From: Sylvain Beucler Date: Thu, 5 Dec 2019 16:27:00 +0000 (+0000) Subject: Import libav_11.12-1~deb8u9.debian.tar.xz X-Git-Tag: archive/raspbian/6%11.12-1_deb8u9+rpi1^2~66^2 X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=2dd5ba288d921b129796eac6ab165740bdeef5d9;p=libav.git Import libav_11.12-1~deb8u9.debian.tar.xz [dgit import tarball libav 6:11.12-1~deb8u9 libav_11.12-1~deb8u9.debian.tar.xz] --- 2dd5ba288d921b129796eac6ab165740bdeef5d9 diff --git a/NEWS b/NEWS new file mode 100644 index 0000000..e316ca0 --- /dev/null +++ b/NEWS @@ -0,0 +1,15 @@ +libav (6:10.2-1) unstable; urgency=high + + * Disable avserver (Closes: #734335) + + It turns out that avserver is pretty much unmaintained these days and + contains obvious bugs. The next Libav upstream release has it already + removed, and further maintenance is currently rather unlikely. With + this in mind, the libav package proactively disables the avserver build + anticipating its removal upstream. + + If you are interested in having avserver back and functional, please + help upstream with reinstantiating it. + + -- Reinhard Tartler Fri, 27 Jun 2014 22:11:18 -0400 + diff --git a/README.Debian b/README.Debian new file mode 100644 index 0000000..7501b68 --- /dev/null +++ b/README.Debian @@ -0,0 +1,36 @@ +lintian override shlib-with-non-pic-codeshlib-with-non-pic-code +================================================================== + +The lintian overrides for the non-pic shared libs error messages is not +really a matter of silencing lintian. The general idea is that the +override would serve as an indication that we know about the error +message and we're avoiding any bug reports or complaints by others about +the errors. + +We are aware that this override is too strict. It should only cover the +i386 architecture, as we know that the upstream build system will +produce PIC libraries where necessary. Only architectures like i386 will +be built non-PIC, mainly for performance reasons. + + -- Reinhard Tartler , Sat, 28 Jun 2014 09:38:52 -0400 + +Source package +============== + +Libav represents the successor of the former ffmpeg source package. It +provides all libraries and provides an upgrade path for existing +application packages. + + -- Reinhard Tartler Sat, 19 Mar 2011 08:13:46 +0100 + +License of the Debian ffmpeg packages +===================================== + +The license for the whole work is the GPL, not the LGPL, because +GPL-only parts of ffmpeg were activated -- namely libswscale, x11grab +and other GPL licensed libraries. If you need LGPL versions of the +libraries, please comment out the appropriate line in debian/confflags. + +Because libavcodec-extra-* links against libraries that are licensed +under Apache License 2.0, the resulting binaries are distributed under +the GPL version 3 or later. diff --git a/README.source b/README.source new file mode 100644 index 0000000..ba94624 --- /dev/null +++ b/README.source @@ -0,0 +1,26 @@ +Circular Build-Depends and bootstrapping libav on new architectures +=================================================================== + +libav is involved in several circular build-dependencies that give porters a +hard time (c.f. #671302) at bootstrapping, e.g.: + + libav -> frei0r -> opencv -> libav + libav -> opencv -> libav + libav -> x264 -> libav + libav -> x264 -> gpac -> libav + +However, please note that all these libraries are strictly optional to libav +and are only enabled at build time if available. For bootstrapping purposes +it is thus perfectly sufficient to remove all *-dev packages from the +Build-Depends field in debian/control and generate packages with a reduced +feature set that are still usable to build other packages. + +Using the nomenclature of the EmdebianSprint2011 [0,1] one would write e.g.: + + Build-Depends-Bootstrap1: + debhelper (>= 9) + +[0] http://wiki.debian.org/DebianBootstrap/EmdebianSprint2011 +[1] http://lists.debian.org/debian-devel-announce/2011/03/msg00000.html + + -- Fabian Greffrath Tue, 19 Jun 2012 16:06:05 +0200 diff --git a/changelog b/changelog new file mode 100644 index 0000000..a60cc99 --- /dev/null +++ b/changelog @@ -0,0 +1,3203 @@ +libav (6:11.12-1~deb8u9) jessie-security; urgency=high + + * Non-maintainer upload by the LTS Security Team. + * CVE-2019-17542: heap-based buffer overflow in vqa_decode_chunk because + of an out-of-array access in vqa_decode_init in libavcodec/vqavideo.c. + * CVE-2019-14443: division by zero in range_decode_culshift in + libavcodec/apedec.c allows remote attackers to cause a denial of + service (application crash), as demonstrated by avconv. + * CVE-2018-19128: heap-based buffer over-read in decode_frame in + libavcodec/lcldec.c that allows an attacker to cause denial-of-service + via a crafted avi file. + * CVE-2017-17127: the vc1_decode_frame function in libavcodec/vc1dec.c + allows remote attackers to cause a denial of service (NULL pointer + dereference and application crash) via a crafted file. + CVE-2018-19130 is a duplicate of this vulnerability. + * CVE-2017-18245: the mpc8_probe function in libavformat/mpc8.c allows + remote attackers to cause a denial of service (heap-based buffer + over-read) via a crafted audio file on 32-bit systems. + + -- Sylvain Beucler Thu, 05 Dec 2019 17:27:00 +0100 + +libav (6:11.12-1~deb8u8) jessie-security; urgency=medium + + * CVE-2019-14442: avformat/mpc8: fix hang with fuzzed file. + * CVE-2018-5766: lavc/avpacket: Fix undefined behaviour, do not pass a null + pointer to memcpy(). + * CVE-2019-14372: wvdec: check for eof in wv_read_block_header(). + * CVE-2017-9987: avcodec/mpegvideo_motion: Fix off by 1 error in MV bounds + checking. + * CVE-2018-11102: + - mov_probe: fix integer overflows. + - mov.c: Check for stsd + m1s tag indicating MOV-wrapped MPEG-PS, and force + continued probing if found. + + -- Mike Gabriel Sat, 31 Aug 2019 17:36:55 +0200 + +libav (6:11.12-1~deb8u7) jessie-security; urgency=medium + + * Non-maintainer upload by the LTS team. + * CVE-2019-11338: avcodec/hevc: Avoid only partly skiping duplicate first + slices. + * CVE-2018-15822: avformat/flvenc: Check audio packet size. + + -- Mike Gabriel Tue, 28 May 2019 14:14:01 +0200 + +libav (6:11.12-1~deb8u6) jessie-security; urgency=medium + + * Non-maintainer upload by the LTS team. + * CVE-2018-1999012: avformat/pva: Check for EOF before retrying in + read_part_of_packet(). + * CVE-2015-1872: avcodec/mjpegdec: Check number of components for + JPEG-LS. + * CVE-2018-6392: avfilter/vf_transpose: Fix out of array access (including + later regression fix with packed pixel formats). + * CVE-2017-14058: avformat/hls: Fix DoS due to infinite loop. + * CVE-2017-1000460: h264dec: handle zero-sized NAL units in + get_last_needed_nal(). + + -- Mike Gabriel Sat, 30 Mar 2019 21:44:13 +0100 + +libav (6:11.12-1~deb8u5) jessie-security; urgency=medium + + * Non-maintainer upload by the LTS team.. + * CVE-2015-1207: avformat/mov: Fix integer overflow in + mov_read_udta_string(). + * CVE-2017-14169: In mxf_read_primer_pack() function, catch item_num + being negative, to avoid bypassing the check for a large value. + * CVE-2017-14223: avformat/asfdec: Fix DoS in asf_build_simple_index(). + Fix missing EOF check in loop. + * CVE-2017-7863: Bail out if trns was found before IHDR or IDAT in PNG data. + * CVE-2014-8542: Add case for jv to avcodec_align_dimensions2(). + * CVE-2017-7865: Add case for interplay_video to avcodec_align_dimensions2(). + + -- Mike Gabriel Mon, 21 Jan 2019 15:30:50 +0100 + +libav (6:11.12-1~deb8u4) jessie-security; urgency=high + + * Non-maintainer upload by the LTS team. + * Fix the following security vulnerabilities: + * CVE-2017-14055: a DoS in mv_read_header() due to lack of an EOF (End of + File) check might cause huge CPU and memory consumption. + * CVE-2017-14056: a DoS in rl2_read_header() due to lack of an EOF (End of + File) check might cause huge CPU and memory consumption. + * CVE-2017-14057: a DoS in asf_read_marker() due to lack of an EOF (End of + File) check might cause huge CPU and memory consumption. + * CVE-2017-14170: a DoS in mxf_read_index_entry_array() due to lack of an EOF + (End of File) check might cause huge CPU consumption. + * CVE-2017-14171: a DoS in nsv_parse_NSVf_header() due to lack of an EOF (End + of File) check might cause huge CPU consumption. + * CVE-2017-14767: The sdp_parse_fmtp_config_h264 function in + libavformat/rtpdec_h264.c mishandles empty sprop-parameter-sets values, which + allows remote attackers to cause a denial of service (heap buffer overflow) + or possibly have unspecified other impact via a crafted sdp file. + * CVE-2017-15672: The read_header function in libavcodec/ffv1dec.c allows + remote attackers to have unspecified impact via a crafted MP4 file, which + triggers an out-of-bounds read. + * CVE-2017-17130: The ff_free_picture_tables function in + libavcodec/mpegpicture.c allows remote attackers to cause a denial of service + (heap-based buffer overflow and application crash) or possibly have + unspecified other impact via a crafted file, related to + vc1_decode_i_blocks_adv. + * CVE-2017-9993: Libav does not properly restrict HTTP Live Streaming + filename extensions and demuxer names, which allows attackers to read + arbitrary files via crafted playlist data. + * CVE-2017-9994: libavcodec/webp.c in Libav before does not ensure that + pix_fmt is set, which allows remote attackers to cause a denial of service + (heap-based buffer overflow and application crash) or possibly have + unspecified other impact via a crafted file, related to the + vp8_decode_mb_row_no_filter and pred8x8_128_dc_8_c functions. + * CVE-2018-14394: libavformat/movenc.c in Libav allows attackers to cause a + denial of service (application crash caused by a divide-by-zero error) with a + user crafted Waveform audio file. + * CVE-2018-1999010: Libav contains multiple out of array access + vulnerabilities in the mms protocol that can result in attackers accessing + out of bound data. + * CVE-2018-6621: The decode_frame function in libavcodec/utvideodec.c in + Libav allows remote attackers to cause a denial of service (out of array + read) via a crafted AVI file. + * CVE-2018-7557: The decode_init function in libavcodec/utvideodec.c in + Libav allows remote attackers to cause a denial of service (Out of array + read) via an AVI file with crafted dimensions within chroma subsampling + data. + + -- Markus Koschany Mon, 07 Jan 2019 19:45:12 +0100 + +libav (6:11.12-1~deb8u3) jessie-security; urgency=medium + + * Non-maintainer upload by the Debian LTS Team. + * debian/patches: + + Rename CVE-2015-6822+6823+6824.patch to CVE-2015-6822.patch.. + * CVE-2015-6823: avcodec/alac: Clear pointers in allocate_buffers(). + * CVE-2015-6824: swscale/utils: Clear pix buffers. Fixes use of + uninitialized memory. + + -- Mike Gabriel Thu, 20 Dec 2018 22:56:40 +0100 + +libav (6:11.12-1~deb8u2) jessie-security; urgency=medium + + * Non-maintainer upload by the Debian LTS Team. + * CVE-2014-9317: avcodec/pngdec: Check IHDR/IDAT order. Prevent remote + attackers from causing a denial of service (out-of-bounds heap access) + and possibly have other unspecified impact via an IDAT before an IHDR + in a PNG file. + * CVE-2015-6761: avcodec/vp8: Do not use num_coeff_partitions in + thread/buffer setup. The variable is not a constant and can lead to + race conditions. + * CVE-2015-6818: avcodec/pngdec: Only allow one IHDR chunk. Multiple IHDR + chunks are forbidden in PNG. Fixes inconsistency and out of array accesses. + * CVE-2015-6820: avcodec/aacsbr: check that the element type matches before + applying SBR. Fixes out of array access. + * CVE-2015-6821: avcodec/mpegvideo: Clear pointers in ff_mpv_common_init(). + This ensures that no stale pointers leak through on any path. + * CVE-2015-6822, CVE-2015-6823, CVE-2015-6824: avcodec/sanm: Reset sizes in + destroy_buffers(). + * CVE-2015-6825: avcodec/pthread_frame: clear priv_data, avoid stale pointer + in error case. + * CVE-2015-6826: avcodec/rv34: Clear pointers in + ff_rv34_decode_init_thread_copy(). Avoids leaving stale pointers. + * CVE-2015-8216: avcodec/mjpegdec: Check index in ljpeg_decode_yuv_scan() + before using it. Fixes out of array access. + * CVE-2015-8217: avcodec/hevc_ps: Check chroma_format_idc. Fixes out of + array access. + * CVE-2015-8363: avcodec/jpeg2000dec: Check for duplicate SIZ marker. + * CVE-2015-8364: avcodec/ivi: Check image dimensions. Fixes integer overflow. + * CVE-2015-8661: avcodec/h264_slice: Limit max_contexts when + slice_context_count is initialized. Fixes out of array access. + * CVE-2015-8662: avcodec/jpeg2000dwt: Check ndeclevels before calling + dwt_decode*(). Fixes out of array access. + * CVE-2015-8663: