@hotmail.com>
+ 2011, Kieran Kunhya <kieran@kunhya.com>
+ 2011, Mark Himsley
+ 2011, Matthew Hoops <clone2727@gmail.com>
+ 2011, Max Horn
+ 2011, Michael Bradshaw <mbradshaw@sorensonmedia.com>
+ 2011, Michael Karcher
+ 2011, Mina Nagy Zaki
+ 2011, Miroslav Slugeň <Thunder.m@seznam.cz>
+ 2011, MirriAd Ltd
+ 2011, Sebastien Zwickert
+ 2011, Sven Hesse <drmccoy@drmccoy.de>
+ 2012, Aneesh Dogra (lionaneesh) <lionaneesh@gmail.com>
+ 2012, Antti Seppälä
+ 2012, Christophe Gisquet <christophe.gisquet@gmail.com>
+ 2012, Jan Ekström
+ 2012, Samuel Pitoiset
+ CMU 1993, Computer Science, Speech Group Chengxiang Lu and Alex
+ Hauptmann
+ Sebastien Bechet <s.bechet@av7.net>
+License: LGPL-2.1+~Libav
+Comments:
+ Some copyright holder details extracted from referenced sources at
+ <http://samples.libav.org/A-codecs/Nelly_Moser/ASAO/ASAO.zip>.
+
+Files: doc/doxy/doxy_stylesheet.css
+Copyright: 2012, Twitter, Inc
+License: Apache-2.0
+
+Files: libavcodec/jfdctfst.c
+ libavcodec/jfdctint_template.c
+ libavcodec/jrevdct.c
+Copyright: 1991-1996, Thomas G. Lane
+License: IJG
+
+Files: libavdevice/x11grab.c
+ libavfilter/yadif.h
+ libavfilter/vf_blackframe.c
+ libavfilter/vf_boxblur.c
+ libavfilter/vf_cropdetect.c
+ libavfilter/vf_delogo.c
+ libavfilter/vf_hqdn3d.c
+ libavfilter/vf_yadif.c
+ libavfilter/x86/yadif.c
+ libavfilter/x86/yadif_template.c
+Copyright: 1997-1998, Rasca, Berlin
+ 2000-2001, Fabrice Bellard
+ 2002-2003, Brian J. Murrell
+ 2002,2006-2010 Michael Niedermayer <michaelni@gmx.at>
+ 2002, A'rpi
+ 2002, Jindrich Makovicka <makovick@gmail.com>
+ 2003-2004 Karl H. Beckers, Frankfurt
+ 2003, Daniel Moreno <comac@comac.darktech.org>
+ 2006, Clemens Fruhwirth <clemens@endorphin.org>
+ 2006, Edouard Gomez <ed.gomez@free.fr>
+ 2006, Ivo van Poorten
+ 2006, Julian Hall
+ 2010-2011, Stefano Sabatini
+ 2010, Baptiste Coudurier
+ 2012, Loren Merritt
+License: GPL-2+~Libav
+
+Files: doc/texi2pod.pl
+Copyright: 1999-2001, Free Software Foundation, Inc
+License: GPL-2+~GCC
+
+Files:
+ libavcodec/arm/jrevdct_arm.S
+ libavcodec/nellymoser.c
+ libavcodec/nellymoserdec.c
+ libavcodec/nellymoser.h
+ libavcodec/x86/vc1dsp_init.c
+ libavcodec/x86/vc1dsp_mmx.c
+ libavformat/metadata-example.c
+ libavformat/oggdec.c
+ libavformat/oggdec.h
+ libavformat/oggparseogm.c
+ libavformat/oggparsespeex.c
+ libavformat/oggparsetheora.c
+ libavformat/oggparsevorbis.c
+ libavformat/output-example.c
+Copyright: 2005, Alex Beregszaszi
+ 2001, Lionel Ulmer <lionel.ulmer@free.fr> / <bbrox@bbrox.org>
+ 2003, Fabrice Bellard
+ 2005, Matthieu CASTET
+ 2005, Michael Ahlberg
+ 2005, Måns Rullgård
+ 2007, 520e17cd55896441042b14df2566a6eb610ed444
+ 2007, 539459aeb7d425140b62a3ec7dbf6dc8e408a306
+ 2007, a840bda5870ba11f19698ff6eb9581dfb0f95fa5
+ 2007, Benjamin Larsson
+ 2007, Christophe GISQUET <christophe.gisquet@free.fr>
+ 2007, Loic Minier <lool@dooz.org>
+ 2008, Reimar Döffinger <Reimar.Doeffinger@gmx.de>
+ 2011, Reinhard Tartler
+License: Expat
+
+Files: libavcodec/faandct.c
+ libavcodec/zerocodec.c
+Copyright: 2003, Michael Niedermayer <michaelni@gmx.at>
+ 2003, Roman Shaposhnik
+ 2012, Derek Buitenhuis
+License: ISC
+
+Files: libavcodec/arm/vp8dsp_armv6.S
+Copyright: 2010, Google Inc
+ 2010, Rob Clark <rob@ti.com>
+ 2011, Mans Rullgard <mans@mansr.com>
+License: BSD-3-clause~Google and LGPL-2.1+~Libav
+
+Files: libavutil/adler32.c
+Copyright: 1995, Mark Adler
+License: Zlib
+
+License: LGPL-2.1+~Libav
+ Libav is free software; you can redistribute it and/or modify it under
+ the terms of the GNU Lesser General Public License as published by the
+ Free Software Foundation; either version 2.1 of the License, or (at
+ your option) any later version.
+ .
+ Libav is distributed in the hope that it will be useful, but WITHOUT
+ ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
+ License for more details.
+ .
+ Comment:
+ .
+ On Debian systems the 'GNU Lesser General Public License' version 2.1
+ is located in '/usr/share/common-licenses/LGPL-2.1'.
+ .
+ You should have received a copy of the 'GNU Lesser General Public
+ License' along with this program. If not, see
+ <http://www.gnu.org/licenses/>.
+
+License: GPL-2+~Libav
+ Libav is free software; you can redistribute it and/or modify it under
+ the terms of the GNU General Public License as published by the Free
+ Software Foundation; either version 2 of the License, or (at your
+ option) any later version.
+ .
+ Libav is distributed in the hope that it will be useful, but WITHOUT
+ ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ for more details.
+ .
+ Comment:
+ .
+ On Debian systems the 'GNU General Public License' version 2 is located
+ in '/usr/share/common-licenses/GPL-2'.
+ .
+ You should have received a copy of the 'GNU General Public License'
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+License: GPL-2+~GCC
+ GNU CC is free software; you can redistribute it and/or modify it under
+ the terms of the GNU General Public License as published by the Free
+ Software Foundation; either version 2, or (at your option) any later
+ version.
+ .
+ GNU CC is distributed in the hope that it will be useful, but WITHOUT
+ ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ for more details.
+
+License: Apache-2.0
+ Licensed under the Apache License v2.0
+ .
+ http://www.apache.org/licenses/LICENSE-2.0
+ .
+ Comment:
+ .
+ On Debian systems the 'Apache License' version 2.0 is located in
+ '/usr/share/common-licenses/Apache-2.0'.
+
+License: IJG
+ Permission is hereby granted to use, copy, modify, and distribute this
+ software (or portions thereof) for any purpose, without fee, subject to
+ these conditions:
+ .
+ (1) If any part of the source code for this software is distributed,
+ then this README file must be included, with this copyright and
+ no-warranty notice unaltered; and any additions, deletions, or changes
+ to the original files must be clearly indicated in accompanying
+ documentation.
+ .
+ (2) If only executable code is distributed, then the accompanying
+ documentation must state that "this software is based in part on the
+ work of the Independent JPEG Group".
+ .
+ (3) Permission for use of this software is granted only if the user
+ accepts full responsibility for any undesirable consequences; the
+ authors accept NO LIABILITY for damages of any kind.
+ .
+ These conditions apply to any software derived from or based on the IJG
+ code, not just to the unmodified library. If you use our work, you
+ ought to acknowledge us.
+ .
+ Permission is NOT granted for the use of any IJG author's name or
+ company name in advertising or publicity relating to this software or
+ products derived from it. This software may be referred to only as
+ "the Independent JPEG Group's software".
+ .
+ We specifically permit and encourage the use of this software as the
+ basis of commercial products, provided that all warranty or liability
+ claims are assumed by the product vendor.
+
+License: BSD-3-clause~Google
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are
+ met:
+ .
+ * Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ .
+ * Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ .
+ * Neither the name of Google nor the names of its contributors may be
+ used to endorse or promote products derived from this software
+ without specific prior written permission.
+ .
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
+ IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+License: Zlib
+ This software is provided 'as-is', without any express or implied
+ warranty. In no event will the authors be held liable for any damages
+ arising from the use of this software.
+ .
+ Permission is granted to anyone to use this software for any purpose,
+ including commercial applications, and to alter it and redistribute it
+ freely, subject to the following restrictions:
+ .
+ 1. The origin of this software must not be misrepresented; you must not
+ claim that you wrote the original software. If you use this software
+ in a product, an acknowledgment in the product documentation would
+ be appreciated but is not required.
+ 2. Altered source versions must be plainly marked as such, and must not
+ be misrepresented as being the original software.
+ 3. This notice may not be removed or altered from any source
+ distribution.
+
+License: Expat
+ Permission is hereby granted, free of charge, to any person obtaining a
+ copy of this software and associated documentation files (the
+ "Software"), to deal in the Software without restriction, including
+ without limitation the rights to use, copy, modify, merge, publish,
+ distribute, sublicense, and/or sell copies of the Software, and to
+ permit persons to whom the Software is furnished to do so, subject to
+ the following conditions:
+ .
+ The above copyright notice and this permission notice shall be included
+ in all copies or substantial portions of the Software.
+ .
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+ OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ IN NO EVENT SHALL THE COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
+ DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
+ OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR
+ THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+License: ISC
+ Permission to use, copy, modify, and/or distribute this software for
+ any purpose with or without fee is hereby granted, provided that the
+ above copyright notice and this permission notice appear in all copies.
+ .
+ THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL
+ WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
+ WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR
+ BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES
+ OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS,
+ WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION,
+ ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ SOFTWARE.
--- /dev/null
+[DEFAULT]
+upstream-branch = upstream.jessie
+debian-branch = jessie
+upstream-tag = upstream/%(version)s
+debian-tag = debian/%(version)s
+pristine-tar = True
+compression = xz
+
--- /dev/null
+#!/bin/sh
+
+# small helper script to learn about library sonames
+# adapted from upstream's configure script
+
+# Avoid locale weirdness, besides we really just want to translate ASCII.
+toupper(){
+ echo "$@" | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ
+}
+
+get_version(){
+ lcname=${1}
+ name=$(toupper $lcname)
+ file=$lcname/version.h
+ eval $(awk "/#define ${name}_VERSION_M/ { print \$2 \"=\" \$3 }" "$file")
+ eval ${name}_VERSION=\$${name}_VERSION_MAJOR.\$${name}_VERSION_MINOR.\$${name}_VERSION_MICRO
+ eval echo "${lcname}_VERSION=\$${name}_VERSION"
+ eval echo "${lcname}_VERSION_MAJOR=\$${name}_VERSION_MAJOR"
+ eval echo "${lcname}_VERSION_MINOR=\$${name}_VERSION_MINOR"
+}
+
+get_version "$1"
+
--- /dev/null
+Document: libav-doc
+Title: Libav API Documentation
+Author: Libav Developers
+Abstract: This is the main documentation for the Libav API.
+Section: Programming
+
+Format: HTML
+Index: /usr/share/doc/libav-doc/html/index.html
+Files: /usr/share/doc/libav-doc/html/*.html
--- /dev/null
+etc
+usr/bin/av*
+usr/bin/qt-faststart
+usr/share/avconv/*.avpreset
+usr/share/man/man1/av*
+usr/share/doc/libav/*.html
--- /dev/null
+rm_conffile /etc/avserver.conf 6:10.2-1~
--- /dev/null
+doc/examples/*.c
--- /dev/null
+usr/include/libavcodec
+usr/lib/@DEB_HOST_MULTIARCH@/libavcodec.a
+usr/lib/@DEB_HOST_MULTIARCH_OPT@/libavcodec.so
+usr/lib/@DEB_HOST_MULTIARCH@/pkgconfig/libavcodec.pc
--- /dev/null
+usr/lib/@DEB_HOST_MULTIARCH_OPT@/libavcodec.so.*
--- /dev/null
+# This is the sister package of libavcodec56
+libavcodec-extra-56: package-name-doesnt-match-sonames
+libavcodec-extra-56: shlib-with-non-pic-code
--- /dev/null
+usr/lib/@DEB_HOST_MULTIARCH_OPT@/libavcodec.so.*
--- /dev/null
+# Overriding these fpic lintian errors. Please see bug #528080.
+libavcodec56: shlib-with-non-pic-code
--- /dev/null
+usr/include/libavdevice
+usr/lib/@DEB_HOST_MULTIARCH@/libavdevice.a
+usr/lib/@DEB_HOST_MULTIARCH_OPT@/libavdevice.so
+usr/lib/@DEB_HOST_MULTIARCH@/pkgconfig/libavdevice.pc
--- /dev/null
+usr/lib/@DEB_HOST_MULTIARCH_OPT@/libavdevice.so.*
--- /dev/null
+# Overriding these fpic lintian errors. Please see bug #528080.
+libavdevice55: shlib-with-non-pic-code
--- /dev/null
+usr/include/libavfilter
+usr/lib/@DEB_HOST_MULTIARCH@/libavfilter.a
+usr/lib/@DEB_HOST_MULTIARCH_OPT@/libavfilter.so
+usr/lib/@DEB_HOST_MULTIARCH@/pkgconfig/libavfilter.pc
--- /dev/null
+usr/lib/@DEB_HOST_MULTIARCH_OPT@/libavfilter.so.*
--- /dev/null
+# Overriding these fpic lintian errors. Please see bug #528080.
+libavfilter5: shlib-with-non-pic-code
--- /dev/null
+usr/include/libavformat
+usr/lib/@DEB_HOST_MULTIARCH@/libavformat.a
+usr/lib/@DEB_HOST_MULTIARCH_OPT@/libavformat.so
+usr/lib/@DEB_HOST_MULTIARCH@/pkgconfig/libavformat.pc
--- /dev/null
+usr/lib/@DEB_HOST_MULTIARCH_OPT@/libavformat.so.*
--- /dev/null
+# Overriding these fpic lintian errors. Please see bug #528080.
+libavformat56: shlib-with-non-pic-code
--- /dev/null
+usr/include/libavresample
+usr/lib/@DEB_HOST_MULTIARCH@/libavresample.a
+usr/lib/@DEB_HOST_MULTIARCH_OPT@/libavresample.so
+usr/lib/@DEB_HOST_MULTIARCH@/pkgconfig/libavresample.pc
--- /dev/null
+usr/lib/@DEB_HOST_MULTIARCH_OPT@/libavresample.so.*
--- /dev/null
+# Overriding these fpic lintian errors. Please see bug #528080.
+libavresample2: shlib-with-non-pic-code
--- /dev/null
+usr/include/libavutil
+usr/lib/@DEB_HOST_MULTIARCH@/libavutil.a
+usr/lib/@DEB_HOST_MULTIARCH_OPT@/libavutil.so
+usr/lib/@DEB_HOST_MULTIARCH@/pkgconfig/libavutil.pc
--- /dev/null
+usr/lib/@DEB_HOST_MULTIARCH_OPT@/libavutil.so.*
--- /dev/null
+# Overriding these fpic lintian errors. Please see bug #528080.
+libavutil54: shlib-with-non-pic-code
--- /dev/null
+usr/include/libswscale
+usr/lib/@DEB_HOST_MULTIARCH@/libswscale.a
+usr/lib/@DEB_HOST_MULTIARCH_OPT@/libswscale.so
+usr/lib/@DEB_HOST_MULTIARCH@/pkgconfig/libswscale.pc
--- /dev/null
+usr/lib/@DEB_HOST_MULTIARCH_OPT@/libswscale.so.*
--- /dev/null
+# Overriding these fpic lintian errors. Please see bug #528080.