avcodec/utils: Clear dimensions in ff_get_buffer() on + failure. Fixes out of array access. + * CVE-2016-10190: http: make length/offset-related variables unsigned. + Required cherry-picking 3668701f and 362c17e6 from ffmpeg.git. + * CVE-2016-10191: avformat/rtmppkt: Check for packet size mismatches. + Fixes out of array access. + + -- Mike Gabriel Wed, 19 Dec 2018 14:31:49 +0100 + +libav (6:11.12-1~deb8u1) jessie-security; urgency=medium + + * New upstream release. + - smacker: add sanity check for length in smacker_decode_tree() + (CVE-2017-16803) + + -- Sebastian Ramacher Sun, 18 Feb 2018 21:20:56 +0100 + +libav (6:11.11-1~deb8u1) jessie-security; urgency=medium + + * Non-maintainer upload by the Security Team. + * New upstream release fixing multiple security issues. + - dfa: Disallow odd width/height and add proper bounds check for DDS1 chunks + (CVE-2017-9992) + - pictor: Correctly check frame dimensions (CVE-2017-7862) + - h264_cavlc: check the value of run_before + - dvbsubdec: improve error checking + - dvbsubdec: Fixed segfault when decoding subtitles + - rmdec: don't ignore the return value of av_get_packet() + - caf: add an Opus tag + - yadif: Account for the buffer alignment while processing the frame edges + - mov: log and return early on non-positive stsd entry counts + - arm: Fix SIGBUS on ARM when compiled with binutils 2.29 + - smacker: return meaningful error codes on failure + - smacker: fix integer overflow with pts_inc + - mm: Skip unexpected audio packets + - aacsbr: Turnoff in the event of over read. + - smacker: Check that the data size is a multiple of a sample vector + (CVE-2015-8365) + - build: Add an option for passing linker flags to the shared library build + - flv: Validate the packet size + - mjpeg: Report non-3 component rgb lossless as not supported + - vc1dec: raise an error if sprite picture data is missing + - doc: Drop the legacy symlink to README + + -- Hugo Lefeuvre Sat, 21 Oct 2017 15:08:38 +0200 + +libav (6:11.9-1~deb8u1) jessie-security; urgency=medium + + * New upstream release. + - mpegvideo_parser: avoid signed overflow in bitrate calculation. + (CVE-2016-9821) + - mpeg12dec: avoid signed overflow in bitrate calculation. (CVE-2016-9822) + * debian/patches/mpegvideo_motion-Handle-edge-emulation-even-without-.patch: + Removed, included upstream. + + -- Sebastian Ramacher Sun, 23 Apr 2017 18:36:31 +0200 + +libav (6:11.8-1~deb8u1) jessie-security; urgency=medium + + * New upstream release. + * debian/upstream-signing-key.pgp: Update upstream signing key. + * debian/patches/mpegvideo_motion-Handle-edge-emulation-even-without-.patch: + Fix NULL pointer dereference in put_no_rnd_pixels8_xy2_mmx. (CVE-2016-7424) + + -- Sebastian Ramacher Sat, 24 Sep 2016 15:23:39 +0200 + +libav (6:11.7-1~deb8u1) jessie-security; urgency=medium + + * New upstream release fixing a security issue. + - mov: Check the entries value when parsing dref boxes (CVE-2016-3062) + * debian/patches/CVE-2016-2326.patch: Removed, included upstream. + + -- Sebastian Ramacher Sun, 12 Jun 2016 11:36:21 +0200 + +libav (6:11.6-1~deb8u1) jessie-security; urgency=medium + + * New upstream release fixing multiple security issues. + - concat: disable by default (CVE-2016-1897, CVE-2016-1898) + - aac_parser: add required padding for GetBitContext buffer + - ac3_parser: add required padding for GetBitContext buffer + - imc: add required padding for GetBitContext buffer + - h263: Always check both dimensions + - opusdec: properly handle mismatching configurations in multichannel + streams + - mov: Correctly allocate ctts_data + - aac: Wait to know the channels before allocating frame + - rtpdec_asf: Check memory allocation and free memory on error + - jack: Check memory allocation + - mov: Check memory allocation + - mkv: Correctly report the latest packet had been flushed + - aic: Fix slice size computation for widths multiples of 32 macroblocks + - webp: Make sure enough bytes are available + - g726: Do not crash on user mistake + - bytestream2: set the reader to the end when reading more than available + - vp7: bound checking in vp7_decode_frame_header + - mux: Make sure that the data is actually written + - file: properly forward errors from file_read() and file_write() + - mmvideo: Make sure the rle does not write over the frame boundaries + - opus: Buffer the samples from the correct offset + - nut: Use the correct codec_tag when multiple are available + - truemotion2: Fix the buffer check + - mimic: Always return on failure + - msnwc_tcp: Correctly report failure + - rpza: Check the blocks left before processing one + - dvdsubdec: Validate the RLE offsets + - avi: Validate the stream-id for DV as well + - mov: Use the correct type for size + * debian/confflags: Force --disable-protocol=concat. + * debian/patches/CVE-2016-2326.patch: avformat/asfenc: Check pts. + (CVE-2016-2326) + + -- Sebastian Ramacher Wed, 02 Mar 2016 23:13:43 +0100 + +libav (6:11.4-1~deb8u1) jessie-security; urgency=high + + [ Sebastian Ramacher ] + * New upstream release fixing multiple security issues. + - h264: Make sure reinit failures mark the context as not initialized + (CVE-2015-3417) + - msrle: Use FFABS to determine the frame size in msrle_decode_pal4 + (CVE-2015-3395) + - cavs: Remove an unneeded scratch buffer + - configure: Disable i686 for i586 and lower CPUs (debian/783082) + - mjpegenc: Fix JFIF header byte ordering (bug/808) + - nut: Make sure to clean up on read_header failure + - png: Set the color range as full range + - avi: Validate sample_size + - nut: Check chapter creation in decode_info_header + - alac: Reject rice_limit 0 if compression is used + - ape: Support _0000 files with nblock smaller than 64 + - mux: Do not leave stale side data pointers in ff_interleave_add_packet() + - avresample: Reallocate the internal buffer to the correct size (bug/825) + - mpegts: Update the PSI/SI table only if the version change + - rtsp: Make sure we don't write too many transport entries into a + fixed-size array + - rtpenc_jpeg: Handle case of picture dimensions not dividing by 8 + - mov: Fix little endian audio detection + - x86: Put COPY3_IF_LT under HAVE_6REGS (gentoo/541930) + - roqvideoenc: set enc->avctx in roq_encode_init + - mp3: Properly use AVCodecContext API + - libvpx: Fix mixed use of av_malloc() and av_reallocp() + - Revert "lavfi: always check av_expr_parse_and_eval() return value" + - alsdec: only adapt order for positive max_order + - alsdec: check sample pointer range in revert_channel_correlation + - aacpsy: correct calculation of minath in psy_3gpp_init + - alsdec: limit avctx->bits_per_raw_sample to 32 + - aasc: return correct buffer size from aasc_decode_frame + - matroskadec: fix crash when parsing invalid mkv + - avconv: do not overwrite the stream codec context for streamcopy + - webp: ensure that each transform is only used once + - h264_ps: properly check cropping parameters against overflow + - hevc: zero the correct variables on invalid crop parameters + - hevc: make the crop sizes unsigned + + [ Reinhard Tartler] + * drop 01-configure-disable-i686-for-i586 + + -- Sebastian Ramacher Mon, 01 Jun 2015 11:12:42 +0200 + +libav (6:11.3-1+deb8u1) jessie; urgency=medium + + * Fix use of illegal instruction on i586. (Closes: #783082) + - debian/confflags: Pass correct value to --cpu. Thanks to Bernhard + Übelacker for the patch. + - debian/patches: + + 01-configure-disable-i686-for-i586.patch: Upstream patch to disable + i686 instructions on i586. + + 02-configure-disable-ebx-gcc-4.9.patch: Workaround build failure with + gcc 4.9 and newer by disabling the use of ebx in handwritten assembler + code. Thanks to Bernhard Übelacker for the initial patch. + + -- Sebastian Ramacher Tue, 05 May 2015 21:59:47 +0200 + +libav (6:11.3-1) unstable; urgency=medium + + * New upstream release fixing multiple security issues. + - utvideodec: Handle slice_height being zero (CVE-2014-9604) + - adxdec: set avctx->channels in adx_read_header + - rmenc: limit packet size + - webp: validate the distance prefix code + - rv10: check size of s->mb_width * s->mb_height + - eamad: check for out of bounds read (CID/1257500) + - mdec: check for out of bounds read (CID/1257501) + - configure: Properly fail when libcdio/cdparanoia is not found + - tiff: Check that there is no aliasing in pixel format selection (CVE-2014-8544) + - aic: Fix decoding files with odd dimensions + - vorbis: Check the vlc value in setup_classifs + - arm: Suppress tags about used cpu arch and extensions + - prores: Extend the padding check to 16bit + - icecast: Do not use chunked post, allows feeding to icecast properly + - img2dec: correctly use the parsed value from -start_number + - h264_cabac: Break infinite loops + - hevc_deblock: Fix compilation with nasm (libav #795) + - h264: initialize H264Context.avctx in init_thread_copy + - h264: Do not share rbsp_buffer across threads + - h264: only ref cur_pic in update_thread_context if it is initialized + - matroskadec: Fix read-after-free in matroska_read_seek() (chromium #427266) + - log: Unbreak no-tty support on 256color terminals + + -- Sebastian Ramacher Fri, 13 Mar 2015 23:27:25 +0100 + +libav (6:11.2-1) unstable; urgency=medium + + * New upstream release fixing multiple security issues. (Closes: #773626) + - h264: restore a block mistakenly removed in e10fd08a + - on2avc: check number of channels (CVE-2014-8549) + - smc: fix the bounds check (CVE-2014-8548) + - gifdec: refactor interleave end handling (CVE-2014-8547) + - mmvideo: check frame dimensions (CVE-2014-8543) + - jvdec: check frame dimensions (CVE-2014-8542) + - mjpegdec: check for pixel format changes (CVE-2014-8541) + - mov: avoid a memleak when multiple stss boxes are present + - vc1: Do not assume seek happens after decoding + - avconv: Use the mpeg12 private option scan_offset (Closes: #773055) + - xsub: Support DXSA subtitles + - mp3dec: fix reading the Xing tag + - matroskaenc: write correct Display{Width, Height} in stereo encoding + - configure: Fix enabling memalign_hack automatically + - mp3enc: fix a triggerable assert + - latm: Do not give a score for a single instance + - mp3: Tweak the probe scores + - matroskaenc: write correct Display{Width, Height} in stereo encoding + - coverity: Fix most of the reported warnings and issues + * debian/control: Add myself to Uploaders. + + -- Sebastian Ramacher Sat, 17 Jan 2015 20:56:19 +0100 + +libav (6:11.1-1) unstable; urgency=medium + + * Team upload. + * Upload to unstable. + + -- Sebastian Ramacher Tue, 30 Dec 2014 17:08:42 +0100 + +libav (6:11.1-1~exp1) experimental; urgency=medium + + [ upstream ] + * New release. + + Replace lena.pnm. + Closes: bug#771126. + + Treat all '*.pnm' files as non-text file. + + opusdec: Ensure all substreams have same number of coded samples. + + lavu: Fix memory leaks by using a mutex instead of atomics. + + lavu: Add wrappers for the pthreads mutex API. + + mp3enc: Fix a triggerable assert. + + resample: Avoid off-by-1 errors in PTS calcs. + + imc: Fix order of operations in coefficients read. + + hevc_mvs: Ensure to always initialize the temporal MV fully. + + hevc_mvs: Initialize the temporal MV in case of missing ref. + + h264: Reset ret to avoid propagating minor failures. + + hevc: Initialize mergecand_list to 0. + + mpeg12: Always invoke the get_format() callback. + + h264: Always invoke the get_format() callback. + + Update default FATE URL for release/11. + + apetag: Fix APE tag size check. + + [ Jonas Smedegaard ] + * Drop patches now included upstream. + + -- Jonas Smedegaard Tue, 02 Dec 2014 16:37:04 +0100 + +libav (6:11-2) unstable; urgency=medium + + * add patches post v11 release, all of which will be included in the + next point release: + - 0001-apetag-Fix-APE-tag-size-check.patch + - 0002-Update-default-FATE-URL-for-release-11.patch + - 0003-h264-Always-invoke-the-get_format-callback.patch + - 0004-mpeg12-Always-invoke-the-get_format-callback.patch + - 0005-hevc-Initialize-mergecand_list-to-0.patch + - 0006-h264-reset-ret-to-avoid-propagating-minor-failures.patch + - 0007-hevc_mvs-initialize-the-temporal-MV-in-case-of-missi.patch + - 0008-hevc_mvs-make-sure-to-always-initialize-the-temporal.patch + - 0009-imc-fix-order-of-operations-in-coefficients-read.patch + - 0010-resample-Avoid-off-by-1-errors-in-PTS-calcs.patch + + -- Reinhard Tartler Sun, 19 Oct 2014 16:18:48 -0400 + +libav (6:11-1) unstable; urgency=low + + * Upload final 11 release + - matroskadec: parse stereo mode on decoding (Closes: #757185) + + -- Reinhard Tartler Sat, 13 Sep 2014 15:36:38 -0400 + +libav (6:11~beta1-3) unstable; urgency=low + + * Add post-release upstream patches + * Remove unapplied patches + * Remove /etc/avserver.conf (Closes: #760763) + + -- Reinhard Tartler Sat, 13 Sep 2014 07:58:42 -0400 + +libav (6:11~beta1-2) unstable; urgency=medium + + [ Reinhard Tartler ] + * Make libavcodec-dev depend on libavresample-dev + + [ Rico Tzschichholz ] + * Some fixes and leftovers from soname bumps + + -- Reinhard Tartler Sat, 30 Aug 2014 11:02:45 -0400 + +libav (6:11~beta1-1) experimental; urgency=low + + * New upstream Release v11~alpha2 + * build against libgnutls28-dev (Closes: #758447) + * Bump shlibs + + -- Reinhard Tartler Sun, 17 Aug 2014 22:33:40 -0400 + +libav (6:11~alpha2-1) experimental; urgency=low + + * New upstream Release v11~alpha2 + - ffv1dec: check global parameters (CVE-2013-7020) + - mpegts: Check writing a PMTs (CVE-2014-2263) + - avcodec: Postpone FF_IDCT_XVIDMMX removal until the next version + bump (fixes gst-libav FTBFS) + * Bump shlibs + * Add helper scripts for doing mass rebuilds + + -- Reinhard Tartler Wed, 13 Aug 2014 22:11:14 -0400 + +libav (6:11~alpha1-1) experimental; urgency=low + + * New upstream Release v11~alpha1 + - Fixes Unchecked conversion from double to enum (Closes: #749164) + * Add some post v11_alpha1 patches from upstream + * All SONAMEs bumped because of internal changes, but external API is + promised to have not changed + + -- Reinhard Tartler Sun, 10 Aug 2014 09:45:02 -0400 + +libav (6:10.4-1) unstable; urgency=medium + + * New Upstream Release v10.3 + - mpegts: Do not try to write a PMT larger than SECTION_SIZE + (CVE-2014-2263) + - mpegts: Define the section length with a constant + - ffv1dec: check that global parameters do not change in version 0/1 + (CVE-2013-7020) + - h264: fix interpretation of interleaved stereo modes + - svq1: do not modify the input packet + - cdgraphics: do not return 0 from the decode function + - cdgraphics: switch to bytestream2 (CVE-2013-3674) + - jpeg2000: enable 4 component pixel formats + - stereo3d: add missing include guards + - huffyuvdec: check width size for yuv422p (CVE-2013-0848) + - mmvideo: check horizontal coordinate too (CVE-2013-3672) + - wmalosslessdec: fix mclms_coeffs* array size (CVE-2014-2098) + * build against libgnutls28-dev (Closes: #758447) + + -- Reinhard Tartler Sun, 17 Aug 2014 21:55:47 -0400 + +libav (6:10.3-1) unstable; urgency=medium + + * New Upstream Release v10.3 + - huffyuv: Check and propagate function return values (CVE-2013-0868) + - h264: prevent theoretical infinite loop in SEI parsing (CVE-2011-3946) + - pgssubdec: Check RLE size before copying (CVE-2013-0852) + - video4linux2: Avoid a floating point exception + - vf_select: Drop a debug av_log with an unchecked double to enum conversion + - librtmp: Don't free the temp url at the end of rtmp_open + - arm: Avoid using the 'setend' instruction on ARMv7 and newer + - avplay: Handle pixel aspect ratio properly + - eamad: use the bytestream2 API instead of AV_RL (CVE-2013-0851) + - pg2meet: allow size changes within original sizes + - af_compand: make sure request_frame always outputs at least one frame + + -- Reinhard Tartler Sun, 03 Aug 2014 22:30:41 -0400 + +libav (6:10.2-2) unstable; urgency=low + + [ Reinhard Tartler ] + * Fixed typo in debian/NEWS (Closes: #753453) + + [ Stefan Lippers-Hollmann ] + * libavcodec-extra: declare as Section: metapackages (Closes: #747921) + + -- Reinhard Tartler Sun, 20 Jul 2014 14:57:15 -0400 + +libav (6:10.2-1) unstable; urgency=high + + * Bumping severity for critical LZO security issue. + * New Upstream Release v10.2 + - aarch64: Use the correct syntax for relocations (Closes: #751856, + - LP: #1323144) + - ppc: Fix compilation for ppc64le (ELFv2) (LP: #1263802) + - avconv: make -shortest work with streamcopy + - lzo: Handle integer overflow (Reported by Don A. Bailey) + - Check if an mp3 header is using a reserved sample rate. + - Check mp3 header before calling avpriv_mpegaudio_decode_header(). + - jpeg2000: fix dereferencing invalid pointers during cleanup + - avpacket: fix copying side data in av_packet_copy_props() + - oggenc: Set the right AVOption size for the pref_duration option + - adpcm: Avoid reading out of bounds in the IMA QT trellis encoder + - adpcm: Write the proper predictor in trellis mode in IMA QT + * No longer build avserver (Closes: #734335) + * Clarify licensing in debian/copyright (Closes: #698019) + + -- Reinhard Tartler Fri, 27 Jun 2014 22:23:32 -0400 + +libav (6:10.1-1) unstable; urgency=low + + * New upstream release 10: + - pcm-dvd: Fix 20bit decoding (bug/592) + - avi: Improve non-interleaved detection (bug/666) + - arm: hpeldsp: fix put_pixels8_y2_{,no_rnd_}armv6 + - arm: hpeldsp: prevent overreads in armv6 asm (bug/646) + - avfilter: Add missing emms_c when needed + - rtmpproto: Check the buffer sizes when copying app/playpath strings + - swscale: Fix an undefined behaviour + - vp9: Read the frame size as unsigned + - dcadec: Use correct channel count in stereo downmix check + - dcadec: Do not decode the XCh extension when downmixing to stereo + - matroska: add the Opus mapping + - matroskadec: read the CodecDelay element + - rtmpproto: Make sure to pass on the error code if read_connect failed + - lavr: allocate the resampling buffer with a positive size + - mp3enc: Properly write bitrate value in XING header (Closes: #736088) + - golomb: Fix the implementation of get_se_golomb_long + * Drop debian/libav-tools.maintscript. ffserver is no longer found in + stable, and this seems to cause other problems today (Closes: #742676) + + -- Reinhard Tartler Sun, 11 May 2014 12:28:45 -0400 + +libav (6:10-2) experimental; urgency=low + + * Recompile against libx264-142 and librtmp1 + * Bump standards version, no changes needed + * Drop Andres Meija from uploaders. Thanks Andres for your contributions + to the libav package! (Closes: #743526). + + -- Reinhard Tartler Sat, 12 Apr 2014 08:44:31 -0400 + +libav (6:10-1) experimental; urgency=low + + * New upstream release 10. Full changelog avaialble at: + http://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v10 + + -- Reinhard Tartler Sun, 23 Mar 2014 14:23:55 -0400 + +libav (6:10~beta2-2) experimental; urgency=low + + * Drop unnecessary packages: libavformat-extra-, libavutil-extra, + libavfilter-extra and libavdevice-extra. + * Incorporate post-beta2 patches, including the icy header detection + patches (Closes: #740421) + * Add a note about 'ffmpeg' in libav-tools's package description + (Closes: #729469) + + -- Reinhard Tartler Sat, 15 Mar 2014 14:46:20 +0000 + +libav (6:10~beta2-1) experimental; urgency=low + + * New Upstream release 10_beta2. This upstream git snapshot has too many + changes to list here, cf. to the upstream Changelog: + http://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v10_beta2 + + -- Reinhard Tartler Sat, 15 Mar 2014 00:34:08 +0000 + +libav (6:10~beta1-2) experimental; urgency=low + + * New Upstream release 10_beta1. This upstream git snapshot has too many + changes to list here, cf. to the upstream Changelog: + http://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v10_beta1 + - works with H.264 that has different bit depth between chroma and luma, + Closes: #738599 + * Bump shlibs + + -- Reinhard Tartler Mon, 17 Feb 2014 22:07:03 +0000 + +libav (6:10~alpha2-1) experimental; urgency=low + + * New Upstream release 10_alpha2. This upstream git snapshot has too many + changes to list here, cf. to the upstream Changelog: + http://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v10_alpha2 + + -- Reinhard Tartler Sat, 18 Jan 2014 15:46:55 +0000 + +libav (6:10~alpha1-1) experimental; urgency=low + + * New Upstream release 10_alpha1. This upstream git snapshot has too many + changes to list here, cf. to the upstream Changelog: + http://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v10_alpha1 + - Opus in Ogg demuxing Closes: #733884, #720563, LP: #1265196 + - avprobe output is now standard INI or JSON. Closes: #715467 + - Properly working defaults in libx264 wrapper, Closes: #687048 + - avconv -t option can now be used for inputs, to limit the duration of + data read from an input file, Closes: #722003 + + -- Reinhard Tartler Wed, 18 Dec 2013 15:16:03 +0000 + +libav (6:9.13-1) unstable; urgency=medium + + * New upstream release 9.13: + - swscale: Fix an undefined behaviour + - matroska: add the Opus mapping + - mp3enc: Properly write bitrate value in XING header (Closes: #736088) + - origin/pu/9 oggdec: add support for Opus in Ogg demuxing + (Fixes: libav/603, Closes: #720563) + - apedec: do not buffer decoded samples over AVPackets (Closes: #744901) + - isom: lpcm in mov default to big endian + - movdec: handle 0x7fff langcode as macintosh per the specs + - h264: reset next_output_pic earlier in start_frame() + (Fixes: libav/672, Closes: #741240, LP: #1288206) + - rtmpproto: Make sure to pass on the error code if read_connect failed + - lavr: allocate the resampling buffer with a positive size + - tiffdec: use bytestream2 to simplify overread/overwrite protection + - resample: fix avresample_get_delay() return value + - avi: Improve non-interleaved detection (Fixes: libav/666) + - af_channelmap: fix ONE_STR mapping mode + - movenc: allow override of "writing application" tag + - matroskaenc: allow override of "writing application" tag + - avfilter: Add missing emms_c when needed + - build: Use pkg-config for openjpeg (Fixes: libav/387) + - mpeg12: check scantable indices in all decode_block functions + - sgidec: fix buffer size check in expand_rle_row() + - adx: check that the offset is not negative + - mpegvideo: set reference/pict_type on generated reference frames + - h264: Fix various crashes found in samples pointed by Mateusz + "j00ru" Jurczyk and Gynvael Coldwind - Thanks! + * Rebuild is reported to fix vaapi, Closes: #745655 + * Fix invocation of dpkg-maintscript helper, LP: #1315672 + * cleanup leftovers of the former libav-source package + * Simplify listing packages with dh_listpackage + * Drop transitional arch:all -extra- packages + * Bump standards version to 3.9.5, no changes needed + + -- Reinhard Tartler Sun, 04 May 2014 16:11:03 -0400 + +libav (6:9.11-4) unstable; urgency=medium + + * Imported Upstream version 9.11 + - bumped severity because of many security relevant changes + - update freetype header detection + + -- Reinhard Tartler Sat, 15 Mar 2014 02:05:34 +0000 + +libav (6:9.11-3) unstable; urgency=low + + * Add upstream patch to enable PIC on s390(x), Closes: #726733 + + -- Reinhard Tartler Wed, 05 Mar 2014 02:49:52 +0000 + +libav (6:9.11-2) unstable; urgency=low + + * Avoid the use of pipes to not cover segfaulting libavcodecs (cf. #726733) + * refactor call_and_install_avconv_dump functionality + * Rebuild against libfreetype 2.5.1 (closes: #731307) + * i386 shared builds must be optimized for 586, (closes: 728928, #688384) + + -- Reinhard Tartler Sat, 22 Feb 2014 14:34:54 +0000 + +libav (6:9.11-1) unstable; urgency=low + + * Imported Upstream version 9.11 + - drop patch mathematics-remove-asserts-from-av_rescale_rnd.patch, + merged upstream + - mathematics: remove asserts from av_rescale_rnd, (Closes: #718805) + * Support Opus in Ogg containers (Closes: #733884, 720563) + * Refactor conffile moving + * No longer build-depend on libtiff4-dev. Closes: #736020 + * Disable opencv filter because of #737584 + * Check upstream OpenPGP signatures (Closes: #723692) + + -- Reinhard Tartler Wed, 05 Feb 2014 00:24:42 +0000 + +libav (6:9.10-3) unstable; urgency=low + + * Add upstream patch: mathematics: remove asserts from av_rescale_rnd + Closes: #718805 + * Remove the makeinfo patch, it just disables generation of the html + equivalents of the manpages + * No longer build-depend on libtiff4-dev. Closes: #736020 + + -- Reinhard Tartler Wed, 22 Jan 2014 08:13:40 -0500 + +libav (6:9.10-2) unstable; urgency=low + + [ Fabian Greffrath ] + * Fix upstream changelog link in previous changelog entry. + * Transition from the "texi2html" utility to the "makeinfo" utility from the + texinfo package, fixes build-depends-on-obsolete-package lintian error and + addresses . + * debhelper (>= 9) is now available in stable and old-bpo. + * Use "set -e" in the body of the libav-tools maintainer scripts. + * Fix vcs-field-not-canonical lintian warning. + * Set executable permissions for qt-faststart, fixes unstripped-binary-or-object + lintian warning. + * Fix some spelling errors detected by lintian. + + [ Reinhard Tartler ] + * compile against libtiff5-dev + * Drop some special code paths for building the ubuntu flavor + (no longer necessary over there) + + -- Reinhard Tartler Sun, 03 Nov 2013 08:35:04 -0500 + +libav (6:9.10-1) unstable; urgency=medium + + * New upstream release 9.10 + * Too many security related upstream changes to list here, please cf. to + upstream changelog: + http://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v9.10 + * Urgency set to medium because new upstream release fixes many security + issues. + * Do not accidentally overwrite installed binaries from different flavors. + Thanks to Fabian Greffrath for the patch (Closes: #725956) + + -- Reinhard Tartler Thu, 10 Oct 2013 10:53:54 -0400 + +libav (6:9.9-1) experimental; urgency=low + + * New upstream release 9.9 + * Too many security related upstream changes to list here, please cf. to + upstream changelog. Closes: #717009 + + -- Reinhard Tartler Mon, 07 Oct 2013 18:07:14 -0400 + +libav (6:9.8-2) unstable; urgency=low + + * Upload to unstable + * Weaken dependencies on libx264, opencv and frei0r for now to allow + compilation. This dependency will be tightened as soon as the + libraries have been updated in unstable. + + -- Reinhard Tartler Tue, 13 Aug 2013 15:10:05 +0200 + +libav (6:9.8-1) experimental; urgency=low + + * New upstream release 9.8, Closes: #716734, #716735 + * Upstream Changes: + - kmvc: Clip pixel position to valid range + - kmvc: Use fixed sized arrays in the context + - indeo: Reject negative array indexes + - indeo: Check for reference when inheriting motion vectors + - indeo: Properly forward the error codes + - mjpeg: Check the unescaped size for overflows + - wmapro: Error out on impossible scale factor offsets + - wmapro: Check the min_samples_per_subframe + - wmapro: Return early on unsupported condition + - wmapro: Check num_vec_coeffs against the actual available buffer + - wmapro: Make sure there is room to store the current packet + - lavc: Move put_bits_left in put_bits.h + - 4xm: Do not overread the source buffer in decode_p_block + - 4xm: Check bitstream_size boundary before using it + + -- Reinhard Tartler Sat, 13 Jul 2013 08:26:24 +0200 + +libav (6:9.7-1) experimental; urgency=low + + * New upstream release 9.7, Most of the following fixes resulted from + test samples that the Google Security Team has kindly made available: + + - 4xm: fix several programming errors to avoid crashes, etc. + - apetag: use int64_t for filesize + - jpegls: Fix invalid writes to memory + - ljpeg: use the correct number of components in YUV + - mjpeg: Validate sampling factors + - mjpegdec: properly report unsupported disabled features + - mjpegdec: validate parameters in mjpeg_decode_scan_progressive_ac + - mpegvideo: allocate sufficiently large scratch buffer for interlaced vid + - pixdesc: mark gray8 as pseudopal + - smacker: fix several programming errors to avoid crashes, etc. + - tiff: do not overread the source buffer + - vmd: drop incomplete chunks and spurious samples + - vmdav: convert to bytestream2 to avoid invalid reads and writes + - wavpack: check packet size early + - wavpack: use bytestream2 in wavpack_decode_block + - wavpack: validate samples size parsed in wavpack_decode_block + + -- Reinhard Tartler Sun, 30 Jun 2013 17:21:27 +0200 + +libav (6:9.6-2) experimental; urgency=low + + * Tighten build dependency on libx264, Closes: #709817 + * Introduce the libavcodec-extra meta-package + * No longer check for --enable-dirac switch + * Bump standards version + * Cleanup some obsolete Package relationship fields + * Drop obsolete DM-Upload field + * libavcodec-extra: add misc:Depends substvar + * Factor out binary-indep builds + * Install tool HTML documentation into libav-tools package + + -- Reinhard Tartler Wed, 29 May 2013 22:07:02 +0200 + +libav (6:9.6-1) experimental; urgency=low + + * New Upstream release 9.6 + - wav: Always seek to an even offset, Bug #500, LP: #1174737 + - various security relevant patches + + -- Reinhard Tartler Mon, 20 May 2013 10:54:36 +0200 + +libav (6:9.5-1) experimental; urgency=low + + * New Upstream version 9.5: + - Most of the following fixes resulted from test samples that + the Google Security Team has kindly made available + + -- Reinhard Tartler Thu, 25 Apr 2013 22:32:11 +0200 + +libav (6:9.4-1) experimental; urgency=low + + * Imported Upstream version 9.4 + - h264: check for luma and chroma bit dept being equal (CVE-2013-2277) + - iff: validate CMAP palette size (CVE-2013-2495) + - Thus, closes: #703200 + * debian/watch: download xz files and tigthen checks + + -- Reinhard Tartler Sun, 24 Mar 2013 07:30:01 +0100 + +libav (6:9.3-1) experimental; urgency=low + + [ Jonas Smedegaard ] + * Stop using CDBS. + + [ Reinhard Tartler ] + * Imported Upstream version 9.2 (never uploaded, though) + * Imported Upstream version 9.3: + - Fixes CVE-2013-0894 + * drop 02-fix-build-on-non-armv5te.patch, merged upstream + + -- Reinhard Tartler Sat, 02 Mar 2013 14:34:27 +0100 + +libav (6:9.1-3) experimental; urgency=low + + * Build-depend on libopus-dev. + * Stop needlessly build-depending on libcv-dev. + * Tighten build-dependencies on frei0r-plugins-dev, libopencv-dev and + libx264-dev, to use experimental packages. + * Have libav-tools and libavfilter3 suggest frei0r-plugins. + * Add upstream patch 02 to fix build on armel without armv5te support. + + -- Jonas Smedegaard Sun, 20 Jan 2013 15:54:42 +0100 + +libav (6:9.1-2) experimental; urgency=low + + [ Jonas Smedegaard ] + * Document all licensing of binary packages in README.Debian (not + partly as comment in copyright file), to avoid confusing source + issued licenses with binary resolved licensing. + + [ Reinhard Tartler ] + * Bump shlibs to 6:9.1-1 + * Fix internal shlibs + + -- Reinhard Tartler Sat, 19 Jan 2013 10:06:15 +0100 + +libav (6:9.1-1) experimental; urgency=low + + [ Jonas Smedegaard ] + * Rewrite copyright file using copyright format 1.0. + Closes: bug#694657. Thanks to Francesco Poli. + * Include CDBS utils.mk, to track future copyright/licensing changes. + Build-depend on cdbs. Update README.source. + + [ Reinhard Tartler ] + * Imported Upstream version 9 + - New releases fixes (among others) CVE-2012-2882 CVE-2012-5359 + CVE-2012-5360 CVE-2012-5361, Closes: #694483 + * drop debian/recordshow.sh + * ignore shlib-with-non-pic-code also for libavcodec-extra-54 + * make libavcodec54/libavcodec-extra-54 properly conflict/replace each other + + -- Reinhard Tartler Mon, 07 Jan 2013 22:42:25 +0100 + +libav (6:9~beta3-1) experimental; urgency=low + + * New upstream version. + + -- Reinhard Tartler Fri, 21 Dec 2012 15:32:13 +0100 + +libav (6:9~beta2-4) experimental; urgency=low + + * Fix compilation on the buildds + + -- Reinhard Tartler Fri, 16 Nov 2012 07:56:59 +0100 + +libav (6:9~beta2-3) experimental; urgency=low + + * Include all post 9beta2 patches + - Fixes linking with libavfilter/libavutil, Closes: #693040 + * libavresample1: Unbreak partial updates by adding Replaces + relationship with libavresample0, Closes: #693327 + * Fix installation of doxygen HTML pages. + * add lintian override for libavcodec-extra-54 + + -- Reinhard Tartler Thu, 15 Nov 2012 21:29:50 +0100 + +libav (6:9~beta2-2) experimental; urgency=low + + * add post 9 beta2 patches + * import bits from ubuntu to minimize the diff + * Remove stale Conflicts/Replaces on libavutil51, fixes instability + issues with libavutil51. + + -- Reinhard Tartler Sun, 11 Nov 2012 17:21:15 +0100 + +libav (6:9~beta2-1) experimental; urgency=low + + * new upstream release: libav 9 beta2 + * Imported Upstream version 9~beta2 + * SONAME bump: libavutil51->libavutil52, (Closes: #691088) + * bump shlibs file + * fix package names to follow correct soname of libavresample1 + + -- Reinhard Tartler Tue, 23 Oct 2012 18:49:26 +0200 + +libav (6:9~beta1-1) experimental; urgency=low + + [ Fabian Greffrath ] + * Imported Upstream version 6:0.8.99-3213-gd16860a + + [ Andres Mejia ] + * Update libav-doc doc base. (Closes: #674139) + + [ Fabian Greffrath ] + * Use the cond_enable() macro for all additional features in + debian/confflags. + * Tidy up and sort configuration flags. + * Add a debian/README.source file that describes how to rebuild libav with a + reduced feature set in order to avoid circular build-dependencies for + bootstrapping. + * Restrict Build-Depends to "yasm [any-amd64 any-i386]" and explicitely + disable it if not found. + + [ Reinhard Tartler ] + * add dependency on libavcodec54 to libav-dbg + * add Pre-Depend on dpkg to libav-tools to ensure smooth updates + * libav-tools.install: make files to install more explicit + + [ Loïc Minier ] + * Install the shared flavor last + * control/Uploaders: update my email address + + [ Reinhard Tartler ] + * Declare a 'Breaks' relationship against mplayer, Closes: #671934 + * Bug fix: "Multi-Arch: foreign libraries", thanks to Stepan Golosunov. + * Remove Multi-arch header from the empty, transitional -extra- packages + + [ Fabian Greffrath ] + * Mention qt-faststart in the long description (Closes: #681491.) + * Install all debug symbols into libav-dbg (Closes: #680602). + * Do not run doxygen if it is not installed. + * Fix up debian/changelog and get dependencies right accordingly. + + [ Reinhard Tartler ] + * Make libav-extra-dbg arch:all + * Fix generation of shlibs file (Closes: #679542) + + [ Fabian Greffrath ] + * Also make libav-regular-dbg 'arch: all' for consistency with the other debug packages. + * Fix generation of shlibs file not only for libavcodec*, but for all the other library packages as well. + * Use xz compression for binary packages, thanks Ansgar Burchardt (Closes: #683895). + + [ Reinhard Tartler ] + * Drop the package libav-regular-dbg + + [ Fabian Greffrath ] + * Clarify relations between libavcodec54 and libavcodec-extra-54 in debian/control. + + [ Reinhard Tartler ] + * New Upstream version: 9 beta1 + * remove compatibility links for ff* tools. + * New release fixes all known CVE entries so far (Closes: #688847) + * libav-dbg: avoid dependency on 'ffmpeg' package + * remove package libav-extra-dbg + * allow co-installation of libav-dbg with libavcodec-extra-54 + * temporarily disable libopus support until #690563 is fixed + + -- Reinhard Tartler Tue, 16 Oct 2012 18:38:46 +0200 + +libav (6:0.8.99-1537-gacb2c79-2) experimental; urgency=low + + [ Rico Tzschichholz ] + * Fix lintian-overrides after soname bump + * Fix some conflicts/replaces + * Bump shlibs version + + [ Reinhard Tartler ] + * Update changelog + + -- Reinhard Tartler Tue, 15 May 2012 09:21:24 +0200 + +libav (6:0.8.99-1537-gacb2c79-1) experimental; urgency=low + + * New upstream snapshot + - Drop patches applied upstream + - Longer build libpostproc, dropped upstream + - follow soname bump of libavcodec and libavformat 53->54 + - New library: libswresample + * no longer build and use dirac, removed upstream in favor of libschroedinger + * remove deprecated ffmpeg package + * bump shlibs version + + -- Reinhard Tartler Sat, 12 May 2012 22:02:03 +0200 + +libav (6:0.8.8-1) unstable; urgency=low + + * Imported Upstream version 0.8.7, new releases fixes a number of + security relevant patches. + * backport patch from upstream to make samplefmt auto-aling buffers + (Closes: #713856) + + -- Reinhard Tartler Fri, 12 Jul 2013 22:00:28 +0200 + +libav (6:0.8.7-1) unstable; urgency=medium + + * Imported Upstream version 0.8.7, new releases fixes: + - wav: Always seek to an even offset, Bug #500, LP: #1174737 + - A number of further security relevant patches. + + -- Reinhard Tartler Mon, 20 May 2013 11:04:00 +0200 + +libav (6:0.8.6-1) unstable; urgency=low + + * Imported Upstream version 0.8.6, new releases fixes: + - h264: check for luma and chroma bit depth being equal (CVE-2013-2277) + - iff: validate CMAP palette size (CVE-2013-2495) + - msrledec: convert to bytestream2 API and add proper bounds checking (CVE-2013-2496) + - vorbisdec: Error on bark_map_size equal to 0 (CVE-2013-0894) + - Thus, closes: #703200 + + -- Reinhard Tartler Sun, 24 Mar 2013 07:35:51 +0100 + +libav (6:0.8.5-1) unstable; urgency=low + + * New upstream security/bugfix release. New releases fixes + (bug numbers reference http://bugzilla.libav.org, Closes: #694483) + - Indeo 4 (CVE-2012-2791) + - VP5/VP6 (CVE-2012-2783) + - Indeo 3 (CVE-2012-2804) + - MPEG-1/2 (CVE-2012-2803) + - MP3 (CVE-2012-2797) + - AAC (CVE-2012-5144) + - AC-3 (CVE-2012-2802) + - AVS (CVE-2012-2801) + - DFA (CVE-2012-2798) + - ID3v2 (Bug 395) + - Serious Memory leaks on broken Ogg files + * drop recordshow script. This clearly undermaintained script has + unclear copyright status and is unlikely to work properly anyway. + + -- Reinhard Tartler Sun, 13 Jan 2013 11:56:59 +0100 + +libav (6:0.8.4-1) unstable; urgency=low + + * New upstream security/bugfix release. New release fixes: + (bug numbers reference http://bugzilla.libav.org, Closes: #688847) + - h264 (Bug 118), vc1dec (CVE-2012-2796), sipr, bmpdec (bug 367), alsdec + (CVE-2012-2775), rv34/rv40 (CVE-2012-2772), indeo3/indeo4 + (CVE-2012-2776, CVE-2012-2779, CVE-2012-2787, CVE-2012-2794, + CVE-2012-2800), vorbisenc, vorbisdec (Bug 277), snow, ac3dec + (CVE-2012-2802), avsdec (CVE-2012-2801), dfa (CVE-2012-2786, + CVE-2012-2798), lagrith (CVE-2012-2793), wmaprodec (CVE-2012-2789 & + Bug 327), avidec (CVE-2012-2788, CVE-2012-2790), cavsdec + (CVE-2012-2777, CVE-2012-2784), wav (Bug 379), yuff4mpeg (Bug 373), + mpegaudio, tiffenc, smacker (Bug 265). + - smaller bug fixes in avconv (Bug 352) + - fix lt() and lte() in function evaluator + - fix segfault in avformat_open_input() + - fix segfault in golomb decoder (bug 310) + - fix segfault (double free) in libavfilter + - convert dfa decoder to bytestream2 API to protect from overreads + - bugfix in vf_pad/scale filter (Bug 203 & 245) + - lavc: remove stats_out and stats_in from the options table. + (Bug 380, Closes: #690726) + * Drop patches applied upstream. + + -- Reinhard Tartler Mon, 22 Oct 2012 20:57:08 +0200 + +libav (6:0.8.3-7) unstable; urgency=low + + [ Fabian Greffrath ] + * Fix generation of shlibs file not only for libavcodec*, but for all the + other library packages as well. Really closes: #679542 + * Use xz compression for binary packages, thanks Ansgar Burchardt + (Closes: #683895). + + [ Reinhard Tartler ] + * use EPOCH macro in SHLIBS_VERSION + * Drop the package 'libav-regular-dbg'. It was not included in squeeze. + + -- Reinhard Tartler Sat, 25 Aug 2012 11:08:48 +0200 + +libav (6:0.8.3-6) unstable; urgency=low + + * Clarify the changes in the 6:0.8.3-5 upload, as discussed in bug + #683247. + * Make ffmpeg-dbg 'arch: all' for consistency with the libav-extra-dbg + package. + * Fix generation of shlibs file. (Closes: #679542) + Wrong make variables where used for the shlibs generation. + + -- Reinhard Tartler Sat, 04 Aug 2012 09:03:54 +0200 + +libav (6:0.8.3-5) unstable; urgency=low + + [ Reinhard Tartler ] + * Bug fix: "Multi-Arch: foreign libraries", thanks to Stepan Golosunov. + Make the transitional libavfoo-extra-NN packages 'arch: all' and + remove the 'Multi-Arch: foreign' fields to avoid that the dependency + can be satisfied by packages of other architectures, which would break + applications. Closes: #680613 + * Make libav-extra-dbg 'arch: all'. As empty, transitional package + without strict dependencies, we can safely ship it as arch:all + package. + + [ Fabian Greffrath ] + * Mention qt-faststart in the long description (Closes: #681491). + * Install all debug symbols into libav-dbg (Closes: #680602). + * Do not run doxygen if it is not installed. This does not change anything + for regular builds, but helps with bootstrapping the package to new + architectures that may not have doxygen available yet. + * Fix up debian/changelog and tighten dependencies. + * Do not declare "ffmpeg" as virtual package (provided by libav-tools). + Instead, we provide it as transitional package for libav-tools. Note + the next upstream version will no longer provide neither an 'ffmpeg' + package, nor a /usr/bin/ffmpeg binary. This means that front-end + applications in Debian that previously used this binary needs to be + ported to /usr/bin/avconv for jessie. + + -- Reinhard Tartler Sun, 15 Jul 2012 23:13:42 +0200 + +libav (6:0.8.3-4) unstable; urgency=low + + * Declare a 'Breaks' relationship against mplayer, Closes: #671934 + + -- Reinhard Tartler Tue, 26 Jun 2012 08:46:42 +0200 + +libav (6:0.8.3-3) unstable; urgency=low + + * Install the shared flavor last; the binaries from the optimized flavor(s) + would overwrite the ones from the shared baseline flavor causing SIGILL; + closes: #657885. + * control/Uploaders: update my email address + + -- Loïc Minier Mon, 25 Jun 2012 21:21:24 +0200 + +libav (6:0.8.3-2) unstable; urgency=low + + [ Fabian Greffrath ] + * Clarify relations between libavcodec53 and libavcodec-extra-53 + in debian/control. + * Use the cond_enable() macro for all additional features in debian/confflags. + * Tidy up and sort configuration flags. + * Add a debian/README.source file that describes how to rebuild libav + with a reduced feature set in order to avoid circular build-dependencies + for bootstrapping. + * Restrict Build-Depends to "yasm [any-amd64 any-i386]" + and explicitly disable it if not found. + + [ Reinhard Tartler ] + * add patch from upstream to fix playback of Canon AVHCD movies. + (Fixes: LP: #937561) + * fix location in ffmpeg.NEWS file + * add dependency on libavcodec53 to libav-dbg + * add Pre-Depend on dpkg to libav-tools to ensure smooth updates + * {ffmpeg,libav-tools}.install: make files to install more explicit + + -- Reinhard Tartler Mon, 25 Jun 2012 19:06:49 +0200 + +libav (6:0.8.3-1) unstable; urgency=medium + + [ Andres Mejia ] + * Update libav-doc doc base. (Closes: #674139) + + [ Reinhard Tartler ] + * New upstream release 0.8.3: + - Several bugs and crashes have been fixed in the following codecs: PNG, + Electronic Arts TQI, H.264 (CVE-2012-0851) and H.263 (CVE-2011-3937) + * Raising severity because of security issues. + + -- Reinhard Tartler Sat, 09 Jun 2012 13:25:31 +0200 + +libav (6:0.8.2-2) unstable; urgency=low + + * Revert "temporarily disable opencv to work around dependency troubles" + * Simplify internal dependencies (Closes: #672791) + + -- Reinhard Tartler Mon, 14 May 2012 21:37:59 +0200 + +libav (6:0.8.2-1) unstable; urgency=medium + + * New upstream release: + - Several bugs and crashes have been fixed in the following codecs: AAC, + APE, H.263, H.264, Indeo 4, Mimic, MJPEG, Motion Pixels Video, RAW, + TTA, VC1, VQA, WMA Voice, vqavideo (CVE-2012-0947). + - Several bugs and crashes have been fixed in the following formats: + ASF, ID3v2, MOV, xWMA + - This release additionally updates the following codecs to the + bytestream2 API, and therefore benefit from additional overflow + checks: truemotion2, utvideo, vqavideo + * drop 02-fix-avpreset-extension.patch, applied upstream + * Revert "Revert "temporarily disable opencv to work around dependency + troubles"" (Closes: #671302) + * Bumped urgency because of security issue. + + -- Reinhard Tartler Sat, 05 May 2012 11:08:44 +0200 + +libav (6:0.8.1-7) unstable; urgency=low + + * Fix build for hurd. Thanks to Samuel Thibault for patch. (Closes: #613034) + (Closes: #671038) + * Properly migrate /etc/ffserver.conf to /etc/avserver.conf. + (Closes: #660786) + * Renable opencv support. + + -- Andres Mejia Tue, 01 May 2012 21:33:13 -0400 + +libav (6:0.8.1-6) unstable; urgency=low + + * Fix epoch in strict internal dependencies. Closes: #670861 + * Temporarily disable opencv to work around dependency trouble + + -- Reinhard Tartler Mon, 30 Apr 2012 08:14:20 +0200 + +libav (6:0.8.1-5) unstable; urgency=low + + [ Andres Mejia ] + * Fix issue with file not being multiarch compatible. (Closes: #669988) + + [ Reinhard Tartler ] + * Bump epoch to fix messed upload to unstable (Closes: #670762) + + -- Reinhard Tartler Sun, 29 Apr 2012 10:30:26 +0200 + +libav (5:0.8.1-4) unstable; urgency=low + + * Use a Provides field to provide transitional packages instead of Conflicts. + (Closes: #666401) + * Have both libavcodec and libavcodec-extra package conflict with each other. + + -- Andres Mejia Fri, 30 Mar 2012 10:15:50 -0400 + +libav (5:0.8.1-3) unstable; urgency=low + + * Separate the ffmpeg program into the transitional package. + * Change ffmpeg warning so that it's clearer the program is + deprecated (LP: #939863) + + -- Andres Mejia Thu, 29 Mar 2012 13:13:01 -0400 + +libav (5:0.8.1-2) experimental; urgency=low + + [ Andres Mejia ] + * Merge libav-extra packages to libav. (Closes: #658084) + * Provide only libavcodec-extra package, the other packages are unnecessary. + * Remove libav-source package. No longer necessary. + * Remove dependencies and suggests of FAAD, no longer needed. + * Set Enhances field and update package description for libavcodec-extra + package. (Closes: #653451) + * Fix issue with installation of debug symbols. (Closes: #642798) + + [ Fabian Greffrath ] + * Mention license impact in libavcodec-extra-53's package description. + + -- Andres Mejia Wed, 21 Mar 2012 15:52:58 -0400 + +libav (4:0.8.1-1) unstable; urgency=medium + + [ Reinhard Tartler ] + * Bump shlibs (Closes: #662793) + * force upgrades of older libavcodec-extra-53 packages + * drop all post-0.8 patches, applied upstream + * bump standards version, no changes needed + * Imported Upstream version 0.8.1 + * Bumped urgency to medium because of included security fixes: + CVE-2012-0848, CVE-2012-0853, CVE-2012-0858, CVE-2011-3929, + CVE-2011-3936, CVE-2011-3937, CVE-2011-3940, CVE-2011-3945, + CVE-2011-3947, CVE-2011-3951, CVE-2011-3952 + + [ Andres Mejia ] + * Enable frei0r support. + * Enable tls support through gnutls. + * Enable libcdio support. + * Enable opencv support. + * Enable pulse support. + * Enable vaapi for all architectures. + + -- Reinhard Tartler Mon, 19 Mar 2012 08:39:18 +0100 + +libav (4:0.8-2) unstable; urgency=low + + [ Reinhard Tartler ] + * confflags: use --enable-pic instead of manually messing with cflags + * Import post 0.8 patches + * Bugfix: expects wrong preset file extension (Closes: #660978) + Thanks to Laurento for spotting this. + + [ Alessio Treglia ] + * Fix maintainer's name. + + [ Fabian Greffrath ] + * Enable hardened build flags through dpkg-buildflags (Closes: #658929). + * Fix format string vulnerability detected by -Wformat-security. + * Filter out system-wide setting of -Bsymbolic-functions to avoid FTBFS. + * Set CPPFLAGS separately. + + -- Reinhard Tartler Mon, 05 Mar 2012 19:47:54 +0100 + +libav (4:0.8-1) unstable; urgency=medium + + [ Fabian Greffrath ] + * Remove the last remainders of explicit quilt usage in + pre-3.0 source formats. + * Urgency bumped to medium because of RC bugs and unfixed security + issues in testing. + * Imported Upstream version 0.8 + - Bug fix: "Segfaults when using vaapi", thanks to Andrey Rahmatullin + (Closes: #656572). That crash is most likely caused by auto-enabling + multi-threading. This behavior got reverted just before this release. + * Drop post-0.8b2 patches + * Bump shlibs for addition of new audio encoding API + * Extend package descriptions to include a note what libav actually is + * debian/watch: fix mangling of '_' characters. + * drop unused lintian override in debian/control + * provide compatibility links for ffserver, ffplay and ffprobe + (Closes: #655683) + + -- Reinhard Tartler Sun, 22 Jan 2012 21:24:22 +0100 + +libav (4:0.8~beta2-3) unstable; urgency=low + + [ Fabian Greffrath ] + * Fix debian/*.install file generation on archs (e.g. armel) that build + more than only one optimized shared library (Closes: #656184). + + [ Reinhard Tartler ] + * add additional post-0.8b2 patches + + -- Reinhard Tartler Tue, 17 Jan 2012 22:31:32 +0100 + +libav (4:0.8~beta2-2) unstable; urgency=low + + [ Fabian Greffrath ] + * Properly set the library paths for multiarch and shared libs in + debian/*.install instead of using brace expansion and asterisks. + + [ Reinhard Tartler ] + * Fix upgrade path from earlier versions of the 'ffmpeg' package + (Closes: #655917) + * Sync post v0.8b2 commits + * extend package description to include a note what libav actuall is + * place transitional packages in oldlibs/extra section to assist package + managers + * drop unused lintian override in debian/control + + -- Reinhard Tartler Sun, 15 Jan 2012 16:19:41 +0100 + +libav (4:0.8~beta2-1) unstable; urgency=low + + * New Upstream version 0.8~beta2: + - Confirm that this release does not inhibit the following security issues: + - DoS in MKV demuxer, + - CVE-2011-3893, Closes: #654572 + - Double free vuln in the Theora decoder, + - CVE-2011-3892, Closes: #654571 + - heap-based buffer overflow in vorbis decoder: + - CVE-2011-3895, Closes: #654573 + - Closes: #654534 + - Bug fix: "libswscale crashes when upscaling pictures using + hyscale_fast2, MMX variant on amd64 with gcc-4.6 and later", + thanks to Harald Dunkel (Closes: #647824). + - Clarify that libavutil/avutil.h doesn't include mathematics.h any more in + APIchanges documentation. Thanks: Jonathan Nieder , + Closes: #654303 + * Disable configuration mismatch warnings (Closes: #619530) + * Rename package libav to libav-tools (Closes: #654984) + * Refresh patches + + -- Reinhard Tartler Wed, 11 Jan 2012 16:45:28 +0100 + +libav (4:0.8~beta1-2) experimental; urgency=low + + * fix build failures by dropping unnecessary configure flags + + -- Reinhard Tartler Sun, 01 Jan 2012 08:48:06 +0100 + +libav (4:0.8~beta1-1) experimental; urgency=low + + * New upstream release. + - too many changes to list, please refer to upstream's Changelog file + for details + + -- Reinhard Tartler Fri, 30 Dec 2011 23:45:34 +0100 + +libav (4:0.7.3-2) unstable; urgency=low + + * forcefully disable v4l on kfreebsd, fixes an FTBFS on kFreeBSD + + -- Reinhard Tartler Mon, 26 Dec 2011 