+libswscale3: shlib-with-non-pic-code
--- /dev/null
+Description: Disable ebx_available on i586
+Author: Sebastian Ramacher <sramacher@debian.org>,
+ Bernhard Übelacker <bernhardu@vr-web.de>
+Bug: https://bugzilla.libav.org/show_bug.cgi?id=850
+Bug-Debian: https://bugs.debian.org/783082
+Last-Update: 2015-05-05
+
+--- a/configure
++++ b/configure
+@@ -3978,6 +3978,15 @@
+ check_inline_asm ebx_available '""::"b"(0)' &&
+ check_inline_asm ebx_available '"":::"%ebx"'
+
++ # workaround for debian#783082 / libav#850
++ if enabled gcc; then
++ case $($cc -dumpversion) in
++ 4.9.*|5.*)
++ disable ebx_available
++ ;;
++ esac
++ fi
++
+ # check whether xmm clobbers are supported
+ check_inline_asm xmm_clobbers '"":::"%xmm0"'
+
--- /dev/null
+Author: Reinhard Tartler <siretart@tauware.de>
+Description: Disable configuration output warnings
+Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=619530
+Bug-Ubuntu: https://launchpad.net/bugs/765357
+Forwarded: not-needed
+
+--- a/cmdutils.c
++++ b/cmdutils.c
+@@ -765,7 +765,9 @@ void print_error(const char *filename, i
+ av_log(NULL, AV_LOG_ERROR, "%s: %s\n", filename, errbuf_ptr);
+ }
+
+-static int warned_cfg = 0;
++// Debian/Ubuntu: see http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=619530
++// https://launchpad.net/bugs/765357
++static int warned_cfg = 1;
+
+ #define INDENT 1
+ #define SHOW_VERSION 2
--- /dev/null
+From 105654e376a736d243aef4a1d121abebce912e6b Mon Sep 17 00:00:00 2001
+From: Michael Niedermayer <michaelni@gmx.at>
+Date: Fri, 3 Oct 2014 04:30:58 +0200
+Subject: [PATCH] avcodec/utils: Add case for jv to avcodec_align_dimensions2()
+
+Fixes out of array accesses
+Fixes: asan_heap-oob_12304aa_8_asan_heap-oob_4da4f3_300_intro.jv
+
+Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
+Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
+---
+ libavcodec/utils.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+--- a/libavcodec/utils.c
++++ b/libavcodec/utils.c
+@@ -254,6 +254,10 @@
+ w_align = 4;
+ h_align = 4;
+ }
++ if (s->codec_id == AV_CODEC_ID_JV) {
++ w_align = 8;
++ h_align = 8;
++ }
+ break;
+ case AV_PIX_FMT_BGR24:
+ if ((s->codec_id == AV_CODEC_ID_MSZH) ||
--- /dev/null
+From: Michael Niedermayer <michaelni@gmx.at>
+Date: Wed, 26 Nov 2014 14:45:47 +0000 (+0100)
+Subject: avcodec/pngdec: Check IHDR/IDAT order
+X-Git-Tag: n2.5~151
+X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=79ceaf827be0b070675d4cd0a55c3386542defd8
+
+avcodec/pngdec: Check IHDR/IDAT order
+
+Fixes out of array access
+Fixes: asan_heap-oob_20a6c26_2690_cov_3434532168_mail.png
+Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
+Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
+
+[sunweaver] - Port this commit to libav in Debian jessie.
+---
+
+--- a/libavcodec/pngdec.c
++++ b/libavcodec/pngdec.c
+@@ -445,6 +445,12 @@
+ case MKTAG('I', 'H', 'D', 'R'):
+ if (length != 13)
+ goto fail;
++
++ if (s->state & PNG_IDAT) {
++ av_log(avctx, AV_LOG_ERROR, "IHDR after IDAT\n");
++ goto fail;
++ }
++
+ s->width = bytestream2_get_be32(&s->gb);
+ s->height = bytestream2_get_be32(&s->gb);
+ if (av_image_check_size(s->width, s->height, 0, avctx)) {
--- /dev/null
+From 3859868c75313e318ebc5d0d33baada62d45dd75 Mon Sep 17 00:00:00 2001
+From: Michael Niedermayer <michaelni@gmx.at>
+Date: Tue, 6 Jan 2015 04:29:10 +0100
+Subject: [PATCH] avformat/mov: fix integer overflow in mov_read_udta_string()
+
+Found-by: Paul Mehta <paul@paulmehta.com>
+Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
+---
+ libavformat/mov.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/libavformat/mov.c
++++ b/libavformat/mov.c
+@@ -337,7 +337,7 @@
+
+ if (!key)
+ return 0;
+- if (atom.size < 0)
++ if (atom.size < 0 || str_size >= INT_MAX/2)
+ return AVERROR_INVALIDDATA;
+
+ str_size = FFMIN3(sizeof(str)-1, str_size, atom.size);
--- /dev/null
+From fabbfaa095660982cc0bc63242c459561fa37037 Mon Sep 17 00:00:00 2001
+From: Michael Niedermayer <michaelni@gmx.at>
+Date: Wed, 4 Feb 2015 20:48:30 +0100
+Subject: [PATCH] avcodec/mjpegdec: Check number of components for JPEG-LS
+
+Fixes out of array accesses
+Fixes: asan_heap-oob_1c1a4ea_1242_cov_2274415971_TESTcmyk.jpg
+
+Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
+Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
+---
+ libavcodec/mjpegdec.c | 7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+
+--- a/libavcodec/mjpegdec.c
++++ b/libavcodec/mjpegdec.c
+@@ -375,8 +375,12 @@
+ return AVERROR_PATCHWELCOME;
+ }
+ if (s->ls) {
+- if (s->nb_components > 1)
++ if (s->nb_components == 3) {
+ s->avctx->pix_fmt = AV_PIX_FMT_RGB24;
++ } else if (s->nb_components != 1) {
++ av_log(s->avctx, AV_LOG_ERROR, "Unsupported number of components %d\n", s->nb_components);
++ return AVERROR_PATCHWELCOME;
++ }
+ else if (s->bits <= 8)
+ s->avctx->pix_fmt = AV_PIX_FMT_GRAY8;
+ else
--- /dev/null
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Wed, 30 Sep 2015 11:10:48 +0000 (+0200)
+Subject: avcodec/vp8: Do not use num_coeff_partitions in thread/buffer setup
+X-Git-Tag: n3.0~2422
+X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=dabea74d0e82ea80cd344f630497cafcb3ef872c
+
+avcodec/vp8: Do not use num_coeff_partitions in thread/buffer setup
+
+The variable is not a constant and can lead to race conditions
+
+Fixes: repro.webm (not reproducable with FFmpeg alone)
+
+Found-by: Dale Curtis <dalecurtis@google.com>
+Tested-by: Dale Curtis <dalecurtis@google.com>
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+---
+
+--- a/libavcodec/vp8.c
++++ b/libavcodec/vp8.c
+@@ -156,7 +156,7 @@
+ s->mb_height = (s->avctx->coded_height + 15) / 16;
+
+ s->mb_layout = is_vp7 || avctx->active_thread_type == FF_THREAD_SLICE &&
+- FFMIN(s->num_coeff_partitions, avctx->thread_count) > 1;
++ avctx->thread_count > 1;
+ if (!s->mb_layout) { // Frame threading and one thread
+ s->macroblocks_base = av_mallocz((s->mb_width + s->mb_height * 2 + 1) *
+ sizeof(*s->macroblocks));
--- /dev/null
+From: Michael Niedermayer <michaelni@gmx.at>
+Date: Mon, 29 Jun 2015 19:08:05 +0000 (+0200)
+Subject: avcodec/pngdec: Only allow one IHDR chunk
+X-Git-Tag: n2.8~1342
+X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=47f4e2d8960ca756ca153ab8e3e93d80449b8c91
+
+avcodec/pngdec: Only allow one IHDR chunk
+
+Multiple IHDR chunks are forbidden in PNG
+Fixes inconsistency and out of array accesses
+
+Fixes: asan_heap-oob_4d5c5a_1738_cov_2638287726_c-m2-8f2b481b7fd9bd745e620b7c01a18df2.png
+
+Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
+Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
+---
+
+--- a/libavcodec/pngdec.c
++++ b/libavcodec/pngdec.c
+@@ -451,6 +451,11 @@
+ goto fail;
+ }
+
++ if (s->state & PNG_IHDR) {
++ av_log(avctx, AV_LOG_ERROR, "Multiple IHDR\n");
++ goto fail;
++ }
++
+ s->width = bytestream2_get_be32(&s->gb);
+ s->height = bytestream2_get_be32(&s->gb);
+ if (av_image_check_size(s->width, s->height, 0, avctx)) {
--- /dev/null
+From: Michael Niedermayer <michaelni@gmx.at>
+Date: Wed, 1 Jul 2015 00:05:43 +0000 (+0200)
+Subject: avcodec/aacsbr: check that the element type matches before applying SBR
+X-Git-Tag: n2.8~1308
+X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=79a98294da6cd85f8c86b34764c5e0c43b09eea3
+
+avcodec/aacsbr: check that the element type matches before applying SBR
+
+Fixes out of array access
+Fixes: signal_sigsegv_3670fc0_2818_cov_2307326154_moon.mux
+
+Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
+Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
+---
+
+--- a/libavcodec/aacsbr.c
++++ b/libavcodec/aacsbr.c
+@@ -1006,6 +1006,8 @@
+ {
+ unsigned int cnt = get_bits_count(gb);
+
++ sbr->id_aac = id_aac;
++
+ if (id_aac == TYPE_SCE || id_aac == TYPE_CCE) {
+ if (read_sbr_single_channel_element(ac, sbr, gb)) {
+ sbr_turnoff(sbr);
+@@ -1658,6 +1660,12 @@
+ int nch = (id_aac == TYPE_CPE) ? 2 : 1;
+ int err;
+
++ if (id_aac != sbr->id_aac) {
++ av_log(ac->avctx, AV_LOG_ERROR,
++ "element type mismatch %d != %d\n", id_aac, sbr->id_aac);
++ sbr_turnoff(sbr);
++ }
++
+ if (!sbr->kx_and_m_pushed) {
+ sbr->kx[0] = sbr->kx[1];
+ sbr->m[0] = sbr->m[1];
+--- a/libavcodec/sbr.h
++++ b/libavcodec/sbr.h
+@@ -114,6 +114,7 @@
+ typedef struct SpectralBandReplication {
+ int sample_rate;
+ int start;
++ int id_aac;
+ int reset;
+ SpectrumParameters spectrum_params;
+ int bs_amp_res_header;
--- /dev/null
+From: Michael Niedermayer <michaelni@gmx.at>
+Date: Thu, 9 Jul 2015 20:16:15 +0000 (+0200)
+Subject: avcodec/mpegvideo: Clear pointers in ff_mpv_common_init()
+X-Git-Tag: n2.8~1148
+X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=b160fc290cf49b516c5b6ee0730fd9da7fc623b1
+
+avcodec/mpegvideo: Clear pointers in ff_mpv_common_init()
+
+This ensures that no stale pointers leak through on any path
+
+Fixes: signal_sigsegv_c3097a_991_xtrem_e2_m64q15_a32sxx.3gp
+
+Found-by: Samuel Groß, Mateusz "j00ru" Jurczyk and Gynvael Coldwind
+Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
+---
+
+--- a/libavcodec/mpegvideo.c
++++ b/libavcodec/mpegvideo.c
+@@ -1228,6 +1228,82 @@
+ return AVERROR(ENOMEM);
+ }
+
++static void clear_context(MpegEncContext *s)
++{
++ int i, j, k;
++
++ memset(&s->next_picture, 0, sizeof(s->next_picture));
++ memset(&s->last_picture, 0, sizeof(s->last_picture));
++ memset(&s->current_picture, 0, sizeof(s->current_picture));
++ memset(&s->new_picture, 0, sizeof(s->new_picture));
++
++ memset(s->thread_context, 0, sizeof(s->thread_context));
++
++ s->me.map = NULL;
++ s->me.score_map = NULL;
++ s->dct_error_sum = NULL;
++ s->block = NULL;
++ s->blocks = NULL;
++ memset(s->pblocks, 0, sizeof(s->pblocks));
++ s->ac_val_base = NULL;
++ s->ac_val[0] =
++ s->ac_val[1] =
++ s->ac_val[2] =NULL;
++ s->edge_emu_buffer = NULL;
++ s->me.scratchpad = NULL;
++ s->me.temp =
++ s->rd_scratchpad =
++ s->b_scratchpad =
++ s->obmc_scratchpad = NULL;
++
++ s->parse_context.buffer = NULL;
++ s->parse_context.buffer_size = 0;
++ s->bitstream_buffer = NULL;
++ s->allocated_bitstream_buffer_size = 0;
++ s->picture = NULL;
++ s->mb_type = NULL;
++ s->p_mv_table_base = NULL;
++ s->b_forw_mv_table_base = NULL;
++ s->b_back_mv_table_base = NULL;
++ s->b_bidir_forw_mv_table_base = NULL;
++ s->b_bidir_back_mv_table_base = NULL;
++ s->b_direct_mv_table_base = NULL;
++ s->p_mv_table = NULL;
++ s->b_forw_mv_table = NULL;
++ s->b_back_mv_table = NULL;
++ s->b_bidir_forw_mv_table = NULL;
++ s->b_bidir_back_mv_table = NULL;
++ s->b_direct_mv_table = NULL;
++ for (i = 0; i < 2; i++) {
++ for (j = 0; j < 2; j++) {
++ for (k = 0; k < 2; k++) {
++ s->b_field_mv_table_base[i][j][k] = NULL;
++ s->b_field_mv_table[i][j][k] = NULL;
++ }
++ s->b_field_select_table[i][j] = NULL;
++ s->p_field_mv_table_base[i][j] = NULL;
++ s->p_field_mv_table[i][j] = NULL;
++ }
++ s->p_field_select_table[i] = NULL;
++ }
++
++ s->dc_val_base = NULL;
++ s->coded_block_base = NULL;
++ s->mbintra_table = NULL;
++ s->cbp_table = NULL;
++ s->pred_dir_table = NULL;
++
++ s->mbskip_table = NULL;
++
++ s->er.error_status_table = NULL;
++ s->er.er_temp_buffer = NULL;
++ s->mb_index2xy = NULL;
++ s->lambda_table = NULL;
++
++ s->cplx_tab = NULL;
++ s->bits_tab = NULL;
++}
++
+ /**
+ * init common structure for both encoder and decoder.
+ * this assumes that some variables like width/height are already set
+@@ -1239,6 +1315,8 @@
+ s->avctx->active_thread_type & FF_THREAD_SLICE) ?
+ s->avctx->thread_count : 1;
+
++ clear_context(s);
++
+ if (s->encoding && s->avctx->slices)
+ nb_slices = s->avctx->slices;
+
+@@ -1290,10 +1368,6 @@
+ if (!s->picture[i].f)
+ goto fail;
+ }
+- memset(&s->next_picture, 0, sizeof(s->next_picture));
+- memset(&s->last_picture, 0, sizeof(s->last_picture));
+- memset(&s->current_picture, 0, sizeof(s->current_picture));
+- memset(&s->new_picture, 0, sizeof(s->new_picture));
+ s->next_picture.f = av_frame_alloc();
+ if (!s->next_picture.f)
+ goto fail;
--- /dev/null
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Mon, 13 Jul 2015 14:05:21 +0000 (+0200)
+Subject: avcodec/sanm: Reset sizes in destroy_buffers()
+X-Git-Tag: n2.8~1072
+X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=39bbdebb1ed8eb9c9b0cd6db85afde6ba89d86e4
+
+avcodec/sanm: Reset sizes in destroy_buffers()
+
+Fixes crash in 1288a2fe8e9ae6b00ca40e089d08ca65_signal_sigsegv_7ffff71426a7_354_accident.san with allocation limit 65536
+
+Found-by: Samuel Groß, Mateusz "j00ru" Jurczyk and Gynvael Coldwind
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+---
+
+--- a/libavcodec/sanm.c
++++ b/libavcodec/sanm.c
+@@ -406,6 +406,7 @@
+ ctx->frm0_size =
+ ctx->frm1_size =
+ ctx->frm2_size = 0;
++ init_sizes(ctx, 0, 0);
+ }
+
+ static av_cold int init_buffers(SANMVideoContext *ctx)
--- /dev/null
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Mon, 13 Jul 2015 13:46:10 +0000 (+0200)
+Subject: avcodec/alac: Clear pointers in allocate_buffers()
+X-Git-Tag: n2.8~1073
+X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=f7068bf277a37479aecde2832208d820682b35e6
+
+avcodec/alac: Clear pointers in allocate_buffers()
+
+Fixes: 06a4edb39ad8a9883175f9bd428334a2_signal_sigsegv_7ffff713351a_706_mov__alac__ALAC_6ch.mov
+
+Found-by: Samuel Groß, Mateusz "j00ru" Jurczyk and Gynvael Coldwind
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+---
+
+--- a/libavcodec/alac.c
++++ b/libavcodec/alac.c
+@@ -482,6 +482,12 @@
+ int ch;
+ int buf_size = alac->max_samples_per_frame * sizeof(int32_t);
+
++ for (ch = 0; ch < 2; ch++) {
++ alac->predict_error_buffer[ch] = NULL;
++ alac->output_samples_buffer[ch] = NULL;
++ alac->extra_bits_buffer[ch] = NULL;
++ }
++
+ for (ch = 0; ch < FFMIN(alac->channels, 2); ch++) {
+ FF_ALLOC_OR_GOTO(alac->avctx, alac->predict_error_buffer[ch],
+ buf_size, buf_alloc_fail);
--- /dev/null
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Wed, 15 Jul 2015 17:20:19 +0000 (+0200)
+Subject: swscale/utils: Clear pix buffers
+X-Git-Tag: n2.8~1024
+X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=a5d44d5c220e12ca0cb7a4eceb0f74759cb13111
+
+swscale/utils: Clear pix buffers
+
+Fixes use of uninitialized memory
+Fixes: a96874b9466b6edc660a519c7ad47977_signal_sigsegv_7ffff713351a_744_nc_sample.avi with memlimit 2147483648
+
+Found-by: Samuel Groß, Mateusz "j00ru" Jurczyk and Gynvael Coldwind
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+---
+
+--- a/libswscale/utils.c
++++ b/libswscale/utils.c
+@@ -1217,9 +1217,9 @@
+
+ /* Allocate pixbufs (we use dynamic allocation because otherwise we would
+ * need to allocate several megabytes to handle all possible cases) */
+- FF_ALLOC_OR_GOTO(c, c->lumPixBuf, c->vLumBufSize * 3 * sizeof(int16_t *), fail);
+- FF_ALLOC_OR_GOTO(c, c->chrUPixBuf, c->vChrBufSize * 3 * sizeof(int16_t *), fail);
+- FF_ALLOC_OR_GOTO(c, c->chrVPixBuf, c->vChrBufSize * 3 * sizeof(int16_t *), fail);
++ FF_ALLOCZ_OR_GOTO(c, c->lumPixBuf, c->vLumBufSize * 3 * sizeof(int16_t *), fail);
++ FF_ALLOCZ_OR_GOTO(c, c->chrUPixBuf, c->vChrBufSize * 3 * sizeof(int16_t *), fail);
++ FF_ALLOCZ_OR_GOTO(c, c->chrVPixBuf, c->vChrBufSize * 3 * sizeof(int16_t *), fail);
+ if (CONFIG_SWSCALE_ALPHA && isALPHA(c->srcFormat) && isALPHA(c->dstFormat))
+ FF_ALLOCZ_OR_GOTO(c, c->alpPixBuf, c->vLumBufSize * 3 * sizeof(int16_t *), fail);
+ /* Note we need at least one pixel more at the end because of the MMX code
--- /dev/null
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Thu, 16 Jul 2015 09:52:33 +0000 (+0200)
+Subject: avcodec/pthread_frame: clear priv_data, avoid stale pointer in error case
+X-Git-Tag: n2.8~1010
+X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=f1a38264f20382731cf2cc75fdd98f4c9a84a626
+
+avcodec/pthread_frame: clear priv_data, avoid stale pointer in error case
+
+Fixes: b4b47bc2b3fb7ca710bfffe5aa969e37_signal_sigabrt_7ffff70eccc9_744_nc_sample2.avi with memlimit of 4194304
+
+Found-by: Samuel Groß, Mateusz "j00ru" Jurczyk and Gynvael Coldwind
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+---
+
+--- a/libavcodec/pthread_frame.c
++++ b/libavcodec/pthread_frame.c
+@@ -616,6 +616,7 @@
+
+ copy->internal = av_malloc(sizeof(AVCodecInternal));
+ if (!copy->internal) {
++ copy->priv_data = NULL;
+ err = AVERROR(ENOMEM);
+ goto error;
+ }
--- /dev/null
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Sat, 18 Jul 2015 09:24:45 +0000 (+0200)
+Subject: avcodec/rv34: Clear pointers in ff_rv34_decode_init_thread_copy()
+X-Git-Tag: n2.8~958
+X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=3197c0aa87a3b7190e17d49e6fbc7b554e4b3f0a
+
+avcodec/rv34: Clear pointers in ff_rv34_decode_init_thread_copy()
+
+Avoids leaving stale pointers
+Fixes: signal_sigabrt_7ffff70eccc9_819_sabtriple.rm with memlimit 536870912
+
+Found-by: Samuel Groß, Mateusz "j00ru" Jurczyk and Gynvael Coldwind
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+---
+
+--- a/libavcodec/rv34.c
++++ b/libavcodec/rv34.c
+@@ -1525,7 +1525,14 @@
+
+ if (avctx->internal->is_copy) {
+ r->tmp_b_block_base = NULL;
++ r->cbp_chroma = NULL;
++ r->cbp_luma = NULL;
++ r->deblock_coefs = NULL;
++ r->intra_types_hist = NULL;
++ r->mb_type = NULL;
++
+ ff_mpv_idct_init(&r->s);
++
+ if ((err = ff_mpv_common_init(&r->s)) < 0)
+ return err;
+ if ((err = rv34_decoder_alloc(r)) < 0) {
--- /dev/null
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Wed, 4 Nov 2015 17:08:52 +0000 (+0100)
+Subject: avcodec/mjpegdec: Check index in ljpeg_decode_yuv_scan() before using it
+X-Git-Tag: n3.0~1729
+X-Git-Url: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=d24888ef19ba38b787b11d1ee091a3d94920c76a
+
+avcodec/mjpegdec: Check index in ljpeg_decode_yuv_scan() before using it
+
+Fixes: 04715144ba237443010554be0d05343f/asan_heap-oob_1eafc76_1737_c685b48041a563461839e4e7ab97abb8.jpg
+Fixes out of array access
+
+Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+
+[sunweaver] Re-based for libav 11.12 in Debian jessie LTS.