10:50:36 +0100 + +libav (4:0.7.3-1) unstable; urgency=high + + * New upstream version. Includes fixes for: + - VP3 decoder (CVE-2011-4352) + - svq1 decoder (CVE-2011-4579) + - DoS in the VP5/VP6 decoders (CVE-2011-4353) + - QDM2 decoder (CVE-2011-4351) + - Sierra VMD decoder (CVE-2011-4364) + * Bumped urgency. + * Enable drawtext filter (Closes: #647132) + * Imported Upstream version 0.7.3 + * Bump shlibs for backported avcodec_open2() API + + -- Reinhard Tartler Sun, 25 Dec 2011 22:04:54 +0100 + +libav (4:0.7.2-1) unstable; urgency=low + + * New upstream release: 0.7.2 + - Security focused release + - Includes Matroska reallocation checks, Closes: #643859 + * Drop all post 0.7.1 patches, included upstream. + + -- Reinhard Tartler Fri, 30 Sep 2011 21:01:25 +0200 + +libav (4:0.7.1-7) unstable; urgency=medium + + * Add 63 (!) additional post 0.7.1 patches + - all scheduled for next upstream point release + - Fix missing CAVS boundary checks, Closes: #641478, Fixes: CVE-2011-3362 + * Medium urgency for fixing a security issue + * Drop debian/patches/03-fix-movrel.patch, better patch upstream + * prefer libtiff4 over libtiff5 for now + + -- Reinhard Tartler Mon, 26 Sep 2011 22:24:47 +0200 + +libav (4:0.7.1-6) unstable; urgency=low + + * Convert package to include multiarch support. + + -- Andres Mejia Fri, 23 Sep 2011 22:03:39 -0400 + +libav (4:0.7.1-5) unstable; urgency=low + + * sync patches with upstream release branch + * Fix segmentation fault on ppc32, Closes: #639948 + + -- Reinhard Tartler Mon, 05 Sep 2011 07:25:06 +0200 + +libav (4:0.7.1-4) unstable; urgency=low + + * upload to unstable + + -- Reinhard Tartler Thu, 01 Sep 2011 22:45:43 +0200 + +libav (4:0.7.1-3) experimental; urgency=low + + * add post 0.7.1 patches + * make MAP_ANONYMOUS available on Linux and the Hurd, Closes: #637516 + * libpostproc: filter name needs to be double 0 terminated + * relax dependencies in the shlibs file to accomodate + the new versioning scheme in libav-extra. Fixes LP: #818619 + * libswscale-dev: fix alternate on libswscale-extra-2, Fixes LP: #829857 + + -- Reinhard Tartler Thu, 25 Aug 2011 22:45:47 +0200 + +libav (4:0.7.1-2) experimental; urgency=low + + * Build against libx264. Closes: #418228, #440681 + * Build against libmp3lame, Closes: #587904 + * Build against xvidcore to enable xvid encoding + * use yasm on every architecture. Should allow building on the Hurd + + -- Reinhard Tartler Tue, 26 Jul 2011 21:58:18 +0200 + +libav (4:0.7.1-1) experimental; urgency=low + + [ Andres Mejia ] + * Update to my @debian.org email. + + [ Reinhard Tartler ] + * Pass --arch to configure + * no longer generate 'snapshot_version' + * disable jackd output support on the hurd + * Use proper architecture wildcards for Linux-only dependencies, + Closes: #634460 + * Drop "backported patches" + * Imported Upstream version 0.7.1 + * Fix installation of codecs.txt and formats.txt + + -- Reinhard Tartler Thu, 21 Jul 2011 12:18:48 +0200 + +libav (4:0.7-2) experimental; urgency=low + + [ Arnout Engelen ] + * libavformat-dev depends on libavutil-dev + + [ Reinhard Tartler ] + * Add backported patches for 0.7.1 + + -- Reinhard Tartler Sat, 16 Jul 2011 14:38:21 +0200 + +libav (4:0.7-1) experimental; urgency=low + + * New upstream release. + * Fixes several potential security issues, Closes: #628448 + * Much imporved libavfilter, Closes: #594108 + * Fixes some overlapping memcpys my using memmove instead, Closes: #627818 + * Bump libswscale SONAME + * Bump shlibs + * Bump Standards version to 3.9.2 + + -- Reinhard Tartler Tue, 21 Jun 2011 07:49:59 +0200 + +libav (4:0.7~rc1-1) experimental; urgency=low + + * New upstream version + * Bug fix: "Please add ffmpeg-mt for multithreading support", branch has + been finally merged now upstream properly (Closes: #575600). + * remove 02-Fix-kfreeBSD-FTBFS.patch, applied upstream + + -- Reinhard Tartler Tue, 14 Jun 2011 22:03:36 +0200 + +libav (4:0.7~beta2-2) experimental; urgency=low + + * refresh patches + * rename Tweak-doxygen-config patch + * add patch from upstream to fix build failure on kFreeBSD + * ignore quilt .pc status directory + + -- Reinhard Tartler Sun, 15 May 2011 10:49:54 +0200 + +libav (4:0.7~beta2-1) experimental; urgency=low + + [ Jonathan Nieder ] + * only install doc/APIChanges in *-dev and libav-doc packages + * move note on source package lineage to README.Debian + * install NEWS.Debian in libavcodec-dev + * use dpkg source format 3.0 (quilt) + * allow "debian/rules clean" as unprivileged user + + [ Reinhard Tartler ] + * New upstream release + + -- Reinhard Tartler Fri, 13 May 2011 12:31:33 +0200 + +libav (4:0.7~b1-2) experimental; urgency=low + + * don't try to install non-existing documentation, fixes FTBFS on powerpc + * add NEWS.Debian file + * install doc/APIChanges and refer to them in NEWS.Debian (Closes: #623682) + * readd deprecated avcodec_thread_init in libavformat + + -- Reinhard Tartler Sun, 01 May 2011 18:58:40 +0200 + +libav (4:0.7~b1-1) experimental; urgency=low + + * New upstream version + * bump SONAME and SHLIBS + * configure flags --disable-stripping was removed upstream + * the MAINTAINERS file was removed upstream + * remove patch disable-configuration-warning.patch + * drop avfilter confflags, it is enable by default in 0.7 + * libfaad wrapper has been removed upstream + * also update the *contents* of the lintian overrides + + -- Reinhard Tartler Tue, 19 Apr 2011 15:04:55 +0200 + +libav (4:0.6.2-1) unstable; urgency=medium + + [ Reinhard Tartler ] + * Imported Upstream version 0.6.2 + - include security fixes (Closes: #611495) + * rename source package to libav + * Switch to libav packages + * copy in changelog entries from the 0.5 packaging branch (Closes: #616190) + * update version numbering + * make buildlogs verbose + * Introduce 'libav-source', which contains the patched sources of libav + * rename source package to libav + + [ Fabian Greffrath ] + * Fix cp of doxy documentation fails with "Argument list too long" (Closes: #618679) + + -- Reinhard Tartler Sat, 19 Mar 2011 08:13:46 +0100 + +ffmpeg (4:0.6.1-5) unstable; urgency=low + + * don't enable vaapi support on the hurd, Closes: #613034 + * minor updates to libswscale0's package description + * Force upgrade of mplayer pre-rc4 for upgrades of libswscale, + Closes: #612292 + + -- Reinhard Tartler Sun, 13 Feb 2011 09:25:42 +0100 + +ffmpeg (4:0.6.1-4) unstable; urgency=low + + * no change rebuild to fix broken last upload. + + -- Reinhard Tartler Sun, 06 Feb 2011 09:20:39 +0100 + +ffmpeg (4:0.6.1-3) unstable; urgency=low + + * add libxfixes-dev to build depends + * minor packaging cleanups + * revised package description + * detect libopenjpeg and dirac at build-time + * remove note about packages being "Debian-specific" + * simplify lintian-overrides + * Sanitize LDFLAGS variable; it seems that dpkg-buildflags injects + -Wl,-Bsymbolic-functions to LDFLAGS, which breaks the build on amd64 + + -- Reinhard Tartler Sun, 30 Jan 2011 09:22:11 +0100 + +ffmpeg (4:0.6.1-2) experimental; urgency=low + + [ Jonas Smedegaard ] + * Relax mplayer Breaks to permit backports and other early releases. + + [ Reinhard Tartler ] + * Bump Standards-Version, no changes needed. + + [ Matthias Klose ] + * Configure with --enable-pic on powerpc. LP: #654666. + + -- Reinhard Tartler Fri, 19 Nov 2010 10:50:51 +0100 + +ffmpeg (4:0.6.1-1) experimental; urgency=low + + * Imported Upstream version 0.6.1 + * prepare new upload + * remove patches merged upstream + * add gitignore file + + -- Reinhard Tartler Mon, 01 Nov 2010 09:18:08 +0100 + +ffmpeg (4:0.6-2) experimental; urgency=low + + [ Fabian Greffrath ] + * Enable RTMP[E] support via librtmp. + * Disable aac encoder, see README.Debian. + * Fix obsolete-relation-form for the internal dependencies. + * Merge debian/README.Source into debian/README.source and add section + headers. + * Remove obsoleted support for the non-free libamr-nb/wb. + + [ Reinhard Tartler ] + * enable runtime-cpudetect + * conditionally build against opencore-amr if installed in the build + environment + * update upstream url in debian/copyright + * fix usage documentation in debian/get-orig-source.sh + * update dep3 headers for debian/patches/900_doxyfile + * add proper replaces for moving presets back to ffmpeg + * make debian/patches gbp-pq friendly + * Add VP80 fourcc to libavformat/riff.c + * Backport-AAC-HE-v2 + * bump Standards-Version, no changes needed + + -- Reinhard Tartler Tue, 29 Jun 2010 09:07:56 +0200 + +ffmpeg (4:0.6-1) experimental; urgency=low + + * new upstream release + - adds VP8 support via libvpx, Closes: #582274 + * depend on libavfilter-extra-1 instead of -0, Closes: #583728 + * add conflicts to the ffprobe package, it has been merged upstream now + + -- Reinhard Tartler Wed, 16 Jun 2010 09:25:28 +0200 + +ffmpeg (4:0.6~svn20100505-1) experimental; urgency=low + + * update to new upstream. Closes: #569727 + - fixes various segfaults and other minor feature improvements + Closes: #374931, #522449, #501891, #559712, #420231, #369127, #538082, + #298095, #294422, #561553, #525385, #495274, #420230 + LP: #305286, #457106, #529200, #301723, #305315, #336479, #420230, + #412063, #428912, #432181, #440591, #453732, #453732, #453732, + #514259, #515243, #521472, #530186, #530186, #197842, #483317, + #483317, #539407, #280098, #331255, #566107, #569823, #570305, + #573190 + * Fixup lintian overrides for new upstream snapshot + * Bump Standards-Version to 3.8.4 + * Many upstream changes, see upstream Changelog for details + + -- Reinhard Tartler Sun, 24 Jan 2010 21:24:56 +0100 + +ffmpeg (4:0.5.2-6) unstable; urgency=high + + * Fix several security issues in flicvideo.c. + Fixes: CVE-2010-3429, Closes: #598590 + * Raising severity to high because of security issue. + + -- Reinhard Tartler Sun, 03 Oct 2010 16:59:39 +0200 + +ffmpeg (4:0.5.2-5) unstable; urgency=low + + [ Dominic Evans ] + * add libxfixes-dev to build-depends to unbreak x11grab input, + Closes: #596342, LP: #631103 + + [ Reinhard Tartler ] + * fix x11grab example in e.g. the manpage so that they actually work + + -- Reinhard Tartler Mon, 13 Sep 2010 15:29:49 +0200 + +ffmpeg (4:0.5.2-4) unstable; urgency=low + + [ Loïc Minier ] + * Fix typo: use -march=armv7-a instead of -marmv7-a + + -- Reinhard Tartler Tue, 31 Aug 2010 15:31:05 +0200 + +ffmpeg (4:0.5.2-3) unstable; urgency=low + + [ Reinhard Tartler ] + * Move breaks declaration from libavformat to libavcodec to help the + apt solver, Closes: #591881 + + [ Loïc Minier ] + debian/confflags: detect whether the toolchain supports ARMv7 ("dmb") + by default as the NEON pass needs at least ARMv6t2; if it's not enabled by + default, pass -marmv7-a in extra-cflags for the NEON pass since NEON + implies ARMv7; closes: #594417. + + -- Reinhard Tartler Fri, 27 Aug 2010 01:24:10 +0200 + +ffmpeg (4:0.5.2-2) unstable; urgency=low + + * Enable some encoders: + - h263, h263p, mpeg2video, mpeg4, msmpeg4v1, msmpeg4v2, msmpeg4v3 + Closes: #418231, #433287, #440216, #587898, #525349 + * Bump Standards Version, no changes needed + + -- Reinhard Tartler Thu, 05 Aug 2010 11:59:26 -0400 + +ffmpeg (4:0.5.2-1) unstable; urgency=low + + [ Andres Mejia ] + * Fix dependency problem for ffmpeg so it can use extra ffmpeg libs. + + [ Reinhard Tartler ] + * move presets back to 'ffmpeg' package. Closes: #581748 + + [ Fabian Greffrath ] + * Imported Upstream version 0.5.2 + * Remove ffmpeg-debian_hurd.patch, applied upstream. + * Remove fix-ftbfs-altivec.patch, applied upstream. + + -- Reinhard Tartler Tue, 25 May 2010 23:01:08 +0200 + +ffmpeg (4:0.5.1-3) unstable; urgency=low + + * fix ftbfs on powerpc + + -- Reinhard Tartler Fri, 12 Mar 2010 21:43:55 +0100 + +ffmpeg (4:0.5.1-2) unstable; urgency=low + + * reintroduce gnu/hurd patch + * Fix compilation on powerpc with --disable-altivec + + -- Reinhard Tartler Wed, 10 Mar 2010 21:19:40 +0100 + +ffmpeg (4:0.5.1-1) unstable; urgency=low + + * new upstream release: + - clarifies documentation on metadata, Closes: #570050, LP: #501729 + - further security backports, Closes: #570713 + * adapt to new versioning scheme + * use '<<' instead of '<' relationship for internal shlib file + * merge changes from ubuntu packaging + * drop wmapro backport again as discussed with upstream. The unrelated + changes seem too risky for a stable release. + + -- Reinhard Tartler Wed, 03 Mar 2010 22:28:24 +0100 + +ffmpeg (4:0.5+svn20090706-6) unstable; urgency=low + + [ Fabian Greffrath ] + * debian/patches/901-fix-misc-typos.patch: New patch taken from + upstream GIT (slightly modified) to fix some spelling errors. + * Document our calling of debhelper programs in an odd order in + debian/rules. + + [ Reinhard Tartler ] + * document some unattributed patches + * enable cpu autodetection in libswscale, Closes: #567725, LP: #386397 + + [ Christopher Martin ] + * backport wmapro codec from ffmpeg trunk + + -- Reinhard Tartler Sun, 31 Jan 2010 16:53:47 +0100 + +ffmpeg (4:0.5+svn20090706-5) unstable; urgency=medium + + * Upload to unstable + * Urgency medium because of fixed RC bugs (security issues) + + -- Reinhard Tartler Fri, 22 Jan 2010 16:04:39 +0000 + +ffmpeg (4:0.5+svn20090706-4) experimental; urgency=low + + [ Loïc Minier ] + * Use default toolchain setup on ARM flavors for noopt and only add FPU + CFLAGS in the VFP and NEON flavors; this is ok since internally, cpu will + be set to "generic" but -march=generic or -mcpu=generic will NOT be added + to the build flags. + * Build all armel flavours with -marm since ffmpeg has a lot of hand crafted + assembly which doesn't build in the new lucid default mode (Thumb 2); + LP: #488267 + * Build all armel flavours with -fPIC -DPIC instead of just the neon flavour + as the new flags/toolchain require this in Ubuntu lucid. + * Build some assembly test code -- just like configure -- to decide whether + the *default* toolchain uses vfp or neon to decided whether to build the + vfp and neon flavors. + * Drop --disable/--enable opt flags such as --disable-neon or + --enable-armvfp on ARM since the upstream configure script will do the + right thing when the proper flags are set. + + [ Reinhard Tartler ] + * build with PIC on powerpc (Closes: #561956) + + -- Reinhard Tartler Fri, 15 Jan 2010 21:46:49 +0100 + +ffmpeg (4:0.5+svn20090706-3) experimental; urgency=low + + [ Loïc Minier ] + * Disable more autodetecter ARM arch features + * Enable neon flavour + * Update NEON confflags to assume v7 and VFP + * Add backported NEON patches from ffmpeg trunk + * Pass proper --cpu and --extra-flags on armel + * Pass -fPIC -DPIC to neon pass + + [ Fabian Greffrath ] + * Initialize the FLAVORS variable to static instead of appending to + it. Also, we do not support the internalencoders variable anymore. + + [ Andres Mejia ] + * Remove unused patches from packaging. + * Update Vcs-* entries to new location. + * Bump Standards-Version to 3.8.3. + + [ Reinhard Tartler ] + * change shlibs file to make applications depend on the -extra- packages + * loosen dependencies further, so that the -dev packages remain + installable even if ffmpeg-extra is 'out-of-date' + * add patch for issue1245: Make arguments of av_set_pts_info() unsigned. + * Support constant-quant encoding for libtheora, LP: #356322 + * increase swscale compile time width (VOF/VOFW), LP: #443264 + * Backports of various security patches, Closes: #550442, including: + - backport fixes for vorbis_dec + - backport oggparsevorbis fix + - backport vp3 fixes + - backport ffv1 fix + - libavcodec/mpegaudiodec.c backports + - h264 security backports + - backported libavformat/mov.c security fixes + - backported libavformat/oggdec.c security fixes + - backport svn r18016 aka 'MOV-Support-stz2-Compact-Sample-Size-Box' + to fix FTBFS + * enable symbol versioning + * bump shlibs version + * add README.source describing how this source package manages patches + * make sure the ${misc:Depends} substvar is used for each binary package + + -- Reinhard Tartler Wed, 06 Jan 2010 16:27:40 +0100 + +ffmpeg (4:0.5+svn20090706-2) unstable; urgency=low + + [ Fabian Greffrath ] + * Enable support for libdirac, now that it has entered Debian. + + [ Andres Mejia ] + * Fix ordering of FLAVORS that are installed. (Closes: #543595) + + [ Reinhard Tartler ] + * prepare new upload + * simply debian/confflags by removing the case of renaming the source + package + + -- Reinhard Tartler Wed, 26 Aug 2009 09:12:49 +0200 + +ffmpeg (4:0.5+svn20090706-1) unstable; urgency=low + + * preparing new upstream version, 0.5 release branch, rev 19352 + - this version is capable of compiling swscale in LGPL mode + * rename source package back + - The replacement package with the 'missing bits' will be called + 'ffmpeg-extra' + - simplify README.upstream-upgrade + - rename the source package from 'ffmpeg-debian' -> 'ffmpeg' + * fix aac playback regression, thanks to Matthew Wakeling for reporting + (Closes: #540729) + * fix seeking in DIF (DV) movies + Thanks to Dan Dennedy for identifying the patch! (Closes: #540424) + * debian/rules: + - merge cond_enable_nf macro from master.extra branch + - don't disable ffserver in various optimized variants + - don't disable building of statically linked helper binaries + - simply by removing the case of renaming the source package + - change the shlibs file: s/-unstripped-/-extra-/ + + -- Reinhard Tartler Thu, 13 Aug 2009 12:48:27 +0200 + +ffmpeg-debian (4:0.5+svn20090609-2) unstable; urgency=low + + [ Fabian Greffrath ] + * Remove .install files for unstripped packages that we do not build + from this branch anyway. + * Remove debian/fixup-config.sh which was only a hack needed to repair + the crippled config.h + * Finally remove strip.sh. + + [ Andres Mejia ] + * Add vdpau support by including vdpau headers in deb packaging. + (Closes: #511544) + * Don't disable encoders if internalencoders is set in + DEB_BUILD_OPTIONS. + * Enable yasm for i386 and amd64. + + [ Reinhard Tartler ] + * clarifications suggested by upstream in README.Source + * refresh patches + + [ Fabian Greffrath ] + * Document the copyright notice and license for the VDPAU headers in + debian/copyright. + * Remove parallel make support from debian/confflags, it's overridden + in debian/rules anyway. + * Quote opts in debian/watch. + * Bump debhelper compat to 7. + * Clean up clean target in debian/rules in favour of debian/clean. + * Replace "dh_clean -k" by dh_prep. + + [ Reinhard Tartler ] + * remove duplicated libxvmc-dev build dependency + * sort build dependencies alphabetically + * remove section numbering from README.Debian + * add note about the lintian override + + -- Reinhard Tartler Thu, 13 Aug 2009 12:46:46 +0200 + +ffmpeg-debian (4:0.5+svn20090609-1) unstable; urgency=low + + [ Andres Mejia ] + * Add myself to Uploaders list. + * Reorder when dh_strip is done so qt-faststart is also + stripped. + * Update to control files. + * Add new confflags for new build dependencies. + * Use .docs files to add ffmpeg and ffmpeg-doc documentation. + * Use .docs files for installing documentation. + * Add comment to 900_doxyfile patch. + * Add man page for qt-faststart. + * Bump version in changelog to prepare new release + * Fix FTBFS for ffmpeg source package with -dev packages (Closes: #527761) + * Use dh_lintian to install lintian overrides + * Update comment on fpic-* patches + * Build-Depend on debhelper (>= 6.0.7~) for dh_lintian. + * Add lintian overrides for remaining fpic lintian errors. + * Shorten comment on lintian-overrides. + * Allow passing in extra confflags, removes the need for fix-fpic + DEB_BUILD_OPTIONS. + * Fix FTBFS on kfreebsd. (Closes: #528591) + * Include patches to allow us to use opencore-amr libraries. + + [ Reinhard Tartler ] + * remove debian/control.* mechanism + * improve patch description for debian/patches/100_kfreebsd + + [ Andres Mejia ] + * Add lintian overrides for ffmpeg-debian source warnings. + * Only use .svnrevision if it's readable. + * Update source lintian-overrides for modifications to debian/rules. + * Add fix for FTBFS for GNU Hurd OS. Thanks Marc Dequènes. + (Closes: #530436) + + [ Felipe Sateler ] + * Don't add -unstripped to the unstripped variant version number + in debian/README.upstream-upgrade. + * In the same file, pass explicit version to git-import-orig + + [ Fabian Greffrath ] + * Cleaned up debian/watch file. + * Add notes why we no longer strip the orig.tar.gz. + + [ Andres Mejia ] + * Fix watch file to ignore daily snapshots. + * Make get-orig-source.sh executable. + + [ Reinhard Tartler ] + * add patch for qtrle encoding (Closes: #530016) + * Enable xvmc support by adding libxvmc-dev to build dependencies + * really add libopenjpeg-dev to build depends, actually enabling + the openjpeg decoder. + * reorganise README.Debian for the new plan [tm] + * no longer strip the source on upstream upgrades + * Imported Upstream version 0.5+svn20090609 + * adjust notes in README.upstream-upgrade for the now unstripped + debian source package + * remove hack to build with stripped sources + * bump standards version, no changes needed + + -- Reinhard Tartler Sun, 05 Jul 2009 22:52:43 +0200 + +ffmpeg-debian (4:0.5+svn20090420-2) unstable; urgency=low + + * debian/control: fix dependencies for libavutil-dev and libavfilter-dev + so that they can be used with the unstripped variants properly. + * debian/rules: set nooptflags only for relevant architectures. + * explicitly disable 'dangerous' encoders on the --configure line. + * fix SHLIBS_VERSION in debian/rules (Closes: #527350). + + -- Reinhard Tartler Mon, 04 May 2009 07:41:19 +0200 + +ffmpeg-debian (4:0.5+svn20090420-1) unstable; urgency=low + + [ Fabian Greffrath ] + * Merge the contents of patents.txt into README.Debian and change some + paragraphs to (hopefully) add some more clarity on the removed encoders + and the package naming scheme. Based on suggestions by Xavier Douville + , thank you very much for the review. (Closes: #519025) + * Reorder some confflags to account for GPL licensed libraries. + * Remove patents.txt + * Explicitely mention that no decoders are disabled in our packages. + + [ Loïc Minier ] + * Disable more autodetecter ARM arch features + * Add neon and vfp flavors to armel disabled for now + * vfp CFLAGS: add "-mfpu=vfp -mfloat-abi=softfp" + + [ Reinhard Tartler ] + * New Upstream Version (svn revision 18630) + * bump epoch as 0.5 was released. Future version will use '+' to indicate + that the package is based on a release branch and '~' to indicate that + the package is based on the 'trunk' branch. + * update from the upstream release branch to generate a new upstream + tarball. + * add a git-buildpackage config file at debian/gbp.conf + * beautify identification string + * debian/rules: bump epoch to '4' + * update section names in control file + * update upstream svn server url + * fixup get-orig-source rules in debian/rules + * create right filenames for the orig.tar.gz files + * update README.upstream-upgrate for new versioning scheme + * remove debian/005_release_branch_changes.diff + * remove reference to 020_visibility_patch + * install the upstream license file and release notes + * allow -dev packages be installed with the unstripped variants + Closes: #526007, LP: #312898 + * be more careful with svn:externals in debian/get-orig-source.sh. + (Closes: #525348) + + -- Reinhard Tartler Sat, 02 May 2009 09:09:54 +0200 + +ffmpeg-debian (3:0.svn20090303-1) unstable; urgency=low + + * New Upstream Version (svn revision 17737 libswscale revision 28799) + - Electronic Arts TQI decoder + - OpenJPEG based JPEG 2000 decoder + - NC (NC4600) camera file demuxer + - Gopher client support + - MXF D-10 muxer + - generic metadata API + * debian/get-orig-source.sh: Track the version 0.5 release branch. The + version number does not really reflect this, but this package is + actually very close to the 0.5 release branch. + * various cleanups to improve get-orig-source.sh + * Remove liba52 from the suggests field in debian/control.ffmpeg, as + ffmpeg does no longer use it since upload 0.svn20080206-10. + * Fix the Vcs-Git urls to the correct locations. + * The libavformat52 now links against libavcodec52, which breaks + applications that *ALSO* link against libavcodec51. Adding a + Breaks: libavcodec51 should prevent this and (hopefully) Closes: #516885. + * improve parallel builds on SMP/multicores by supporting the parallel + flag in DEB_BUILD_OPTIONS, and default to the number of available CPUs + on i386 and amd64. + * Drop unapplied patches from debian/patches. + * bump shlibs version. + + -- Reinhard Tartler Tue, 03 Mar 2009 21:01:25 +0100 + +ffmpeg-debian (3:0.svn20090204-3) unstable; urgency=low + + [ Fabian Greffrath ] + * remove libasound2-dev from build-depends on non-Linux archs + + [ Reinhard Tartler ] + * fix postinst generation by calling dh_installdeb after dh_makeshlibs + * upload to unstable + + -- Reinhard Tartler Sun, 22 Feb 2009 09:32:49 +0100 + +ffmpeg-debian (3:0.svn20090204-2) experimental; urgency=low + + * add libxvmc-dev to build-depends in the 'ffmpeg' variant + * add libasound2-dev to build-depends. This means that ffplay is now able to + actually play using alsa directly instead only via libsdl + * add epochs for the "internal" shlibs dependencies + + -- Reinhard Tartler Thu, 05 Feb 2009 20:30:05 +0100 + +ffmpeg-debian (3:0.svn20090204-1) experimental; urgency=low + + [ Reinhard Tartler ] + * New Upstream Version (svn revision 16978 libswscale