+
+---
+
+--- a/libavcodec/mjpegdec.c
++++ b/libavcodec/mjpegdec.c
+@@ -768,6 +768,10 @@
+
+ for (j = 0; j < n; j++) {
+ int pred;
++ if ( h * mb_x + x >= s->width
++ || v * mb_y + y >= s->height) {
++ // Nothing to do
++ } else {
+ // FIXME optimize this crap
+ ptr = s->picture_ptr->data[c] +
+ (linesize * (v * mb_y + y)) +
+@@ -788,6 +792,7 @@
+ if (s->interlaced && s->bottom_field)
+ ptr += linesize >> 1;
+ *ptr = pred + (mjpeg_decode_dc(s, s->dc_index[i]) << point_transform);
++ }
+
+ if (++x == h) {
+ x = 0;
--- /dev/null
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Thu, 5 Nov 2015 13:52:33 +0000 (+0100)
+Subject: avcodec/hevc_ps: Check chroma_format_idc
+X-Git-Tag: n3.0~1722
+X-Git-Url: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=93f30f825c08477fe8f76be00539e96014cc83c8
+
+avcodec/hevc_ps: Check chroma_format_idc
+
+Fixes out of array access
+Fixes: 24d05e8b84676799c735c9e27d97895e/asan_heap-oob_1b70f6a_2955_7c3652a7f370f9f3ef40642bc2c99bb2.bit
+
+Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+
+[sunweaver] Ported to libav 11.12 in Debian jessie LTS.
+
+---
+
+--- a/libavcodec/hevc_ps.c
++++ b/libavcodec/hevc_ps.c
+@@ -661,9 +661,9 @@
+ }
+
+ sps->chroma_format_idc = get_ue_golomb_long(gb);
+- if (sps->chroma_format_idc != 1) {
+- avpriv_report_missing_feature(s->avctx, "chroma_format_idc != 1\n");
+- ret = AVERROR_PATCHWELCOME;
++ if (sps->chroma_format_idc > 3u) {
++ av_log(s->avctx, AV_LOG_ERROR, "chroma_format_idc %d is invalid\n", sps->chroma_format_idc);
++ ret = AVERROR_INVALIDDATA;
+ goto err;
+ }
+
--- /dev/null
+
+m: Michael Niedermayer <michael@niedermayer.cc>
+Date: Fri, 13 Nov 2015 23:51:56 +0000 (+0100)
+Subject: avcodec/jpeg2000dec: Check for duplicate SIZ marker
+X-Git-Tag: n3.0~1580
+X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=44a7f17d0b20e6f8d836b2957e3e357b639f19a2
+
+avcodec/jpeg2000dec: Check for duplicate SIZ marker
+
+Fixes: 0231a17345734228011c6f35a64e4594/asan_heap-oob_1d92a72_3218_1213809a9e3affec77e4c191fdfdc0a9.mov
+
+Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+---
+
+--- a/libavcodec/jpeg2000dec.c
++++ b/libavcodec/jpeg2000dec.c
+@@ -1265,6 +1265,7 @@
+ }
+ av_freep(&s->tile);
+ s->numXtiles = s->numYtiles = 0;
++ s->ncomponents = 0;
+ }
+
+ static int jpeg2000_read_main_headers(Jpeg2000DecoderContext *s)
+@@ -1315,6 +1316,10 @@
+
+ switch (marker) {
+ case JPEG2000_SIZ:
++ if (s->ncomponents) {
++ av_log(s->avctx, AV_LOG_ERROR, "Duplicate SIZ\n");
++ return AVERROR_INVALIDDATA;
++ }
+ ret = get_siz(s);
+ break;
+ case JPEG2000_COC:
--- /dev/null
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Sat, 14 Nov 2015 01:36:22 +0000 (+0100)
+Subject: avcodec/ivi: Check image dimensions
+X-Git-Tag: n3.0~1578
+X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=df91aa034b82b77a3c4e01791f4a2b2ff6c82066
+
+avcodec/ivi: Check image dimensions
+
+Fixes integer overflow
+Fixes: 1e32c6c591d940337c20b197ec1c4d3d/asan_heap-oob_4a52e5_8946_0bb0d9e863def56005e49f1d89bdc94d.avi
+
+Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+---
+
+--- a/libavcodec/ivi_common.c
++++ b/libavcodec/ivi_common.c
+@@ -30,6 +30,7 @@
+
+ #define BITSTREAM_READER_LE
+ #include "libavutil/attributes.h"
++#include "libavutil/imgutils.h"
+ #include "libavutil/timer.h"
+ #include "avcodec.h"
+ #include "get_bits.h"
+@@ -312,7 +313,7 @@
+
+ ivi_free_buffers(planes);
+
+- if (cfg->pic_width < 1 || cfg->pic_height < 1 ||
++ if (av_image_check_size(cfg->pic_width, cfg->pic_height, 0, NULL) < 0 ||
+ cfg->luma_bands < 1 || cfg->chroma_bands < 1)
+ return AVERROR_INVALIDDATA;
+
--- /dev/null
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Tue, 24 Nov 2015 21:12:37 +0000 (+0100)
+Subject: avcodec/h264_slice: Limit max_contexts when slice_context_count is initialized
+X-Git-Tag: n3.0~1433
+X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=4ea4d2f438c9a7eba37980c9a87be4b34943e4d5
+
+avcodec/h264_slice: Limit max_contexts when slice_context_count is initialized
+
+Fixes out of array access
+Fixes: 1430e9c43fae47a24c179c7c54f94918/signal_sigsegv_421427_2049_f2192b6829ab6e0eefcb035329c03c60.264
+
+Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+---
+
+--- a/libavcodec/h264_slice.c
++++ b/libavcodec/h264_slice.c
+@@ -1118,6 +1118,7 @@
+ nb_slices = max_slices;
+ }
+ h->slice_context_count = nb_slices;
++ h->max_contexts = FFMIN(h->max_contexts, nb_slices);
+
+ if (!HAVE_THREADS || !(h->avctx->active_thread_type & FF_THREAD_SLICE)) {
+ ret = ff_h264_context_init(h);
--- /dev/null
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Fri, 27 Nov 2015 19:52:39 +0000 (+0100)
+Subject: avcodec/jpeg2000dwt: Check ndeclevels before calling dwt_decode*()
+X-Git-Tag: n3.0~1388
+X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=75422280fbcdfbe9dc56bde5525b4d8b280f1bc5
+
+avcodec/jpeg2000dwt: Check ndeclevels before calling dwt_decode*()
+
+Fixes out of array access
+Fixes: 01859c9a9ac6cd60a008274123275574/asan_heap-oob_1dff571_8250_50d3d1611e294c3519fd1fa82198b69b.avi
+
+Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+---
+
+--- a/libavcodec/jpeg2000dwt.c
++++ b/libavcodec/jpeg2000dwt.c
+@@ -334,6 +334,9 @@
+
+ int ff_dwt_decode(DWTContext *s, void *t)
+ {
++ if (s->ndeclevels == 0)
++ return 0;
++
+ switch (s->type) {
+ case FF_DWT97:
+ dwt_decode97_float(s, t);
--- /dev/null
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Sat, 28 Nov 2015 19:08:46 +0000 (+0100)
+Subject: avcodec/utils: Clear dimensions in ff_get_buffer() on failure
+X-Git-Tag: n3.0~1374
+X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=abee0a1c60612e8638640a8a3738fffb65e16dbf
+
+avcodec/utils: Clear dimensions in ff_get_buffer() on failure
+
+Fixes out of array access
+Fixes: 482d8f2fd17c9f532b586458a33f267c/asan_heap-oob_4a52b6_7417_1d08d477736d66cdadd833d146bb8bae.mov
+
+Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+
+[sunweaver] - manually adapted for Debian jessie's libav version which lacks the get_internal_buffer() symbol.
+---
+
+###
+### original patch from ffmpeg's Git repository:
+### http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=abee0a1c60612e8638640a8a3738fffb65e16dbf
+###
+#diff --git a/libavcodec/utils.c b/libavcodec/utils.c
+#index e018e445f4..d00dfae4ac 100644
+#--- a/libavcodec/utils.c
+#+++ b/libavcodec/utils.c
+#@@ -888,8 +888,10 @@ end:
+# int ff_get_buffer(AVCodecContext *avctx, AVFrame *frame, int flags)
+# {
+# int ret = get_buffer_internal(avctx, frame, flags);
+#- if (ret < 0)
+#+ if (ret < 0) {
+# av_log(avctx, AV_LOG_ERROR, "get_buffer() failed\n");
+#+ frame->width = frame->height = 0;
+#+ }
+# return ret;
+# }
+Index: libav-11.12-deb8u2/libavcodec/utils.c
+===================================================================
+--- libav-11.12-deb8u2.orig/libavcodec/utils.c
++++ libav-11.12-deb8u2/libavcodec/utils.c
+@@ -617,6 +617,10 @@ int ff_get_buffer(AVCodecContext *avctx,
+
+ switch (avctx->codec_type) {
+ case AVMEDIA_TYPE_VIDEO:
++ if (av_image_check_size(avctx->width, avctx->height, 0, avctx) < 0) {
++ frame->width = frame->height = 0;
++ return AVERROR(EINVAL);
++ }
+ if (frame->width <= 0 || frame->height <= 0) {
+ frame->width = FFMAX(avctx->width, avctx->coded_width);
+ frame->height = FFMAX(avctx->height, avctx->coded_height);
+@@ -634,9 +638,6 @@ int ff_get_buffer(AVCodecContext *avctx,
+ frame->sample_aspect_ratio.den);
+ frame->sample_aspect_ratio = (AVRational){ 0, 1 };
+ }
+-
+- if ((ret = av_image_check_size(avctx->width, avctx->height, 0, avctx)) < 0)
+- return ret;
+ break;
+ case AVMEDIA_TYPE_AUDIO:
+ if (!frame->sample_rate)
+@@ -670,8 +671,11 @@ int ff_get_buffer(AVCodecContext *avctx,
+ }
+
+ ret = ff_decode_frame_props(avctx, frame);
+- if (ret < 0)
++ if (ret < 0) {
++ if (avctx->codec_type == AVMEDIA_TYPE_VIDEO)
++ frame->width = frame->height = 0;
+ return ret;
++ }
+
+ if (hwaccel && hwaccel->alloc_frame) {
+ ret = hwaccel->alloc_frame(avctx, frame);
+@@ -696,8 +700,11 @@ FF_DISABLE_DEPRECATION_WARNINGS
+ frame->reference = 1;
+
+ ret = avctx->get_buffer(avctx, frame);
+- if (ret < 0)
++ if (ret < 0) {
++ if (avctx->codec_type == AVMEDIA_TYPE_VIDEO)
++ frame->width = frame->height = 0;
+ return ret;
++ }
+
+ /* return if the buffers are already set up
+ * this would happen e.g. when a custom get_buffer() calls
+@@ -789,6 +796,8 @@ fail:
+ avctx->release_buffer(avctx, frame);
+ av_freep(&priv);
+ av_buffer_unref(&dummy_buf);
++ if (avctx->codec_type == AVMEDIA_TYPE_VIDEO)
++ frame->width = frame->height = 0;
+ return ret;
+ }
+ FF_ENABLE_DEPRECATION_WARNINGS
+@@ -802,6 +811,9 @@ end:
+ frame->height = avctx->height;
+ }
+
++ if ((ret < 0) && (avctx->codec_type == AVMEDIA_TYPE_VIDEO))
++ frame->width = frame->height = 0;
++
+ return ret;
+ }
+
--- /dev/null
+From 3668701f96005f4f7fc3145c800911e39351c132 Mon Sep 17 00:00:00 2001
+From: Michael Niedermayer <michaelni@gmx.at>
+Date: Sun, 29 Mar 2015 00:33:35 +0100
+Subject: [PATCH] avformat/http: Return an error in case of prematurely ending
+ data
+
+Fixes Ticket 4039
+
+Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
+---
+ libavformat/http.c | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+--- a/libavformat/http.c
++++ b/libavformat/http.c
+@@ -707,6 +707,14 @@
+ s->filesize >= 0 && s->off >= s->filesize)
+ return AVERROR_EOF;
+ len = ffurl_read(s->hd, buf, size);
++ if (!len && (!s->willclose || s->chunksize < 0) &&
++ s->filesize >= 0 && s->off < s->filesize) {
++ av_log(h, AV_LOG_ERROR,
++ "Streams ends prematurly at %"PRId64", should be %"PRId64"\n",
++ s->off, s->filesize
++ );
++ return AVERROR(EIO);
++ }
+ }
+ if (len > 0) {
+ s->off += len;
--- /dev/null
+From 362c17e6563808ef48655e5ddf59a35b6497b8b2 Mon Sep 17 00:00:00 2001
+From: Rodger Combs <rodger.combs@gmail.com>
+Date: Sun, 18 Oct 2015 17:50:21 -0500
+Subject: [PATCH] lavf/http: fix incorrect warning in range requests
+
+---
+ libavformat/http.c | 7 ++++---
+ 1 file changed, 4 insertions(+), 3 deletions(-)
+
+--- a/libavformat/http.c
++++ b/libavformat/http.c
+@@ -703,15 +703,16 @@
+ memcpy(buf, s->buf_ptr, len);
+ s->buf_ptr += len;
+ } else {
++ int64_t target_end = s->end_off ? s->end_off : s->filesize;
+ if ((!s->willclose || s->chunksize < 0) &&
+- s->filesize >= 0 && s->off >= s->filesize)
++ target_end >= 0 && s->off >= target_end)
+ return AVERROR_EOF;
+ len = ffurl_read(s->hd, buf, size);
+ if (!len && (!s->willclose || s->chunksize < 0) &&
+- s->filesize >= 0 && s->off < s->filesize) {
++ target_end >= 0 && s->off < target_end) {
+ av_log(h, AV_LOG_ERROR,
+ "Streams ends prematurly at %"PRId64", should be %"PRId64"\n",
+- s->off, s->filesize
++ s->off, target_end
+ );
+ return AVERROR(EIO);
+ }
--- /dev/null
+--- a/configure
++++ b/configure
+@@ -2942,7 +2942,7 @@
+ _ld_lib='lib%.a'
+ _ld_path='-libpath:'
+ _flags='-nologo'
+- _cflags='-D_USE_MATH_DEFINES -D_CRT_SECURE_NO_WARNINGS -Dinline=__inline -FIstdlib.h -Dstrtoll=_strtoi64'
++ _cflags='-D_USE_MATH_DEFINES -D_CRT_SECURE_NO_WARNINGS -Dinline=__inline -FIstdlib.h -Dstrtoll=_strtoi64 -Dstrtoull=_strtoui64'
+ elif $_cc 2>&1 | grep -q Intel; then
+ _type=icl
+ _ident=$($cc 2>&1 | head -n1)
+@@ -2965,7 +2965,7 @@
+ _flags='-nologo -Qdiag-error:4044,10157'
+ # -Qvec- -Qsimd- to prevent miscompilation, -GS for consistency
+ # with MSVC which enables it by default.
+- _cflags='-D_USE_MATH_DEFINES -FIstdlib.h -Dstrtoll=_strtoi64 -Qms0 -Qvec- -Qsimd- -GS'
++ _cflags='-D_USE_MATH_DEFINES -FIstdlib.h -Dstrtoll=_strtoi64 -Dstrtoull=_strtoui64 -Qms0 -Qvec- -Qsimd- -GS'
+ elif $_cc --version 2>/dev/null | grep -q ^cparser; then
+ _type=cparser
+ _ident=$($_cc --version | head -n1)
--- /dev/null
+From 2a05c8f813de6f2278827734bf8102291e7484aa Mon Sep 17 00:00:00 2001
+From: "Ronald S. Bultje" <rsbultje@gmail.com>
+Date: Mon, 5 Dec 2016 08:02:33 -0500
+Subject: [PATCH] http: make length/offset-related variables unsigned.
+
+Fixes #5992, reported and found by Paul Cher <paulcher@icloud.com>.
+---
+ libavformat/http.c | 70 +++++++++++++++++++++++++---------------------
+ 1 file changed, 38 insertions(+), 32 deletions(-)
+
+--- a/libavformat/http.c
++++ b/libavformat/http.c
+@@ -52,8 +52,8 @@
+ int line_count;
+ int http_code;
+ /* Used if "Transfer-Encoding: chunked" otherwise -1. */
+- int64_t chunksize;
+- int64_t off, end_off, filesize;
++ uint64_t chunksize;
++ uint64_t off, end_off, filesize;
+ char *location;
+ HTTPAuthState auth_state;
+ HTTPAuthState proxy_auth_state;
+@@ -75,9 +75,9 @@
+ int post_datalen;
+ int icy;
+ /* how much data was read since the last ICY metadata packet */
+- int icy_data_read;
++ uint64_t icy_data_read;
+ /* after how many bytes of read data a new metadata packet will be found */
+- int icy_metaint;
++ uint64_t icy_metaint;
+ char *icy_metadata_headers;
+ char *icy_metadata_packet;
+ AVDictionary *metadata;
+@@ -278,7 +278,7 @@
+
+ h->is_streamed = 1;
+
+- s->filesize = -1;
++ s->filesize = UINT64_MAX;
+ s->location = av_strdup(uri);
+ if (!s->location)
+ return AVERROR(ENOMEM);
+@@ -375,9 +375,9 @@
+
+ if (!strncmp(p, "bytes ", 6)) {
+ p += 6;
+- s->off = strtoll(p, NULL, 10);
++ s->off = strtoull(p, NULL, 10);
+ if ((slash = strchr(p, '/')) && strlen(slash) > 0)
+- s->filesize = strtoll(slash + 1, NULL, 10);
++ s->filesize = strtoull(slash + 1, NULL, 10);
+ }
+ h->is_streamed = 0; /* we _can_ in fact seek */
+ }
+@@ -479,8 +479,9 @@
+ if ((ret = parse_location(s, p)) < 0)
+ return ret;
+ *new_location = 1;
+- } else if (!av_strcasecmp(tag, "Content-Length") && s->filesize == -1) {
+- s->filesize = strtoll(p, NULL, 10);
++ } else if (!av_strcasecmp(tag, "Content-Length") &&
++ s->filesize == UINT64_MAX) {
++ s->filesize = strtoull(p, NULL, 10);
+ } else if (!av_strcasecmp(tag, "Content-Range")) {
+ parse_content_range(h, p);
+ } else if (!av_strcasecmp(tag, "Accept-Ranges") &&
+@@ -488,7 +489,7 @@
+ h->is_streamed = 0;
+ } else if (!av_strcasecmp(tag, "Transfer-Encoding") &&
+ !av_strncasecmp(p, "chunked", 7)) {
+- s->filesize = -1;
++ s->filesize = UINT64_MAX;
+ s->chunksize = 0;
+ } else if (!av_strcasecmp(tag, "WWW-Authenticate")) {
+ ff_http_auth_handle_header(&s->auth_state, tag, p);
+@@ -503,7 +504,7 @@
+ av_free(s->mime_type);
+ s->mime_type = av_strdup(p);
+ } else if (!av_strcasecmp(tag, "Icy-MetaInt")) {
+- s->icy_metaint = strtoll(p, NULL, 10);
++ s->icy_metaint = strtoull(p, NULL, 10);
+ } else if (!av_strncasecmp(tag, "Icy-", 4)) {
+ if ((ret = parse_icy(s, tag, p)) < 0)
+ return ret;
+@@ -529,7 +530,7 @@
+ char line[MAX_URL_SIZE];
+ int err = 0;
+
+- s->chunksize = -1;
++ s->chunksize = UINT64_MAX;
+
+ for (;;) {
+ if ((err = http_get_line(s, line, sizeof(line))) < 0)
+@@ -556,7 +557,7 @@
+ int post, err;
+ char headers[HTTP_HEADERS_SIZE] = "";
+ char *authstr = NULL, *proxyauthstr = NULL;
+- int64_t off = s->off;
++ uint64_t off = s->off;
+ int len = 0;
+ const char *method;
+ int send_expect_100 = 0;
+@@ -604,7 +605,7 @@
+ // server supports seeking by analysing the reply headers.
+ if (!has_header(s->headers, "\r\nRange: ") && !post) {
+ len += av_strlcatf(headers + len, sizeof(headers) - len,
+- "Range: bytes=%"PRId64"-", s->off);
++ "Range: bytes=%"PRIu64"-", s->off);
+ if (s->end_off)
+ len += av_strlcatf(headers + len, sizeof(headers) - len,
+ "%"PRId64, s->end_off - 1);
+@@ -671,7 +672,7 @@
+ s->line_count = 0;
+ s->off = 0;
+ s->icy_data_read = 0;
+- s->filesize = -1;
++ s->filesize = UINT64_MAX;
+ s->willclose = 0;
+ s->end_chunked_post = 0;
+ s->end_header = 0;
+@@ -688,7 +689,7 @@
+ if (err < 0)
+ return err;
+
+- return (off == s->off) ? 0 : -1;
++ return (off == s->off) ? 0 : UINT64_MAX;
+ }
+
+ static int http_buf_read(URLContext *h, uint8_t *buf, int size)
+@@ -703,15 +704,13 @@
+ memcpy(buf, s->buf_ptr, len);
+ s->buf_ptr += len;
+ } else {
+- int64_t target_end = s->end_off ? s->end_off : s->filesize;
+- if ((!s->willclose || s->chunksize < 0) &&
+- target_end >= 0 && s->off >= target_end)
++ uint64_t target_end = s->end_off ? s->end_off : s->filesize;
++ if ((!s->willclose || s->chunksize == UINT64_MAX) && s->off >= target_end)
+ return AVERROR_EOF;
+ len = ffurl_read(s->hd, buf, size);
+- if (!len && (!s->willclose || s->chunksize < 0) &&
+- target_end >= 0 && s->off < target_end) {
++ if (!len && (!s->willclose || s->chunksize == UINT64_MAX) && s->off < target_end) {
+ av_log(h, AV_LOG_ERROR,
+- "Streams ends prematurly at %"PRId64", should be %"PRId64"\n",
++ "Streams ends prematurly at %"PRIu64", should be %"PRIu64"\n",
+ s->off, target_end
+ );
+ return AVERROR(EIO);
+@@ -772,7 +771,7 @@
+ return err;
+ }
+
+- if (s->chunksize >= 0) {
++ if (s->chunksize != UINT64_MAX) {
+ if (!s->chunksize) {
+ char line[32];
+
+@@ -782,19 +781,23 @@
+ return err;
+ } while (!*line); /* skip CR LF from last chunk */
+
+- s->chunksize = strtoll(line, NULL, 16);
++ s->chunksize = strtoull(line, NULL, 16);
+
+- av_dlog(NULL, "Chunked encoding data size: %"PRId64"'\n",
++ av_log(h, AV_LOG_DEBUG,
++ "Chunked encoding data size: %"PRIu64"'\n",
+ s->chunksize);
+- if (s->chunksize < 0)
+- return AVERROR_INVALIDDATA;
+- else if (!s->chunksize)
++ if (!s->chunksize)
+ return 0;
+- break;
++ else if (s->chunksize == UINT64_MAX) {
++ av_log(h, AV_LOG_ERROR, "Invalid chunk size %"PRIu64"\n",
++ s->chunksize);
++ return AVERROR_INVALIDDATA;
++ }
+ }
+ }
+ size = FFMIN(size, s->chunksize);
+ }
++
+ #if CONFIG_ZLIB
+ if (s->compressed)
+ return http_buf_read_compressed(h, buf, size);
+@@ -844,10 +847,11 @@
+ {
+ HTTPContext *s = h->priv_data;
+ /* until next metadata packet */
+- int remaining = s->icy_metaint - s->icy_data_read;
++ uint64_t remaining;
+
+- if (remaining < 0)
++ if (s->icy_metaint < s->icy_data_read)
+ return AVERROR_INVALIDDATA;
++ remaining = s->icy_metaint - s->icy_data_read;
+
+ if (!remaining) {
+ /* The metadata packet is variable sized. It has a 1 byte header
+@@ -960,7 +964,7 @@
+ {
+ HTTPContext *s = h->priv_data;
+ URLContext *old_hd = s->hd;
+- int64_t old_off = s->off;
++ uint64_t old_off = s->off;
+ uint8_t old_buf[BUFFER_SIZE];
+ int old_buf_size, ret;
+ AVDictionary *options = NULL;
+@@ -970,7 +974,7 @@
+ else if ((whence == SEEK_CUR && off == 0) ||
+ (whence == SEEK_SET && off == s->off))
+ return s->off;
+- else if ((s->filesize == -1 && whence == SEEK_END) || h->is_streamed)
++ else if ((s->filesize == UINT64_MAX && whence == SEEK_END) || h->is_streamed)
+ return AVERROR(ENOSYS);
+
+ /* we save the old context in case the seek fails */
+@@ -1105,7 +1109,7 @@
+ s->buf_ptr = s->buffer;
+ s->buf_end = s->buffer;
+ s->line_count = 0;
+- s->filesize = -1;
++ s->filesize = UINT64_MAX;
+ cur_auth_type = s->proxy_auth_state.auth_type;
+
+ /* Note: This uses buffering, potentially reading more than the
--- /dev/null
+From 7d57ca4d9a75562fa32e40766211de150f8b3ee7 Mon Sep 17 00:00:00 2001
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Mon, 5 Dec 2016 11:14:51 +0100
+Subject: [PATCH] avformat/rtmppkt: Check for packet size mismatches
+
+Fixes out of array access
+
+Found-by: Paul Cher <paulcher@icloud.com>
+Reviewed-by: Paul Cher <paulcher@icloud.com>
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+---
+ libavformat/rtmppkt.c | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/libavformat/rtmppkt.c b/libavformat/rtmppkt.c
+index 0d693c27f7f..cde0da78ce1 100644
+--- a/libavformat/rtmppkt.c
++++ b/libavformat/rtmppkt.c
+@@ -235,6 +235,14 @@ static int rtmp_packet_read_one_chunk(URLContext *h, RTMPPacket *p,
+ if (hdr != RTMP_PS_TWELVEBYTES)
+ timestamp += prev_pkt[channel_id].timestamp;
+
++ if (prev_pkt[channel_id].read && size != prev_pkt[channel_id].size) {
++ av_log(NULL, AV_LOG_ERROR, "RTMP packet size mismatch %d != %d\n",
++ size,
++ prev_pkt[channel_id].size);
++ ff_rtmp_packet_destroy(&prev_pkt[channel_id]);
++ prev_pkt[channel_id].read = 0;
++ }
++
+ if (!prev_pkt[channel_id].read) {
+ if ((ret = ff_rtmp_packet_create(p, channel_id, type, timestamp,
+ size)) < 0)
+
--- /dev/null
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Sat, 31 Mar 2018 01:10:43 +0000 (+0200)
+Subject: avcodec/utvideodec: Set pro flag based on fourcc
+X-Git-Tag: n4.0~194
+X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=47b7c68ae54560e2308bdb6be4fb076c73b93081
+
+avcodec/utvideodec: Set pro flag based on fourcc
+
+This avoids mixing 8bit variants with pro and 10bit with non pro mode.
+Fixes: out of array read
+Fixes: poc_03_30.avi
+
+Found-by: GwanYeong Kim <gy741.kim@gmail.com>
+Reviewed-by: Paul B Mahol <onemda@gmail.com>
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+---
+
+diff --git a/libavcodec/utvideodec.c b/libavcodec/utvideodec.c
+index 086129d094..82cb038ccd 100644
+--- a/libavcodec/utvideodec.c
++++ b/libavcodec/utvideodec.c
+@@ -949,14 +949,17 @@ static av_cold int decode_init(AVCodecContext *avctx)
+ break;
+ case MKTAG('U', 'Q', 'Y', '2'):
+ c->planes = 3;
++ c->pro = 1;
+ avctx->pix_fmt = AV_PIX_FMT_YUV422P10;
+ break;
+ case MKTAG('U', 'Q', 'R', 'G'):
+ c->planes = 3;
++ c->pro = 1;
+ avctx->pix_fmt = AV_PIX_FMT_GBRP10;
+ break;
+ case MKTAG('U', 'Q', 'R', 'A'):
+ c->planes = 4;
++ c->pro = 1;
+ avctx->pix_fmt = AV_PIX_FMT_GBRAP10;
+ break;
+ case MKTAG('U', 'L', 'H', '0'):
+@@ -1031,7 +1034,7 @@ static av_cold int decode_init(AVCodecContext *avctx)
+ if (c->compression != 2)
+ avpriv_request_sample(avctx, "Unknown compression type");
+ c->slices = avctx->extradata[9] + 1;
+- } else if (avctx->extradata_size >= 16) {
++ } else if (!c->pro && avctx->extradata_size >= 16) {
+ av_log(avctx, AV_LOG_DEBUG, "Encoder version %d.%d.%d.%d\n",
+ avctx->extradata[3], avctx->extradata[2],
+ avctx->extradata[1], avctx->extradata[0]);
+@@ -1046,14 +1049,13 @@ static av_cold int decode_init(AVCodecContext *avctx)
+ c->slices = (c->flags >> 24) + 1;
+ c->compression = c->flags & 1;
+ c->interlaced = c->flags & 0x800;
+- } else if (avctx->extradata_size == 8) {
++ } else if (c->pro && avctx->extradata_size == 8) {
+ av_log(avctx, AV_LOG_DEBUG, "Encoder version %d.%d.%d.%d\n",
+ avctx->extradata[3], avctx->extradata[2],
+ avctx->extradata[1], avctx->extradata[0]);
+ av_log(avctx, AV_LOG_DEBUG, "Original format %"PRIX32"\n",
+ AV_RB32(avctx->extradata + 4));
+ c->interlaced = 0;
+- c->pro = 1;
+ c->frame_info_size = 4;
+ } else {
+ av_log(avctx, AV_LOG_ERROR,
+
--- /dev/null
+From 76f7e70aa04fc5dbef5242b11cbf8fe4499f61d4 Mon Sep 17 00:00:00 2001
+From: Anton Khirnov <anton@khirnov.net>
+Date: Wed, 20 Jul 2016 08:31:38 +0200
+Subject: [PATCH] h264dec: handle zero-sized NAL units in get_last_needed_nal()
+
+The current code will ignore the init_get_bits() failure and do an
+invalid read from the uninitialized GetBitContext.
+
+Found-By: Jan Ruge <jan.s.ruge@gmail.com>
+Bug-Id: 952
+---
+ libavcodec/h264.c | 11 +++++++++--
+ 1 file changed, 9 insertions(+), 2 deletions(-)
+
+--- a/libavcodec/h264.c
++++ b/libavcodec/h264.c
+@@ -1364,6 +1364,7 @@
+ int nal_index = 0;
+ int buf_index = 0;
+ int nals_needed = 0;
++ int ret = 0;
+
+ while(1) {
+ int nalsize = 0;
+@@ -1405,7 +1406,14 @@
+ case NAL_DPA:
+ case NAL_IDR_SLICE:
+ case NAL_SLICE:
+- init_get_bits(&h->gb, ptr, bit_length);
++ ret = init_get_bits8(&h->gb, ptr, bit_length);
++ if (ret < 0) {
++ av_log(h->avctx, AV_LOG_ERROR, "Invalid zero-sized VCL NAL unit\n");
++ if (h->avctx->err_recognition & AV_EF_EXPLODE)
++ return ret;
++
++ break;
++ }
+ if (!get_ue_golomb(&h->gb))
+ nals_needed = nal_index;
+ }
--- /dev/null
+From: Markus Koschany <apo@debian.org>
+Date: Sun, 30 Dec 2018 14:27:49 +0100
+Subject: CVE-2017-14055
+
+Origin: https://github.com/FFmpeg/FFmpeg/commit/4f05e2e2dc1a89f38cd9f0960a6561083d714f1e
+---
+ libavformat/mvdec.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/libavformat/mvdec.c b/libavformat/mvdec.c
+index e21ec06..4c62993 100644
+--- a/libavformat/mvdec.c
++++ b/libavformat/mvdec.c
+@@ -327,6 +327,8 @@ static int mv_read_header(AVFormatContext *avctx)
+ uint32_t pos = avio_rb32(pb);
+ uint32_t asize = avio_rb32(pb);
+ uint32_t vsize = avio_rb32(pb);
++ if (avio_feof(pb))
++ return AVERROR_INVALIDDATA;
+ avio_skip(pb, 8);
+ av_add_index_entry(ast, pos, timestamp, asize, 0, AVINDEX_KEYFRAME);
+ av_add_index_entry(vst, pos + asize, i, vsize, 0, AVINDEX_KEYFRAME);
--- /dev/null
+From: Markus Koschany <apo@debian.org>
+Date: Sun, 30 Dec 2018 14:25:04 +0100
+Subject: CVE-2017-14056
+
+Origin: https://github.com/FFmpeg/FFmpeg/commit/96f24d1bee7fe7bac08e2b7c74db1a046c9dc0de
+---
+ libavformat/rl2.c | 15 ++++++++++++---
+ 1 file changed, 12 insertions(+), 3 deletions(-)
+
+diff --git a/libavformat/rl2.c b/libavformat/rl2.c
+index 5d30bf8..48c1ea6 100644
+--- a/libavformat/rl2.c
++++ b/libavformat/rl2.c
+@@ -175,12 +175,21 @@ static av_cold int rl2_read_header(AVFormatContext *s)
+ }
+
+ /** read offset and size tables */
+- for(i=0; i < frame_count;i++)
++ for(i=0; i < frame_count;i++) {
++ if (avio_feof(pb))
++ return AVERROR_INVALIDDATA;
+ chunk_size[i] = avio_rl32(pb);
+- for(i=0; i < frame_count;i++)
++ }
++ for(i=0; i < frame_count;i++) {
++ if (avio_feof(pb))
++ return AVERROR_INVALIDDATA;
+ chunk_offset[i] = avio_rl32(pb);
+- for(i=0; i < frame_count;i++)
++ }
++ for(i=0; i < frame_count;i++) {
++ if (avio_feof(pb))
++ return AVERROR_INVALIDDATA;
+ audio_size[i] = avio_rl32(pb) & 0xFFFF;
++ }
+
+ /** build the sample index */
+ for(i=0;i<frame_count;i++){
--- /dev/null
+From: Markus Koschany <apo@debian.org>
+Date: Mon, 31 Jan 2018 14:48:32 +0100
+Subject: CVE-2017-14057
+
+Origin: https://github.com/FFmpeg/FFmpeg/commit/7f9ec5593e04827249e7aeb466da06a98a0d7329
+---
+ libavformat/asfdec.c | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/libavformat/asfdec.c b/libavformat/asfdec.c
+index 85e800d..1ec36aa 100644
+--- a/libavformat/asfdec.c
++++ b/libavformat/asfdec.c
+@@ -683,13 +683,15 @@ static int asf_read_marker(AVFormatContext *s, int64_t size)
+ count = avio_rl32(pb); // markers count
+ avio_rl16(pb); // reserved 2 bytes
+ name_len = avio_rl16(pb); // name length
+- for (i = 0; i < name_len; i++)
+- avio_r8(pb); // skip the name
++ avio_skip(pb, name_len);
+
+ for (i = 0; i < count; i++) {
+ int64_t pres_time;
+ int name_len;
+
++ if (avio_feof(pb))
++ return AVERROR_INVALIDDATA;
++
+ avio_rl64(pb); // offset, 8 bytes
+ pres_time = avio_rl64(pb); // presentation time
+ pres_time -= asf->hdr.preroll * 10000;
--- /dev/null
+From 7ec414892ddcad88313848494b6fc5f437c9ca4a Mon Sep 17 00:00:00 2001
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Sat, 26 Aug 2017 01:26:58 +0200
+Subject: [PATCH] avformat/hls: Fix DoS due to infinite loop
+
+Fixes: loop.m3u
+
+The default max iteration count of 1000 is arbitrary and ideas for a better solution are welcome
+
+Found-by: Xiaohei and Wangchu from Alibaba Security Team
+
+Previous version reviewed-by: Steven Liu <lingjiujianke@gmail.com>
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+
+[sunweaver] Rebased against a libavformat/hls.c version that did not yet have AVOption support.
+ Initializing HLS_Context.max_reload statically with the value 1000.
+
+---
+ doc/demuxers.texi | 18 ++++++++++++++++++
+ libavformat/hls.c | 7 +++++++
+ 2 files changed, 25 insertions(+)
+
+#--- a/doc/demuxers.texi
+#+++ b/doc/demuxers.texi
+#@@ -18,6 +18,24 @@
+#
+# The description of some of the currently available demuxers follows.
+#
+#+@section hls
+#+
+#+HLS demuxer
+#+
+#+It accepts the following options:
+#+
+#+@table @option
+#+@item live_start_index
+#+segment index to start live streams at (negative values are from the end).
+#+
+#+@item allowed_extensions
+#+',' separated list of file extensions that hls is allowed to access.
+#+
+#+@item max_reload
+#+Maximum number of times a insufficient list is attempted to be reloaded.
+#+Default value is 1000.
+#+@end table
+#+
+# @section image2
+#
+# Image file demuxer.
+--- a/libavformat/hls.c
++++ b/libavformat/hls.c
+@@ -381,6 +381,7 @@
+ struct variant *v = opaque;
+ HLSContext *c = v->parent->priv_data;
+ int ret, i;
++ int reload_count = 0;
+
+ restart:
+ if (!v->input) {
+@@ -391,6 +392,9 @@
+ v->target_duration;
+
+ reload:
++ reload_count++;
++ if (reload_count > 1000)
++ return AVERROR_EOF;
+ if (!v->finished &&
+ av_gettime() - v->last_load_time >= reload_interval) {
+ if ((ret = parse_playlist(c, v->url, v, NULL)) < 0)
--- /dev/null
+From 9d00fb9d70ee8c0cc7002b89318c5be00f1bbdad Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?=E5=AD=99=E6=B5=A9=28=E6=99=93=E9=BB=91=29?=
+ <tony.sh@alibaba-inc.com>
+Date: Tue, 29 Aug 2017 23:59:21 +0200
+Subject: [PATCH] avformat/mxfdec: Fix Sign error in mxf_read_primer_pack()
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Fixes: 20170829B.mxf
+
+Co-Author: 张洪亮(望初)" <wangchu.zhl@alibaba-inc.com>
+Found-by: Xiaohei and Wangchu from Alibaba Security Team
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+---
+ libavformat/mxfdec.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/libavformat/mxfdec.c
++++ b/libavformat/mxfdec.c
+@@ -407,12 +407,13 @@
+ avpriv_request_sample(pb, "Primer pack item length %d", item_len);
+ return AVERROR_PATCHWELCOME;
+ }
+- if (item_num > UINT_MAX / item_len)
++ if (item_num > 65536 || item_num < 0)
++ av_log(mxf->fc, AV_LOG_ERROR, "item_num %d is too large\n", item_num);
+ return AVERROR_INVALIDDATA;
+- mxf->local_tags_count = item_num;
+ mxf->local_tags = av_malloc(item_num*item_len);
+ if (!mxf->local_tags)
+ return AVERROR(ENOMEM);
++ mxf->local_tags_count = item_num;
+ avio_read(pb, mxf->local_tags, item_num*item_len);
+ return 0;
+ }
--- /dev/null
+From: Markus Koschany <apo@debian.org>
+Date: Sun, 30 Dec 2018 20:53:42 +0100
+Subject: CVE-2017-14170
+
+Origin: https://github.com/FFmpeg/FFmpeg/commit/900f39692ca0337a98a7cf047e4e2611071810c2
+---
+ libavformat/mxfdec.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/libavformat/mxfdec.c b/libavformat/mxfdec.c
+index 9aedd47..5392ed9 100644
+--- a/libavformat/mxfdec.c
++++ b/libavformat/mxfdec.c
+@@ -743,6 +743,8 @@ static int mxf_read_index_entry_array(AVIOContext *pb, MXFIndexTableSegment *seg
+ return AVERROR(ENOMEM);
+
+ length = avio_rb32(pb);
++ if(segment->nb_index_entries && length < 11)
++ return AVERROR_INVALIDDATA;
+
+ segment->temporal_offset_entries = av_mallocz(segment->nb_index_entries *
+ sizeof(*segment->temporal_offset_entries));
+@@ -760,6 +762,8 @@ static int mxf_read_index_entry_array(AVIOContext *pb, MXFIndexTableSegment *seg
+ }
+
+ for (i = 0; i < segment->nb_index_entries; i++) {
++ if(avio_feof(pb))
++ return AVERROR_INVALIDDATA;
+ segment->temporal_offset_entries[i] = avio_r8(pb);
+ avio_r8(pb); /* KeyFrameOffset */
+ segment->flag_entries[i] = avio_r8(pb);
--- /dev/null
+From: Markus Koschany <apo@debian.org>
+Date: Sun, 30 Dec 2018 20:51:01 +0100
+Subject: CVE-2017-14171
+
+Origin: https://github.com/FFmpeg/FFmpeg/commit/c24bcb553650b91e9eff15ef6e54ca73de2453b7
+---
+ libavformat/nsvdec.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/libavformat/nsvdec.c b/libavformat/nsvdec.c
+index 670b867..25cc443 100644
+--- a/libavformat/nsvdec.c
++++ b/libavformat/nsvdec.c
+@@ -351,8 +351,11 @@ static int nsv_parse_NSVf_header(AVFormatContext *s)
+ if (!nsv->nsvs_file_offset)
+ return AVERROR(ENOMEM);
+
+- for(i=0;i<table_entries_used;i++)
++ for(i=0;i<table_entries_used;i++) {
++ if (avio_feof(pb))
++ return AVERROR_INVALIDDATA;
+ nsv->nsvs_file_offset[i] = avio_rl32(pb) + size;
++ }
+
+ if(table_entries > table_entries_used &&
+ avio_rl32(pb) == MKTAG('T','O','C','2')) {
--- /dev/null
+From afc9c683ed9db01edb357bc8c19edad4282b3a97 Mon Sep 17 00:00:00 2001
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Tue, 5 Sep 2017 00:16:29 +0200
+Subject: [PATCH] avformat/asfdec: Fix DoS in asf_build_simple_index()
+
+Fixes: Missing EOF check in loop
+No testcase
+
+Found-by: Xiaohei and Wangchu from Alibaba Security Team
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+
+[sunweaver] - Backport to libav as found in Debian jessie LTS.
+---
+ libavformat/asfdec.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+--- a/libavformat/asfdec.c
++++ b/libavformat/asfdec.c
+@@ -1442,6 +1442,11 @@
+ int64_t pos = s->data_offset + s->packet_size * (int64_t)pktnum;
+ int64_t index_pts = FFMAX(av_rescale(itime, i, 10000) - asf->hdr.preroll, 0);
+
++ if (avio_feof(s->pb)) {
++ ret = AVERROR_INVALIDDATA;
++ goto end;
++ }
++
+ if (pos != last_pos) {
+ av_log(s, AV_LOG_DEBUG, "pktnum:%d, pktct:%d pts: %"PRId64"\n",
+ pktnum, pktct, index_pts);
--- /dev/null
+From: Markus Koschany <apo@debian.org>
+Date: Sun, 30 Dec 2018 17:39:40 +0100
+Subject: CVE-2017-14767
+
+Origin: https://github.com/FFmpeg/FFmpeg/commit/c42a1388a6d1bfd8001bf6a4241d8ca27e49326d
+---
+ libavformat/rtpdec_h264.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/libavformat/rtpdec_h264.c b/libavformat/rtpdec_h264.c
+index abf1f39..72f645f 100644
+--- a/libavformat/rtpdec_h264.c
++++ b/libavformat/rtpdec_h264.c
+@@ -116,6 +116,11 @@ static int sdp_parse_fmtp_config_h264(AVFormatContext *s,
+ codec->extradata_size = 0;
+ av_freep(&codec->extradata);
+
++ if (*value == 0 || value[strlen(value) - 1] == ',') {
++ av_log(s, AV_LOG_WARNING, "Missing PPS in sprop-parameter-sets, ignoring\n");
++ return 0;
++ }
++
+ while (*value) {
+ char base64packet[1024];
+ uint8_t decoded_packet[1024];
--- /dev/null
+From: Markus Koschany <apo@debian.org>
+Date: Sun, 30 Dec 2018 17:29:28 +0100
+Subject: CVE-2017-15672
+
+Origin: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=c20f4fcb74da2d0432c7b54499bb98f48236b904
+---
+ libavcodec/ffv1dec.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libavcodec/ffv1dec.c b/libavcodec/ffv1dec.c
+index 50b220f..84a4b1b 100644
+--- a/libavcodec/ffv1dec.c
++++ b/libavcodec/ffv1dec.c
+@@ -730,7 +730,7 @@ static int read_header(FFV1Context *f)
+ } else {
+ const uint8_t *p = c->bytestream_end;
+ for (f->slice_count = 0;
+- f->slice_count < MAX_SLICES && 3 < p - c->bytestream_start;
++ f->slice_count < MAX_SLICES && 3 + 5*!!f->ec < p - c->bytestream_start;
+ f->slice_count++) {
+ int trailer = 3 + 5 * !!f->ec;
+ int size = AV_RB24(p - trailer);
--- /dev/null
+From: Markus Koschany <apo@debian.org>
+Date: Sun, 30 Dec 2018 17:14:54 +0100
+Subject: CVE-2017-17130
+
+Origin: https://github.com/libav/libav/commit/49cf72b3ac77140cf4715c18fe7c7610d918d912
+---
+ libavcodec/vc1dec.c | 4 ++--
+ 1 files changed, 2 insertions(+), 2 deletions(-)
+--- a/libavcodec/vc1dec.c
++++ b/libavcodec/vc1dec.c
+@@ -5844,7 +5844,7 @@ static int vc1_decode_frame(AVCodecContext *avctx, void *data,
+ buf_size3 << 3);
+ /* assuming that the field marker is at the exact middle,
+ hope it's correct */
+- slices[n_slices].mby_start = s->mb_height >> 1;
++ slices[n_slices].mby_start = s->mb_height + 1 >> 1;
+ n_slices1 = n_slices - 1; // index of the last slice of the first field
+ n_slices++;
+ break;
+@@ -5892,7 +5892,7 @@ static int vc1_decode_frame(AVCodecContext *avctx, void *data,
+ buf_size3 = vc1_unescape_buffer(divider + 4, buf + buf_size - divider - 4, slices[n_slices].buf);
+ init_get_bits(&slices[n_slices].gb, slices[n_slices].buf,
+ buf_size3 << 3);
+- slices[n_slices].mby_start = s->mb_height >> 1;
++ slices[n_slices].mby_start = s->mb_height + 1 >> 1;
+ n_slices1 = n_slices - 1;
+ n_slices++;
+ }
--- /dev/null
+From e477f09d0b3619f3d29173b2cd593e17e2d1978e Mon Sep 17 00:00:00 2001
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Sat, 4 Feb 2017 12:24:14 +0100
+Subject: [PATCH] avcodec/pngdec: Check trns more completely
+
+Fixes out of array access
+Fixes: 546/clusterfuzz-testcase-4809433909559296
+
+Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+
+[sunweaver] ported to libav in Debian jessie LTS (which only supports palette based transparency).
+
+---
+ libavcodec/pngdec.c | 15 ++++++++++++++-
+ 1 file changed, 14 insertions(+), 1 deletion(-)
+
+--- a/libavcodec/pngdec.c
++++ b/libavcodec/pngdec.c
+@@ -592,6 +592,16 @@
+ {
+ int v, i;
+
++ if (!(s->state & PNG_IHDR)) {
++ av_log(avctx, AV_LOG_ERROR, "trns before IHDR\n");
++ return AVERROR_INVALIDDATA;
++ }
++
++ if (s->state & PNG_IDAT) {
++ av_log(avctx, AV_LOG_ERROR, "trns after IDAT\n");
++ return AVERROR_INVALIDDATA;
++ }
++
+ /* read the transparency. XXX: Only palette mode supported */
+ if (s->color_type != PNG_COLOR_TYPE_PALETTE ||
+ length > 256 ||
--- /dev/null
+From 2080bc33717955a0e4268e738acf8c1eeddbf8cb Mon Sep 17 00:00:00 2001
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Wed, 25 Jan 2017 00:20:19 +0100
+Subject: [PATCH] avcodec/utils: correct align value for interplay
+
+Fixes out of array access
+Fixes: 452/fuzz-1-ffmpeg_VIDEO_AV_CODEC_ID_INTERPLAY_VIDEO_fuzzer
+
+Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+---
+ libavcodec/utils.c | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+--- a/libavcodec/utils.c
++++ b/libavcodec/utils.c
+@@ -247,6 +247,10 @@
+ w_align = 4;
+ h_align = 4;
+ }
++ if (s->codec_id == AV_CODEC_ID_INTERPLAY_VIDEO) {
++ w_align = 8;
++ h_align = 8;
++ }
+ case AV_PIX_FMT_PAL8:
+ case AV_PIX_FMT_BGR8:
+ case AV_PIX_FMT_RGB8:
+@@ -254,7 +258,8 @@
+ w_align = 4;
+ h_align = 4;
+ }
+- if (s->codec_id == AV_CODEC_ID_JV) {
++ if (s->codec_id == AV_CODEC_ID_JV ||
++ s->codec_id == AV_CODEC_ID_INTERPLAY_VIDEO) {
+ w_align = 8;
+ h_align = 8;
+ }
--- /dev/null
+From 9f0eaf792a8560a089643489403e549c30fb3170 Mon Sep 17 00:00:00 2001
+From: Michael Niedermayer <michaelni@gmx.at>
+Date: Sun, 8 Mar 2015 01:27:56 +0100
+Subject: [PATCH] avcodec/mpegvideo_motion: Fix off by 1 error in MV bounds
+ checking
+
+Fixes Ticket4299
+
+Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
+---
+ libavcodec/mpegvideo_motion.c | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+--- a/libavcodec/mpegvideo_motion.c
++++ b/libavcodec/mpegvideo_motion.c
+@@ -209,8 +209,8 @@
+ dxy |= (motion_y & 1) << 1;
+ src += src_y * s->linesize + src_x;
+
+- if ((unsigned)src_x > FFMAX(s->h_edge_pos - (motion_x & 1) - 8, 0) ||
+- (unsigned)src_y > FFMAX(s->v_edge_pos - (motion_y & 1) - 8, 0)) {
++ if ((unsigned)src_x > FFMAX(s->h_edge_pos - (motion_x & 1) - 7, 0) ||
++ (unsigned)src_y > FFMAX(s->v_edge_pos - (motion_y & 1) - 7, 0)) {
+ s->vdsp.emulated_edge_mc(s->edge_emu_buffer, src,
+ s->linesize, s->linesize,
+ 9, 9, src_x, src_y,
+@@ -304,8 +304,8 @@
+ ptr_cb = ref_picture[1] + uvsrc_y * uvlinesize + uvsrc_x;
+ ptr_cr = ref_picture[2] + uvsrc_y * uvlinesize + uvsrc_x;
+
+- if ((unsigned)src_x > FFMAX(s->h_edge_pos - (motion_x & 1) - 16, 0) ||
+- (unsigned)src_y > FFMAX(v_edge_pos - (motion_y & 1) - h, 0)) {
++ if ((unsigned)src_x > FFMAX(s->h_edge_pos - (motion_x & 1) - 15, 0) ||
++ (unsigned)src_y > FFMAX(v_edge_pos - (motion_y & 1) - h + 1, 0)) {
+ if (is_mpeg12 ||
+ s->codec_id == AV_CODEC_ID_MPEG2VIDEO ||
+ s->codec_id == AV_CODEC_ID_MPEG1VIDEO) {
--- /dev/null
+From 8849c4ceac0f35e88b2dc406bf5ffc4173a38ffe Mon Sep 17 00:00:00 2001
+From: Michael Niedermayer <michaelni@gmx.at>
+Date: Sun, 8 Mar 2015 01:45:53 +0100
+Subject: [PATCH] avcodec/mpegvideo_motion: Fix off by 1 error in MV bounds
+ checking in qpel, chroma_4mv and 8x8
+
+No testcase available
+
+Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
+---
+ libavcodec/mpegvideo_motion.c | 12 ++++++------
+ 1 file changed, 6 insertions(+), 6 deletions(-)
+
+--- a/libavcodec/mpegvideo_motion.c
++++ b/libavcodec/mpegvideo_motion.c
+@@ -533,8 +533,8 @@
+ ptr_cb = ref_picture[1] + uvsrc_y * uvlinesize + uvsrc_x;
+ ptr_cr = ref_picture[2] + uvsrc_y * uvlinesize + uvsrc_x;
+
+- if ((unsigned)src_x > FFMAX(s->h_edge_pos - (motion_x & 3) - 16, 0) ||
+- (unsigned)src_y > FFMAX(v_edge_pos - (motion_y & 3) - h, 0)) {
++ if ((unsigned)src_x > FFMAX(s->h_edge_pos - (motion_x & 3) - 15, 0) ||
++ (unsigned)src_y > FFMAX(v_edge_pos - (motion_y & 3) - h + 1, 0)) {
+ s->vdsp.emulated_edge_mc(s->edge_emu_buffer, ptr_y,
+ s->linesize, s->linesize,
+ 17, 17 + field_based,
+@@ -616,8 +616,8 @@
+
+ offset = src_y * s->uvlinesize + src_x;
+ ptr = ref_picture[1] + offset;
+- if ((unsigned)src_x > FFMAX((s->h_edge_pos >> 1) - (dxy & 1) - 8, 0) ||
+- (unsigned)src_y > FFMAX((s->v_edge_pos >> 1) - (dxy >> 1) - 8, 0)) {
++ if ((unsigned)src_x >= FFMAX((s->h_edge_pos >> 1) - (dxy & 1) - 7, 0) ||
++ (unsigned)src_y >= FFMAX((s->v_edge_pos >> 1) - (dxy >> 1) - 7, 0)) {
+ s->vdsp.emulated_edge_mc(s->edge_emu_buffer, ptr,
+ s->uvlinesize, s->uvlinesize,
+ 9, 9, src_x, src_y,
+@@ -774,8 +774,8 @@
+ dxy &= ~12;
+
+ ptr = ref_picture[0] + (src_y * s->linesize) + (src_x);
+- if ((unsigned)src_x > FFMAX(s->h_edge_pos - (motion_x & 3) - 8, 0) ||
+- (unsigned)src_y > FFMAX(s->v_edge_pos - (motion_y & 3) - 8, 0)) {
++ if ((unsigned)src_x >= FFMAX(s->h_edge_pos - (motion_x & 3) - 7, 0) ||
++ (unsigned)src_y >= FFMAX(s->v_edge_pos - (motion_y & 3) - 7, 0)) {
+ s->vdsp.emulated_edge_mc(s->edge_emu_buffer, ptr,
+ s->linesize, s->linesize,
+ 9, 9,
--- /dev/null
+From: Markus Koschany <apo@debian.org>
+Date: Sun, 30 Dec 2018 16:57:18 +0100
+Subject: CVE-2017-9993
+
+Origin: https://github.com/FFmpeg/FFmpeg/commit/a5d849b149ca67ced2d271dc84db0bc95a548abb
+---
+ libavformat/avidec.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/libavformat/avidec.c b/libavformat/avidec.c
+index 928bbaa..713f822 100644
+--- a/libavformat/avidec.c
++++ b/libavformat/avidec.c
+@@ -870,6 +870,9 @@ static int read_gab2_sub(AVStream *st, AVPacket *pkt)
+ if (!(sub_demuxer = av_probe_input_format2(&pd, 1, &score)))
+ goto error;
+
++ if (strcmp(sub_demuxer->name, "srt") && strcmp(sub_demuxer->name, "ass"))
++ goto error;
++
+ if (!(ast->sub_ctx = avformat_alloc_context()))
+ goto error;
+
--- /dev/null
+From: Markus Koschany <apo@debian.org>
+Date: Sun, 30 Dec 2018 16:54:59 +0100
+Subject: CVE-2017-9994
+
+Origin: https://github.com/FFmpeg/FFmpeg/commit/6b5d3fb26fb4be48e4966e4b1d97c2165538d4ef
+---
+ libavcodec/vp8.c | 3 +++
+ libavcodec/webp.c | 3 +--
+ 2 files changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/libavcodec/vp8.c b/libavcodec/vp8.c
+index 08b72c9..9c55f5d 100644
+--- a/libavcodec/vp8.c
++++ b/libavcodec/vp8.c
+@@ -32,6 +32,7 @@
+ #include "thread.h"
+ #include "vp8.h"
+ #include "vp8data.h"
++#include "libavutil/avassert.h"
+
+ #if ARCH_ARM
+ # include "arm/vp8.h"
+@@ -2463,6 +2464,8 @@ int vp78_decode_frame(AVCodecContext *avctx, void *data, int *got_frame,
+ enum AVDiscard skip_thresh;
+ VP8Frame *av_uninit(curframe), *prev_frame;
+
++ av_assert0(avctx->pix_fmt == AV_PIX_FMT_YUVA420P || avctx->pix_fmt == AV_PIX_FMT_YUV420P);
++
+ if (is_vp7)
+ ret = vp7_decode_frame_header(s, avpkt->data, avpkt->size);
+ else
+diff --git a/libavcodec/webp.c b/libavcodec/webp.c
+index 4138e54..c167537 100644
+--- a/libavcodec/webp.c
++++ b/libavcodec/webp.c
+@@ -1304,9 +1304,8 @@ static int vp8_lossy_decode_frame(AVCodecContext *avctx, AVFrame *p,
+ if (!s->initialized) {
+ ff_vp8_decode_init(avctx);
+ s->initialized = 1;
+- if (s->has_alpha)
+- avctx->pix_fmt = AV_PIX_FMT_YUVA420P;
+ }
++ avctx->pix_fmt = s->has_alpha ? AV_PIX_FMT_YUVA420P : AV_PIX_FMT_YUV420P;
+ s->lossless = 0;
+
+ if (data_size > INT_MAX) {
--- /dev/null
+From a4fe661157b22a353ecce51f5c717c42c8fe00b0 Mon Sep 17 00:00:00 2001
+From: Michael Niedermayer <michaelni@gmx.at>
+Date: Wed, 17 Oct 2012 17:20:12 +0200
+Subject: [PATCH] mov_probe: fix integer overflows
+
+Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
+---
+ libavformat/mov.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/libavformat/mov.c
++++ b/libavformat/mov.c
+@@ -2916,7 +2916,7 @@
+
+ static int mov_probe(AVProbeData *p)
+ {
+- unsigned int offset;
++ int64_t offset;
+ uint32_t tag;
+ int score = 0;
+
--- /dev/null
+From 7abf394814d818973db562102f21ab9d10540840 Mon Sep 17 00:00:00 2001
+From: Petter Ericson <petter.ericson@codemill.se>
+Date: Wed, 17 Oct 2012 16:53:19 +0200
+Subject: [PATCH] mov.c: Check for stsd + m1s tag indicating MOV-wrapped
+ MPEG-PS, and force continued probing if found.
+
+Fixes Ticket241
+Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
+---
+ libavformat/mov.c | 45 +++++++++++++++++++++++++++++++++++++--------
+ 1 file changed, 37 insertions(+), 8 deletions(-)
+
+--- a/libavformat/mov.c
++++ b/libavformat/mov.c
+@@ -2919,43 +2919,72 @@
+ int64_t offset;
+ uint32_t tag;
+ int score = 0;
++ int moov_offset = -1;
+
+ /* check file header */
+ offset = 0;
+ for (;;) {
+ /* ignore invalid offset */
+ if ((offset + 8) > (unsigned int)p->buf_size)
+- return score;
++ break;
+ tag = AV_RL32(p->buf + offset + 4);
+ switch(tag) {
+ /* check for obvious tags */
+- case MKTAG('j','P',' ',' '): /* jpeg 2000 signature */
+ case MKTAG('m','o','o','v'):
++ moov_offset = offset + 4;
++ case MKTAG('j','P',' ',' '): /* jpeg 2000 signature */
+ case MKTAG('m','d','a','t'):
+ case MKTAG('p','n','o','t'): /* detect movs with preview pics like ew.mov and april.mov */
+ case MKTAG('u','d','t','a'): /* Packet Video PVAuthor adds this and a lot of more junk */
+ case MKTAG('f','t','y','p'):
+- return AVPROBE_SCORE_MAX;
++ score = AVPROBE_SCORE_MAX;
++ offset = FFMAX(4, AV_RB32(p->buf+offset)) + offset;
++ break;
+ /* those are more common words, so rate then a bit less */
+ case MKTAG('e','d','i','w'): /* xdcam files have reverted first tags */
+ case MKTAG('w','i','d','e'):
+ case MKTAG('f','r','e','e'):
+ case MKTAG('j','u','n','k'):
+ case MKTAG('p','i','c','t'):
+- return AVPROBE_SCORE_MAX - 5;
++ score = FFMAX(score, AVPROBE_SCORE_MAX - 5);
++ offset = FFMAX(4, AV_RB32(p->buf+offset)) + offset;
++ break;
+ case MKTAG(0x82,0x82,0x7f,0x7d):
+ case MKTAG('s','k','i','p'):
+ case MKTAG('u','u','i','d'):
+ case MKTAG('p','r','f','l'):
+- offset = AV_RB32(p->buf+offset) + offset;
+ /* if we only find those cause probedata is too small at least rate them */
+- score = AVPROBE_SCORE_EXTENSION;
++ score = FFMAX(score, AVPROBE_SCORE_MAX - 50);
++ offset = FFMAX(4, AV_RB32(p->buf+offset)) + offset;
+ break;
+ default:
+- /* unrecognized tag */
+- return score;
++ offset = FFMAX(4, AV_RB32(p->buf+offset)) + offset;
+ }
+ }
++ if(tag > AVPROBE_SCORE_MAX - 50 && moov_offset != -1) {
++ /* moov atom in the header - we should make sure that this is not a
++ * MOV-packed MPEG-PS */
++ offset = moov_offset;
++
++ while(offset < (p->buf_size - 20)){ /* Sufficient space */
++ /* We found an actual stsd atom */
++ if(AV_RL32(p->buf+offset) == MKTAG('s','t','s','d') &&
++ /* Make sure there's only one stream */
++ AV_RB32(p->buf + offset + 8) == 1 &&
++ AV_RL32(p->buf + offset + 16) == MKTAG('m','1','s',' ')
++ ){
++ av_log(NULL, AV_LOG_WARNING, "Found m1s tag indicating this is a MOV-packed MPEG-PS.\n");
++ /* We found an stsd atom describing an MPEG-PS-in-MOV, return a
++ * low score to force expanding the probe window until
++ * mpegps_probe finds what it needs */
++ return 5;
++ }else
++ /* Keep looking */
++ offset+=2;
++ }
++ }
++
++ return score;
+ }
+
+ // must be done after parsing all trak because there's no order requirement
--- /dev/null
+From: Markus Koschany <apo@debian.org>
+Date: Sun, 30 Dec 2018 16:51:20 +0100
+Subject: CVE-2018-14394
+
+Origin: https://github.com/FFmpeg/FFmpeg/commit/3a2d21bc5f97aa0161db3ae731fc2732be6108b8
+---
+ libavformat/movenc.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/libavformat/movenc.c b/libavformat/movenc.c
+index e48a363..6d99a0a 100644
+--- a/libavformat/movenc.c
++++ b/libavformat/movenc.c
+@@ -3033,6 +3033,11 @@ int ff_mov_write_packet(AVFormatContext *s, AVPacket *pkt)
+ else
+ samples_in_chunk = 1;
+
++ if (samples_in_chunk < 1) {
++ av_log(s, AV_LOG_ERROR, "fatal error, input packet contains no samples\n");
++ return AVERROR_PATCHWELCOME;
++ }
++
+ /* copy extradata if it exists */
+ if (trk->vos_len == 0 && enc->extradata_size > 0) {
+ trk->vos_len = enc->extradata_size;
--- /dev/null
+From 6b67d7f05918f7a1ee8fc6ff21355d7e8736aa10 Mon Sep 17 00:00:00 2001
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Sat, 28 Jul 2018 15:03:50 +0200
+Subject: [PATCH] avformat/flvenc: Check audio packet size
+
+Fixes: Assertion failure
+Fixes: assert_flvenc.c:941_1.swf
+
+Found-by: #CHEN HONGXU# <HCHEN017@e.ntu.edu.sg>
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+---
+ libavformat/flvenc.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+--- a/libavformat/flvenc.c
++++ b/libavformat/flvenc.c
+@@ -438,6 +438,11 @@
+ uint8_t *data = NULL;
+ int flags = 0, flags_size;
+
++ if (enc->codec_type == AVMEDIA_TYPE_AUDIO && !pkt->size) {
++ av_log(s, AV_LOG_WARNING, "Empty audio Packet\n");
++ return AVERROR(EINVAL);
++ }
++
+ if (enc->codec_id == AV_CODEC_ID_VP6F || enc->codec_id == AV_CODEC_ID_VP6A ||
+ enc->codec_id == AV_CODEC_ID_AAC)
+ flags_size = 2;
--- /dev/null
+From: Markus Koschany <apo@debian.org>
+Date: Sun, 30 Dec 2018 16:39:05 +0100
+Subject: CVE-2018-1999010
+
+Origin: https://github.com/FFmpeg/FFmpeg/commit/cced03dd667a5df6df8fd40d8de0bff477ee02e
+---
+ libavformat/mms.c | 42 ++++++++++++++++++++++++++----------------
+ 1 file changed, 26 insertions(+), 16 deletions(-)
+
+diff --git a/libavformat/mms.c b/libavformat/mms.c
+index fb16a3c..787edf1 100644
+--- a/libavformat/mms.c
++++ b/libavformat/mms.c
+@@ -94,22 +94,26 @@ int ff_mms_asf_header_parser(MMSContext *mms)
+ }
+ }
+ } else if (!memcmp(p, ff_asf_stream_header, sizeof(ff_asf_guid))) {
+- flags = AV_RL16(p + sizeof(ff_asf_guid)*3 + 24);
+- stream_id = flags & 0x7F;
+- //The second condition is for checking CS_PKT_STREAM_ID_REQUEST packet size,
+- //we can calcuate the packet size by stream_num.
+- //Please see function send_stream_selection_request().
+- if (mms->stream_num < MMS_MAX_STREAMS &&
+- 46 + mms->stream_num * 6 < sizeof(mms->out_buffer)) {
+- mms->streams = av_fast_realloc(mms->streams,
+- &mms->nb_streams_allocated,
+- (mms->stream_num + 1) * sizeof(MMSStream));
+- mms->streams[mms->stream_num].id = stream_id;
+- mms->stream_num++;
+- } else {
+- av_log(NULL, AV_LOG_ERROR,
+- "Corrupt stream (too many A/V streams)\n");
+- return AVERROR_INVALIDDATA;
++ if (end - p >= (sizeof(ff_asf_guid) * 3 + 26)) {
++ flags = AV_RL16(p + sizeof(ff_asf_guid)*3 + 24);
++ stream_id = flags & 0x7F;
++ //The second condition is for checking CS_PKT_STREAM_ID_REQUEST packet size,
++ //we can calculate the packet size by stream_num.
++ //Please see function send_stream_selection_request().
++ if (mms->stream_num < MMS_MAX_STREAMS &&
++ 46 + mms->stream_num * 6 < sizeof(mms->out_buffer)) {
++ mms->streams = av_fast_realloc(mms->streams,
++ &mms->nb_streams_allocated,
++ (mms->stream_num + 1) * sizeof(MMSStream));
++ if (!mms->streams)
++ return AVERROR(ENOMEM);
++ mms->streams[mms->stream_num].id = stream_id;
++ mms->stream_num++;
++ } else {
++ av_log(NULL, AV_LOG_ERROR,
++ "Corrupt stream (too many A/V streams)\n");
++ return AVERROR_INVALIDDATA;
++ }
+ }
+ } else if (!memcmp(p, ff_asf_ext_stream_header, sizeof(ff_asf_guid))) {
+ if (end - p >= 88) {
+@@ -141,6 +145,12 @@ int ff_mms_asf_header_parser(MMSContext *mms)
+ }
+ } else if (!memcmp(p, ff_asf_head1_guid, sizeof(ff_asf_guid))) {
+ chunksize = 46; // see references [2] section 3.4. This should be set 46.
++ if (chunksize > end - p) {
++ av_log(NULL, AV_LOG_ERROR,
++ "Corrupt stream (header chunksize %"PRId64" is invalid)\n",
++ chunksize);
++ return AVERROR_INVALIDDATA;
++ }
+ }
+ p += chunksize;
+ }
--- /dev/null
+From 9807d3976be0e92e4ece3b4b1701be894cd7c2e1 Mon Sep 17 00:00:00 2001
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Tue, 3 Jul 2018 22:14:42 +0200
+Subject: [PATCH] avformat/pva: Check for EOF before retrying in
+ read_part_of_packet()
+
+Fixes: Infinite loop
+Fixes: pva-4b1835dbc2027bf3c567005dcc78e85199240d06
+
+Found-by: Paul Ch <paulcher@icloud.com>
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+---
+ libavformat/pva.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+--- a/libavformat/pva.c
++++ b/libavformat/pva.c
+@@ -120,6 +120,10 @@
+ pes_flags = avio_rb16(pb);
+ pes_header_data_length = avio_r8(pb);
+
++ if (avio_feof(pb)) {
++ return AVERROR_EOF;
++ }
++
+ if (pes_signal != 1) {
+ pva_log(s, AV_LOG_WARNING, "expected signaled PES packet, "
+ "trying to recover\n");
--- /dev/null
+From f077ad69c682c13ab75a72aec11a61cac53f0c91 Mon Sep 17 00:00:00 2001
+From: Carl Eugen Hoyos <cehoyos@ag.or.at>
+Date: Sun, 4 Sep 2016 21:11:02 +0200
+Subject: [PATCH] lavc/avpacket: Fix undefined behaviour, do not pass a null
+ pointer to memcpy().
+
+Fixes ticket #5128.
+---
+ libavcodec/avpacket.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+--- a/libavcodec/avpacket.c
++++ b/libavcodec/avpacket.c
+@@ -364,7 +364,8 @@
+ ret = packet_alloc(&dst->buf, src->size);
+ if (ret < 0)
+ goto fail;
+- memcpy(dst->buf->data, src->data, src->size);
++ if (src->size)
++ memcpy(dst->buf->data, src->data, src->size);
+
+ dst->data = dst->buf->data;
+ } else {
--- /dev/null
+From 3f621455d62e46745453568d915badd5b1e5bcd5 Mon Sep 17 00:00:00 2001
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Sun, 28 Jan 2018 02:46:56 +0100
+Subject: [PATCH] avfilter/vf_transpose: Fix regression with packed pixel
+ formats
+
+Regression since: c6939f65a116b1ffed345d29d8621ee4ffb32235
+Found-by: Paul B Mahol <onemda@gmail.com>
+Reviewed-by: Paul B Mahol <onemda@gmail.com>
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+---
+ libavfilter/vf_transpose.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/libavfilter/vf_transpose.c
++++ b/libavfilter/vf_transpose.c
+@@ -27,6 +27,7 @@
+
+ #include <stdio.h>
+
++#include "libavutil/avassert.h"
+ #include "libavutil/imgutils.h"
+ #include "libavutil/internal.h"
+ #include "libavutil/intreadwrite.h"
+@@ -48,6 +49,7 @@
+ typedef struct TransContext {
+ const AVClass *class;
+ int hsub, vsub;
++ int planes;
+ int pixsteps[4];
+
+ enum TransposeDir dir;
+@@ -93,6 +95,9 @@
+
+ trans->hsub = desc_in->log2_chroma_w;
+ trans->vsub = desc_in->log2_chroma_h;
++ trans->planes = desc_in->nb_components;
++
++ av_assert0(desc_in->nb_components == desc_out->nb_components);
+
+ av_image_fill_max_pixsteps(trans->pixsteps, NULL, desc_out);
+
+@@ -135,7 +140,7 @@
+ out->sample_aspect_ratio.den = in->sample_aspect_ratio.num;
+ }
+
+- for (plane = 0; out->data[plane]; plane++) {
++ for (plane = 0; plane < trans->planes; plane++) {
+ int hsub = plane == 1 || plane == 2 ? trans->hsub : 0;
+ int vsub = plane == 1 || plane == 2 ? trans->vsub : 0;
+ int pixstep = trans->pixsteps[plane];
--- /dev/null
+From 3f621455d62e46745453568d915badd5b1e5bcd5 Mon Sep 17 00:00:00 2001
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Sun, 28 Jan 2018 02:46:56 +0100
+Subject: [PATCH] avfilter/vf_transpose: Fix regression with packed pixel
+ formats
+
+Regression since: c6939f65a116b1ffed345d29d8621ee4ffb32235
+Found-by: Paul B Mahol <onemda@gmail.com>
+Reviewed-by: Paul B Mahol <onemda@gmail.com>
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+---
+ libavfilter/vf_transpose.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/libavfilter/vf_transpose.c
++++ b/libavfilter/vf_transpose.c
+@@ -95,7 +95,7 @@
+
+ trans->hsub = desc_in->log2_chroma_w;
+ trans->vsub = desc_in->log2_chroma_h;
+- trans->planes = desc_in->nb_components;
++ trans->planes = av_pix_fmt_count_planes(outlink->format);
+
+ av_assert0(desc_in->nb_components == desc_out->nb_components);
+
--- /dev/null
+From: Markus Koschany <apo@debian.org>
+Date: Sun, 6 Jan 2019 16:05:17 +0100
+Subject: CVE-2018-6621
+
+Origin: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/118e1b0b3370dd1c0da442901b486689efd1654b
+---
+ libavcodec/utvideodec.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libavcodec/utvideodec.c b/libavcodec/utvideodec.c
+index 553f45d..63556b8 100644
+--- a/libavcodec/utvideodec.c
++++ b/libavcodec/utvideodec.c
+@@ -362,7 +362,7 @@ static int decode_frame(AVCodecContext *avctx, void *data, int *got_frame,
+ slice_end = bytestream2_get_le32u(&gb);
+ slice_size = slice_end - slice_start;
+ if (slice_end < 0 || slice_size < 0 ||
+- bytestream2_get_bytes_left(&gb) < slice_end) {
++ bytestream2_get_bytes_left(&gb) < slice_end + 1024LL) {
+ av_log(avctx, AV_LOG_ERROR, "Incorrect slice size\n");
+ return AVERROR_INVALIDDATA;
+ }
--- /dev/null
+From: Markus Koschany <apo@debian.org>
+Date: Sun, 30 Dec 2018 15:14:44 +0100
+Subject: CVE-2018-7557
+
+Origin: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/7414d0bda7763f9bd69c26c068e482ab297c1c96
+---
+ libavcodec/utvideodec.c | 9 +++++++++
+ 1 file changed, 9 insertions(+)
+
+diff --git a/libavcodec/utvideodec.c b/libavcodec/utvideodec.c
+index bb8c7aa..553f45d 100644
+--- a/libavcodec/utvideodec.c
++++ b/libavcodec/utvideodec.c
+@@ -28,6 +28,7 @@
+ #include <stdlib.h>
+
+ #include "libavutil/intreadwrite.h"
++#include "libavutil/pixdesc.h"
+ #include "avcodec.h"
+ #include "bswapdsp.h"
+ #include "bytestream.h"
+@@ -477,6 +478,7 @@ static int decode_frame(AVCodecContext *avctx, void *data, int *got_frame,
+ static av_cold int decode_init(AVCodecContext *avctx)
+ {
+ UtvideoContext * const c = avctx->priv_data;
++ int h_shift, v_shift;
+
+ c->avctx = avctx;
+
+@@ -541,6 +543,13 @@ static av_cold int decode_init(AVCodecContext *avctx)
+ return AVERROR_INVALIDDATA;
+ }
+
++ av_pix_fmt_get_chroma_sub_sample(avctx->pix_fmt, &h_shift, &v_shift);
++ if ((avctx->width & ((1<<h_shift)-1)) ||
++ (avctx->height & ((1<<v_shift)-1))) {
++ avpriv_request_sample(avctx, "Odd dimensions");
++ return AVERROR_PATCHWELCOME;
++ }
++
+ return 0;
+ }
+
--- /dev/null
+From 54655623a82632e7624714d7b2a3e039dc5faa7e Mon Sep 17 00:00:00 2001
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Sat, 23 Mar 2019 20:55:08 +0100
+Subject: [PATCH] avcodec/hevc: Avoid only partly skiping duplicate first
+ slices
+
+Fixes: NULL pointer dereference and out of array access
+Fixes: 13871/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HEVC_fuzzer-5746167087890432
+Fixes: 13845/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HEVC_fuzzer-5650370728034304
+
+This also fixes the return code for explode mode
+
+Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
+Reviewed-by: James Almer <jamrial@gmail.com>
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+---
+ libavcodec/hevc.c | 14 ++++++++++----
+ 1 file changed, 10 insertions(+), 4 deletions(-)
+
+[sunweaver] Rebase for patching libav in Debian jessie LTS.
+
+ This patch implicitly ships the previous change:
+
+ commit 70c8c8a818f39bc262565ec29fae2baffb3e1660
+ Author: James Almer <jamrial@gmail.com>
+ Date: Mon Mar 18 17:25:58 2019 -0300
+
+ avcodec/hevcdec: decode at most one slice reporting being the first in the picture
+
+ Fixes deadlocks when decoding packets containing more than one of the aforementioned
+ slices when using frame threads.
+
+ Tested-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
+ Signed-off-by: James Almer <jamrial@gmail.com>
+
+--- a/libavcodec/hevc.c
++++ b/libavcodec/hevc.c
+@@ -461,6 +461,11 @@
+
+ // Coded parameters
+ sh->first_slice_in_pic_flag = get_bits1(gb);
++ if (s->ref && sh->first_slice_in_pic_flag) {
++ av_log(s->avctx, AV_LOG_ERROR, "Two slices reporting being the first in the same frame.\n");
++ return 1; // This slice will be skiped later, do not corrupt state
++ }
++
+ if ((IS_IDR(s) || IS_BLA(s)) && sh->first_slice_in_pic_flag) {
+ s->seq_decode = (s->seq_decode + 1) & 0xff;
+ s->max_ra = INT_MAX;
+@@ -2900,6 +2905,8 @@
+ ret = ff_hevc_output_frame(s, data, 1);
+ if (ret < 0)
+ return ret;
++ if (ret == 1)
++ return AVERROR_INVALIDDATA;
+
+ *got_output = ret;
+ return 0;
--- /dev/null
+From 3dca5a5c41f67a2e149582f3d46a09647b183e71 Mon Sep 17 00:00:00 2001
+From: Paul B Mahol <onemda@gmail.com>
+Date: Mon, 18 Aug 2014 11:00:24 +0000
+Subject: [PATCH] wvdec: check for eof in wv_read_block_header()
+
+Fixes Ticket #3865
+Found-by: Piotr Bandurski <ami_stuff@o2.pl>
+Signed-off-by: Paul B Mahol <onemda@gmail.com>
+---
+ libavformat/wvdec.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/libavformat/wvdec.c
++++ b/libavformat/wvdec.c
+@@ -121,7 +121,7 @@
+ "Cannot determine additional parameters\n");
+ return AVERROR_INVALIDDATA;
+ }
+- while (avio_tell(pb) < block_end) {
++ while (avio_tell(pb) < block_end && !avio_feof(pb)) {
+ int id, size;
+ id = avio_r8(pb);
+ size = (id & 0x80) ? avio_rl24(pb) : avio_r8(pb);
--- /dev/null
+From 56cc024220886927350cfc26ee695062ca7ecaf4 Mon Sep 17 00:00:00 2001
+From: wm4 <nfxjfg@googlemail.com>
+Date: Tue, 3 Feb 2015 19:04:12 +0100
+Subject: [PATCH] avformat/mpc8: fix hang with fuzzed file
+
+This can lead to an endless loop by seeking back a few bytes after each
+attempted chunk read. Assuming negative sizes are always invalid, this
+is easy to fix. Other code in this demuxer treats negative sizes as
+invalid as well.
+
+Fixes ticket #4262.
+
+Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
+---
+ libavformat/mpc8.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+--- a/libavformat/mpc8.c
++++ b/libavformat/mpc8.c
+@@ -216,6 +216,10 @@
+ while(!pb->eof_reached){
+ pos = avio_tell(pb);
+ mpc8_get_chunk_header(pb, &tag, &size);
++ if (size < 0) {
++ av_log(s, AV_LOG_ERROR, "Invalid chunk length\n");
++ return AVERROR_INVALIDDATA;
++ }
+ if(tag == TAG_STREAMHDR)
+ break;
+ mpc8_handle_chunk(s, tag, pos, size);
--- /dev/null
+From: Markus Koschany <apo@debian.org>
+Date: Sun, 30 Dec 2018 12:12:16 +0100
+Subject: avio_feof
+
+This function is needed for several of the CVE-2017-140xx flaws.
+---
+ libavformat/avio.h | 2 ++
+ libavformat/aviobuf.c | 11 +++++++++++
+ 2 files changed, 13 insertions(+)
+
+diff --git a/libavformat/avio.h b/libavformat/avio.h
+index 3360e82..7669132 100644
+--- a/libavformat/avio.h
++++ b/libavformat/avio.h
+@@ -227,6 +227,8 @@ static av_always_inline int64_t avio_tell(AVIOContext *s)
+ */
+ int64_t avio_size(AVIOContext *s);
+
++int avio_feof(AVIOContext *s);
++
+ /** @warning currently size is limited */
+ int avio_printf(AVIOContext *s, const char *fmt, ...) av_printf_format(2, 3);
+
+diff --git a/libavformat/aviobuf.c b/libavformat/aviobuf.c
+index 6923b78..17b8300 100644
+--- a/libavformat/aviobuf.c
++++ b/libavformat/aviobuf.c
+@@ -257,6 +257,17 @@ int64_t avio_size(AVIOContext *s)
+ return size;
+ }
+
++int avio_feof(AVIOContext *s)
++{
++ if(!s)
++ return 0;
++ if(s->eof_reached){
++ s->eof_reached=0;
++ fill_buffer(s);
++ }
++ return s->eof_reached;
++}
++
+ void avio_wl32(AVIOContext *s, unsigned int val)
+ {
+ avio_w8(s, val);
--- /dev/null
+02-configure-disable-ebx-gcc-4.9.patch
+03-disable-configuration-warnings.patch
+CVE-2015-6761.patch
+CVE-2014-9317.patch
+CVE-2015-6818.patch
+CVE-2015-6820.patch
+CVE-2015-6821.patch
+CVE-2015-6822.patch
+CVE-2015-6823.patch
+CVE-2015-6824.patch
+CVE-2015-6825.patch
+CVE-2015-6826.patch
+CVE-2015-8216.patch
+CVE-2015-8217.patch
+CVE-2015-8363.patch
+CVE-2015-8364.patch
+CVE-2015-8661.patch
+CVE-2015-8662.patch
+CVE-2015-8663.patch
+CVE-2016-10190-pre1-3668701f.patch
+CVE-2016-10190-pre2-362c17e6.patch
+CVE-2016-10190-pre3-strtoull.patch
+CVE-2016-10190.patch
+CVE-2016-10191.patch
+CVE-2018-7557.patch
+CVE-2018-6621.patch
+CVE-2018-1999010.patch
+CVE-2018-14394.patch
+CVE-2017-9994.patch
+CVE-2017-9993.patch
+CVE-2017-17130.patch
+CVE-2017-15672.patch
+CVE-2017-14767.patch
+CVE-2017-14055.patch
+CVE-2017-14056.patch
+CVE-2017-14170.patch
+CVE-2017-14171.patch
+avio_feof.patch
+CVE-2017-14057.patch
+CVE-2015-1207.patch
+CVE-2017-14169.patch
+CVE-2017-14223.patch
+CVE-2017-7863.patch
+CVE-2014-8542.patch
+CVE-2017-7865.patch
+CVE-2018-1999012.patch
+CVE-2015-1872.patch
+CVE-2018-6392-1.patch
+CVE-2018-6392-2.patch
+CVE-2017-14058.patch
+CVE-2017-1000460.patch
+CVE-2019-11338.patch
+CVE-2018-15822.patch
+CVE-2019-14442.patch
+CVE-2018-5766.patch
+CVE-2019-14372.patch
+CVE-2017-9987-1.patch
+CVE-2017-9987-2.patch
+CVE-2018-11102-1.patch
+CVE-2018-11102-2.patch
--- /dev/null
+.\" Hey, EMACS: -*- nroff -*-
+.\" First parameter, NAME, should be all caps
+.\" Second parameter, SECTION, should be 1-8, maybe w/ subsection
+.\" other parameters are allowed: see man(7), man(1)
+.TH QT-FASTSTART 1 "May 10, 2009"
+.\" Please adjust this date whenever revising the manpage.
+.\"
+.\" Some roff macros, for reference:
+.\" .nh disable hyphenation
+.\" .hy enable hyphenation
+.\" .ad l left justify
+.\" .ad b justify to both left and right margins
+.\" .nf disable filling
+.\" .fi enable filling
+.\" .br insert line break
+.\" .sp <n> insert n+1 empty lines
+.\" for manpage-specific macros, see man(7)
+.SH NAME
+qt-faststart \- utility for Quicktime files
+.SH SYNOPSIS
+.B qt-faststart
+.br
+.SH DESCRIPTION
+\fBqt-faststart\fP is a utility that rearranges a Quicktime file such that the
+moov atom is in front of the data, thus facilitating network streaming.
+.SH OPTIONS
+Options processed by the executable:
+.TP
+\fB\<infile.mov>\fR
+The source Quicktime file.
+.TP
+\fB\<outfile.mov>\fR
+The destination Quicktime file.
+.SH AUTHOR
+This manual page was written by Andres Mejia <mcitadel@gmail.com>
+for the Debian GNU/Linux system, but may be used by others.
--- /dev/null
+The scripts in this folder may be helpful for doing mass rebuilds.
+
+How to use:
+
+1. Upload the new Libav upstream release to experimental, make sure your
+ mirror has it available.
+
+1. Copy this folder to a temporary directory with lots of
+ storage. (e.g., /srv/scratch/libav_rebuilds)
+
+2. Identify all packages you need to rebuild either using grep-dctrl(1),
+ or by scraping the Debian release tracker at
+ https://release.debian.org/transitions/. List all packages in a file
+ "packages.txt"
+
+3. Review and adjust the dependencies and chroot names in
+ git_experimental_source
+
+4. Execute "./do_all_safe"
+
+Discussion:
+
+git_experimental_source will use the schroot chroot to download the
+source package from debian/experimental in a subdirectory with the
+package name. It also places a script called "build.sh" with an schroot
+invocation that makes sure you have the libav packages from experimental
+in your build.sh chroot avaialable. do_all_safe iterates over the
+package list, download packages that have not been downloaded yet and
+executes the generated $package/build.sh script.
+
+If a build breaks, the idea is to go into that directory, and work on a
+patch to fix the problem. To start over, just delete the directory and
+call do_all_safe again.
+
+August 2014, Reinhard Tartler <siretart@debian.org>
\ No newline at end of file
--- /dev/null
+#!/bin/sh
+
+#!/bin/sh
+#
+# Copyright 2014, Reinhard Tartler <siretart@debian.org>
+#
+# These helper script is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation; either version 2 of the
+# License, or (at your option) any later version.
+#
+# This script is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# General Public License for more details.
+#
+
+set -ex
+
+for package in `cat packages.txt`; do
+ if [ ! -d $package ]; then
+ echo "Rebuilding $package"
+ ./git_experimental_source $package
+ ./$package/build.sh || true
+ else
+ echo "Skipping $package"
+ fi
+done
--- /dev/null
+#!/bin/sh
+#
+# Copyright 2014, Reinhard Tartler <siretart@debian.org>
+#
+# These helper script is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation; either version 2 of the
+# License, or (at your option) any later version.
+#
+# This script is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# General Public License for more details.
+#
+
+set -e
+
+packagename=$1
+basedir=$(readlink -f `dirname $0`)
+
+if [ -z "$packagename" ]; then
+ echo "usage $0 packagename"
+ exit 1
+fi
+
+rm -rf $basedir/$packagename
+mkdir -p $basedir/$packagename
+
+cd $basedir/$packagename
+
+schroot -c experimental-amd64-sbuild -- apt-get source -d -t experimental $packagename
+package=`ls *.dsc`
+
+cat <<EOF > build.sh
+#!/bin/sh
+
+cd $PWD
+sbuild -A -dexperimental --build-dep-resolver=aptitude \
+ --make-binNMU="rebuild against libav11" --binNMU=+42 \
+ --add-depends "libavformat-dev (>> 6:11~~)" \
+ --add-depends "libavcodec-dev (>> 6:11~~)" \
+ --add-depends "libavfilter-dev (>> 6:11~~)" \
+ --add-depends "libavresample-dev (>> 6:11~~)" \
+ --add-depends "libavdevice-dev (>> 6:11~~)" \
+ --add-depends "libswscale-dev (>> 6:11~~)" \
+ --add-depends "libavutil-dev (>> 6:11~~)" \
+ "\$@" \
+ $package
+EOF
+
+chmod +x build.sh
--- /dev/null
+#!/usr/bin/make -f
+
+EPOCH=6:
+DEB_SOURCE := $(shell dpkg-parsechangelog | sed -n 's/^Source: //p')
+DEB_VERSION := $(shell dpkg-parsechangelog | sed -n 's/^Version: //p')
+UPSTREAM_VERSION := $(shell echo $(DEB_VERSION) | sed -r 's/[^:]+://; s/-[^-]+$$//')
+SHLIBS_VERSION := $(EPOCH)11~beta1
+
+# The libavcodec-extra package is necessary because it links against
+# libraries that are GPLv3 licensed. Make sure that you do not link
+# GPLv2 only applications against the libavcodec-extra flavor!
+#
+# Because of the lack of archive skew problems, only libavcodec produces
+# an -extra variant.
+
+VENDOR := Debian
+# these package do not build -extra variants
+LIB_PKGS := $(shell sed -nr 's/^Package:[[:space:]]*(lib(avutil|avdevice|avformat|avfilter|avresample|swscale)[0-9]+)[[:space:]]*$$/\1/p' debian/control)
+# these packages do build -extra variants
+LIB_PKGS2 := $(shell sed -nr 's/^Package:[[:space:]]*(libavcodec[0-9]+)[[:space:]]*$$/\1/p' debian/control)
+# these packages are the -extra- variants
+LIB_EXTRA_PKGS := $(shell sed -nr 's/^Package:[[:space:]]*(libavcodec-extra-[0-9]+)[[:space:]]*$$/\1/p' debian/control)
+
+
+# these are the -dev packages
+DEV_PKGS := $(shell echo $(LIB_PKGS) $(LIB_PKGS2) | sed 's/[0-9]\+\>/-dev/g')
+
+# Support multiple makes at once
+ifneq (,$(filter parallel=%,$(DEB_BUILD_OPTIONS)))
+NUMJOBS = -j$(patsubst parallel=%,%,$(filter parallel=%,$(DEB_BUILD_OPTIONS)))
+else
+# on i386 and amd64, we query the system unless overriden by DEB_BUILD_OPTIONS
+ifeq ($(DEB_HOST_ARCH),i386)
+NUMJOBS := -j$(shell getconf _NPROCESSORS_ONLN 2>/dev/null || echo 1)
+else ifeq ($(DEB_HOST_ARCH),amd64)
+NUMJOBS := -j$(shell getconf _NPROCESSORS_ONLN 2>/dev/null || echo 1)
+endif
+endif
+
+include debian/confflags
+OPT_FLAVORS := $(filter-out static shared, $(FLAVORS))
+
+info:
+ @echo Packages that do not build -extra variants: $(LIB_PKGS)
+ @echo Packages that do build -extra variatnts: $(LIB_PKGS2)
+ @echo Packages that are the -extra- variants: $(LIB_EXTRA_PKGS)
+
+$(info FLAVORS = $(FLAVORS))
+$(info DEB_BUILD_OPTIONS = $(DEB_BUILD_OPTIONS))
+$(info CFLAGS = $(CFLAGS))
+$(info CPPFLAGS = $(CPPFLAGS))
+$(info LDFLAGS = $(LDFLAGS))
+
+define dh_install_file_opt_flavor
+ grep @DEB_HOST_MULTIARCH_OPT@ < $(1).in | \
+ sed 's:@DEB_HOST_MULTIARCH_OPT@:$(DEB_HOST_MULTIARCH)/$($(2)_shlibdir):g' >> $(1)
+
+endef
+
+DH_INSTALL_FILES := $(foreach pkg, $(LIB_PKGS) $(LIB_PKGS2) $(LIB_EXTRA_PKGS) $(DEV_PKGS), debian/$(pkg).install)
+$(DH_INSTALL_FILES):
+ sed 's/@DEB_HOST_MULTIARCH\(_OPT\)\?@/$(DEB_HOST_MULTIARCH)/g' $@.in > $@
+ $(foreach opt_flavor,$(OPT_FLAVORS),$(call dh_install_file_opt_flavor,$@,$(opt_flavor)))
+
+configure-%: configure-stamp-%
+configure-stamp-%: configure
+ dh_testdir
+ mkdir -p debian-$*
+ cd debian-$* && CFLAGS="$(CFLAGS)" CPPFLAGS="$(CPPFLAGS)" LDFLAGS="$(LDFLAGS)" $(CURDIR)/configure \
+ $($*_build_confflags) $(extra_$*_build_confflags)
+ touch $@
+configure-extra-stamp-%:
+ dh_testdir
+ mkdir -p debian-extra-$*
+ cd debian-extra-$* && CFLAGS="$(CFLAGS)" CPPFLAGS="$(CPPFLAGS)" LDFLAGS="$(LDFLAGS)" $(CURDIR)/configure \
+ $($*_build_confflags) $(v3_confflags) $(extra_$*_build_confflags)
+ touch $@
+
+build-%: build-stamp-%
+build-stamp-%: configure-stamp-%
+ dh_testdir
+ $(MAKE) -C debian-$* $(NUMJOBS) V=1
+ touch $@
+build-extra-stamp-%: configure-extra-stamp-%
+ dh_testdir
+ $(MAKE) -C debian-extra-$* $(NUMJOBS) V=1
+ touch $@
+
+debian-shared/tools/qt-faststart: build-stamp-shared
+ $(MAKE) -C debian-shared tools/qt-faststart V=1
+
+build: build-stamp build-extra
+build-stamp: $(addprefix build-stamp-, $(FLAVORS)) debian-shared/tools/qt-faststart
+ touch $@
+build-extra: $(addprefix build-extra-stamp-, $(filter-out static,$(FLAVORS)))
+ touch $@
+
+clean:
+ dh_testdir
+ rm -f build-stamp build-extra $(addprefix build-stamp-, $(FLAVORS)) \
+ $(addprefix build-extra-stamp-, $(FLAVORS)) \
+ $(addprefix configure-stamp-, $(FLAVORS)) \
+ $(addprefix configure-extra-stamp-, $(FLAVORS)) \
+ build-doxy-stamp
+ rm -rf libav/ # created by the libav-extra variant
+ rm -rf $(addprefix debian-, $(FLAVORS)) \
+ $(addprefix debian-extra-, $(FLAVORS)) doxy
+ dh_clean $(DH_INSTALL_FILES) $(wildcard formats*.txt) $(wildcard codecs*.txt)
+
+# The trailing newline is important!
+define install_flavor
+ $(MAKE) -C debian-$(1) install DESTDIR=$(CURDIR)/debian/tmp \
+ mandir=$(CURDIR)/debian/tmp/usr/share/man
+
+endef
+
+# The trailing newline is important!
+define install_flavor_extra
+ $(MAKE) -C debian-extra-$(1) install DESTDIR=$(CURDIR)/debian/tmp/extra \
+ mandir=$(CURDIR)/debian/tmp/usr/share/man
+
+endef
+
+# usage $(call call_and_install_avconv_dump,$package,$parameter), paramter like "codecs" or "formats"
+define call_and_install_avconv_dump
+ mkdir -p debian/$(1)/usr/share/doc/$(1)
+ env LD_LIBRARY_PATH="$(CURDIR)/debian/$(1)/usr/lib/$(DEB_HOST_MULTIARCH):$(CURDIR)/debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH):$(LD_LIBRARY_PATH)" \
+ debian/tmp/usr/bin/avconv -$(2) > debian/$(1)/usr/share/doc/$(1)/$(2)-$(DEB_HOST_ARCH).txt
+ cat debian/$(1)/usr/share/doc/$(1)/$(2)-$(DEB_HOST_ARCH).txt
+
+endef
+
+# installs arch-dependent files only
+install: build $(DH_INSTALL_FILES)
+ dh_testdir
+ dh_testroot
+ dh_prep -a
+ $(foreach flavor,$(FLAVORS),$(call install_flavor,$(flavor)))
+ mkdir -p debian/tmp/etc
+ install -m 755 -D debian-shared/tools/qt-faststart debian/tmp/usr/bin/qt-faststart
+ dh_install $(addprefix -N,$(LIB_EXTRA_PKGS)) \
+ --fail-missing --sourcedir=debian/tmp
+ dh_installdocs -a doc/APIchanges
+ install -m 644 -D debian-shared/doc/*.html doc/t2h.init debian/libav-tools/usr/share/doc/libav-tools
+ dh_installexamples -a
+ dh_installchangelogs -a Changelog
+ $(foreach flavor,$(filter-out static,$(FLAVORS)),$(call install_flavor_extra,$(flavor)))
+ dh_install $(addprefix -p,$(LIB_EXTRA_PKGS)) --fail-missing \
+ --sourcedir=debian/tmp/extra
+ $(call call_and_install_avconv_dump,libavformat56,formats)
+ $(call call_and_install_avconv_dump,libavcodec56,codecs)
+ $(call call_and_install_avconv_dump,libavcodec-extra-56,codecs)
+
+binary-indep:
+ dh_testdir
+ dh_testroot
+ dh_prep -i
+ doxygen doc/Doxyfile
+ mkdir -p debian/libav-doc/usr/share/doc/libav-doc
+ mv -v doc/doxy/html debian/libav-doc/usr/share/doc/libav-doc
+ dh_installdocs -i
+ dh_installchangelogs -i
+ dh_compress -i
+ dh_fixperms -i
+ dh_installdeb -i
+ dh_gencontrol -i
+ dh_md5sums -i
+ dh_builddeb -i -- -Zxz
+
+binary-arch: build install
+ dh_testdir
+ dh_testroot
+ dh_installman -plibav-tools debian/qt-faststart.1
+ dh_strip -a --dbg-package=libav-dbg
+ dh_lintian -a
+ dh_link -a
+ dh_compress -a
+ dh_fixperms -a
+
+ # operate on non -extra package producing packages
+ for pkg in $(LIB_PKGS); do \
+ dh_makeshlibs -p"$$pkg" -V"$$pkg (>= $(SHLIBS_VERSION))"; \
+ done
+ # operate e.g. the -extra- packages, produce shlibs that have alternative dependencies
+ for pkg in $(LIB_EXTRA_PKGS); do \
+ npkg=$$(echo "$$pkg" | sed -r 's/-extra-//'); \
+ dh_makeshlibs -p"$$pkg" -V"$$npkg (>= $(SHLIBS_VERSION)) | $$pkg (>= $(EPOCH)$(UPSTREAM_VERSION))"; \
+ done
+ # operate on packages with -extra- variants such as libavcodec54 - produce shlibs that have alternative dependencies
+ for pkg in $(LIB_PKGS2); do \
+ upkg=$$(echo "$$pkg" | sed -r 's/([0-9]+)$$/-extra-\1/'); \
+ dh_makeshlibs -p"$$pkg" -V"$$pkg (>= $(SHLIBS_VERSION)) | $$upkg (>= $(EPOCH)$(UPSTREAM_VERSION))"; \
+ done
+ dh_shlibdeps
+ dh_installdeb -a
+ dh_gencontrol -a
+ dh_md5sums -a
+ dh_builddeb -a -- -Zxz
+
+binary: binary-indep binary-arch
+
+.PHONY: build $(addprefix build-, $(FLAVORS)) \
+ clean \
+ $(addprefix configure-, $(FLAVORS)) \
+ binary binary-indep binary-arch \
+ install install-common install-extra \
+ get-orig-source
--- /dev/null
+3.0 (quilt)
--- /dev/null
+debian/upstream-signing-key.pgp
--- /dev/null
+# ffmpeg-dbg is an empty, transitional package
+libav source: dbg-package-missing-depends ffmpeg-dbg
--- /dev/null
+version=3
+opts="uversionmangle=s/_/~/i,pgpsigurlmangle=s/$/.asc/" \
+http://libav.org/releases/libav-([\d\.]+)\.tar\.xz
projects / libav.git / commitdiff