revision 28461) + + Upstream Changes: + - R3D REDCODE demuxer + - ALSA support for playback and record + + * strighten internal dependencies by using a shlibs.local file + Closes: #512844, #512466 + * New upstream version reintroduces a compatibility symbol ff_gcd + Closes: #512946 + * Bump shlibs because of changes of the Metadata API in libavformat. + Actually no other package should use them yet, but let's better play safe + here... + * no longer install dsputil.h. It exposes lots of function that are private + to ffmpeg and may change on any new upstream revision. Please get in touch + with the ffmpeg maintainers if you maintain packages that rely on that + ffmpeg internal headers like this. + * simplify debian/confflags by doing autodetection of headers: + - xvid.h + - lame/lame.h + - faac.h + - x264.h + - vdpau/vdpau.h + Also remove the setting externalcodecs from DEB_BUILD_OPTIONS. The codecs + will be enabled as soon as the headers are installed on the filesystem, + so there is no need in enabling that separately. + * install ffpresets in /usr/share/ffmpeg/. Currently only presets for + x264 are avaiable, so a libx264 enabled libavcodec (like + libavcodec-unstripped-52) is needed to actually use them. + + [ Fabian Greffrath ] + * Enabled Speex decoding via libspeex. + * Use an alternative approach to achieve strict internal dependencies + by calling dh_makeshlibs twice in debian/rules instead of a + debian/shlibs.local file. + + -- Reinhard Tartler Sun, 01 Feb 2009 19:54:27 +0100 + +ffmpeg-debian (3:0.svn20090119-1) experimental; urgency=low + + * New Upstream Version (svn revision 16681 libswscale revision 28341) + * update Vcs-Git tags. Packaging has now moved to git + * updates to packaging that faciliate building the unstripped and ubuntu + variants of this package + * enable xvmc support + + Upstream Changes: + - SVQ3 watermark decoding support + - hybrid WavPack support + + -- Reinhard Tartler Tue, 20 Jan 2009 00:55:26 +0100 + +ffmpeg-debian (3:0.svn20090110-1) experimental; urgency=low + + * new upstream svn snapshot (svn revision 16508, libswscale revision 28286) + + Upstream Changes: + - RV30 and RV40 decoder + - QCELP / PureVoice decoder + + * removed patch 050_fix_pkgconfig_files.patch. Merged upstream + * disabled patch 020_visibility_patch. It needs to be adapted to the new + upstream changes. Hopefully it will get merged into ffmpeg properly. + * install formats.txt in the libavcodec52 package to document what + formats this version of ffmpeg has enabled. + + -- Reinhard Tartler Sun, 11 Jan 2009 20:55:48 +0100 + +ffmpeg-debian (3:0.svn20081115-1) experimental; urgency=low + + * new upstream svn snapshot (svn revision 15824, libswscale revision 27910) + * bump standards version to version 3.8.0, no changes needed + * Adjust pkg-files to no longer put unnecessary dependencies in the generated + .pc files. Closes: #504220 + + -- Reinhard Tartler Mon, 10 Nov 2008 21:37:16 +0100 + +ffmpeg-debian (3:0.svn20081108-1) experimental; urgency=low + + * upstream svn snapshot (svn revision 15786, libswscale revision 27900). + * apply visibility patch from ffmpeg-devel mailing list. This reduces the + number of symbols that are exposed to other applications. Please file + bugs if applications fail to link against ffmpeg because of that. + * remove 001_fixup_version.diff patch and use upstream --extra-version + configure flag instead. + * now really remove 015_img_convert.patch from source package. + + -- Reinhard Tartler Sat, 08 Nov 2008 16:38:23 +0100 + +ffmpeg-debian (3:0.svn20080925-1) experimental; urgency=low + + [ Loic Minier ] + * Tweak sed versions regexps to deal with epochs and upstream revisions with + dashes and be generally stricter. + * Large cleanup to rules logic: drop some cruft, rewrite some small chunks + in a slightly more readable manner, whitespaces, .PHONY fixes, + internalencoders handling, shlibs logic... + * Rename SRC_VERSION to UPSTREAM_VERSION in rules. + * Use DEB_SOURCE from the Source: field of dpkg-parsechangelog's output + instead of hardcoding the name of the source. + + [ Reinhard Tartler ] + * new svn snapshot (svn revision 15404, libswscale revision 27636). + * SONAME change: libavcodec51 -> libavcodec52 + * drop old scaler (imgres/imgconvert). Upstream is about to remove it + completely. + - reporter claims that a newer snapshot fixes a crash in the dca decoder. + Thanks to "Alexander E. Patrakov" (Closes: #496612) + * reenable h261 encoder (Closes: #459073) + + [ Fabian Greffrath ] + * debian/{ffmpeg,lib*-dev}.install: + + Simplified, e.g. install the whole /usr/include/ sub-directory for each + particular library instead of single header files one by one. + * debian/control, debian/confflags: + + Enabled Dirac support via libschroedinger. (Closes: #499785) + * debian/changelog: + + Added an epoch needed for Ubuntu. + * debian/control: + + Removed Conflicts and Replaces against packages that either aren't even + in Debian 4.0 "Etch" anymore or that use the deprecated naming scheme + from . + + Since ffmpeg-config has been removed from our packages, all inter-package + Conflicts and Replaces may be removed, too. + + Removed Build-Conflicts against libdc1394-13-dev, because + libdc1394-22-dev already does this for us. + + Updated inter-package dependencies and demoted Depends on external + library packages to Suggests, since we shouldn't encourage package + maintainers to link statically against libav*. + * debian/confflags, debian/control, debian/rules, debian/libavfilter*: + + Built libavfilter and disabled vhook in turn (Closes: #499787). + + [ Loic Minier ] + * Remove debug echo which broke shlibs, sorry. + * Fix Vcs-* control fields; thanks Gerfried Fuchs. + * Mention upstream SVN in debian/copyright; thanks Gerfried Fuchs; + closes: #499914. + + -- Reinhard Tartler Sat, 06 Sep 2008 20:07:01 +0200 + +ffmpeg-debian (0.svn20080206-12) unstable; urgency=low + + * enable vhook in all flavors. (Closes: #490272, LP: #260296) + * make ffmpeg output a proper version number. (Closes: #496133, #483923) + + -- Reinhard Tartler Sat, 23 Aug 2008 10:49:10 +0200 + +ffmpeg-debian (0.svn20080206-11) unstable; urgency=low + + [ Reinhard Tartler ] + * new patch: patches/010_fix_ftbfs_hppa.diff: On hppa shared objects + do required object files to be build "-fPIC -DPIC". Patch taken + from upstream svn. + * bugfix: libraries linked with libX11 on GNU/kFreeBSD. Thanks to + Aurelien Jarno for the patch. (Closes: #487252) + + [ Fabian Greffrath ] + * debian/confflags, debian/control: + + Build-Depend on libdc1394-22-dev explicitely and add + Build-Conflicts on libdc1394-13-dev (Closes: #490319). + + -- Reinhard Tartler Wed, 16 Jul 2008 10:41:49 +0200 + +ffmpeg-debian (0.svn20080206-10) unstable; urgency=high + + * enable mmx and sse3 in builds. These CPU features are autodetected + at runtime on amd64 and i386 using the 'cpuid' instrcution. + (Closes: #489732) + * disable support for liba52-dev. ffmpeg has its own implementation. + * don't add -fPIC -DPIC forcefully to ./configure. upstream claim that + the configure script gets this right on all architectures itself. + * Add patch 020_bug489965_bufferoverflow_str_demuxer.diff. Fixes a + buffer overflow in the STR demuxer. Thanks to Moritz Muehlenhoff for + reporting the issue. (Closes: #489965) + * Raising severity to high because of security issue. + * rework the shlibs file. Make applications linking against libraries + produced by this source package generate an alternate dependency on + the 'unstripped' variants of this package. They actually do not exist + yet at this point, but this way reverse dependencies are enabled to + use them when they eventually appear. + + -- Reinhard Tartler Wed, 09 Jul 2008 14:04:06 +0200 + +ffmpeg-debian (0.svn20080206-9) unstable; urgency=low + + [ Reinhard Tartler ] + * cleanup 010_proper_rpath.diff: remove spurious linker search paths. + * debian/strip.sh: no need to remove the glue code for x264 and xvid. + However, since that code is not built in debian anyway, the orig.tar.gz + was not rebuilt with this change. + * provide mmx-enabled shared objects on amd64. AFAIK all amd64 machines + do support MMX. + * Provide optimized versions of the libraries along the unoptimized + ones. They are installed in machines and architecture specific + directories. Optimized for further target will be added per request, + please file bugs to request them. + * rename the source package (again), this time on upstream's request. + The former name was considered insulting by upstream, because it + somewhat indicated the original source was somehow 'non-free', which is + not the case. The new name now represents that we modified the package + so that it becomes acceptable for debian. + * Cleanups in debian/rules file. + * Add verbose explanations about the renaming in README.Debian. + + [ Fabian Greffrath ] + * debian/control: + + Added Conflicts and Replaces against obsolete library packages from + wearing the 'cvs' suffix in their names + (Closes: #484585, #484586, #484587, #484776, #484778). + + Added doxygen to Build-Depends. + + Introduced new package 'ffmpeg-doc' that contains html doxygen + documentation of the ffmpeg API (Closes: #438369). + + Changed Build-Depends from libdc1394-13-dev to libdc1394-22-dev, + which is supported upstream since r11501. + * debian/ffmpeg-doc.install: + + Added. + * debian/rules: + + Build and install html doxygen documentation. + + Avoid dependency of build-stamp rule on phony targets. + * debian/libavutil-dev.install, debian/rules, + debian/patches/010_ffmpeg-config.diff: + + Removed ffmpeg-config, use pkg-config instead (maintainers of affected + packages have been informed, see #487917 to #487922). + + [ Darren Salt ] + * Added patch 900_doxyfile: tell doxyfile to ignore debian* directories. + * debian/rules: + - Reworked building so that separate source & build directories are + used. This makes cleanup simpler and speeds up maintenance by avoiding + complete rebuilds when using "debuild binary". + - Removed some file installation 'cp' commands, made unnecessary due to + the build reworking. + - Unpatching is now done *after* cleaning. + + -- Reinhard Tartler Mon, 30 Jun 2008 15:27:50 +0200 + +ffmpeg-free (0.svn20080206-8) unstable; urgency=low + + [ Fabian Greffrath ] + + * debian/control: + + Added Conflicts and Replaces on libavutil-dev (<< 0.svn20080206-7) + to libavcodec-dev (Closes: #483548). + + [ Reinhard Tartler ] + + * remove patches from the debian package as disussed with upstream: + - 005_runtime_cpudetect.diff: it is supposed to fix runtime cpu detection + on i386. The code (and the define) has undergone large refactoring wrt. + the define RUNTIME_CPUDETECT. It is very likely to have undisired + side-effects with this version of ffmpeg. It therefore seem more safe + to me to actually remove this patch for now, and reinvestigate the + problems that occur, if they do. (Related to: #482717) + - 005_m68k_workaround.diff: works around bugs in gcc for m68k. + - 006_mips_pthreads.diff: was an workaround for (now fixed) #428741. + - 020_fix_sws_scale_crash: patch has been rejected upstream: + http://lists.mplayerhq.hu/pipermail/ffmpeg-devel/2008-May/047846.html + - 054_h264_mmx_chroma_mc_crash.diff. According to upstream, this has + been fixed in a different way and is not reproducible. Verified that + the file referenced in bug #404176 does not crash anymore even + without this patch. + * new patch: 015_reenable-img_convert.diff. Unlike previous version of this + patch, this uses a more lightweight approach. With building imgresample, a + few symbol clashes occur with libswscale. We therefore strip off symbols + that are already provided by libswscale. (Closes: #483960). + * remove 011_link_plugins.diff. It is completely unnecessary now. + * refactor quilt usage: use /usr/share/quilt/quilt.make. + * support building in paralell. make snippet taken from the qemu package. + * cleanups in debian/rules. + * Move ffmpeg-config back to libavutil. This way we can avoid a circular + dependency between libavutil-dev and libavcodec-dev. (Closes: #484132). + libavcodec uses libavutil internally, so this dependency cannot be avoided. + * disable altivec, at least for now. (Closes: #482717) + * always compile with --disable-strip. We strip the binaries afterwards using + dh_strip anyways. + * Remove depdency substitutions ${shlibs:Depends} and ${misc:Depends} from the + -dev packages. + + -- Reinhard Tartler Wed, 04 Jun 2008 00:04:08 +0200 + +ffmpeg-free (0.svn20080206-7) unstable; urgency=low + + * debian/control: + + Removed unnecessary Conflicts and Replaces from libswscale0 + (Closes: #481908), thanks Guillem Jover. + + Made libavutil-dev depend on libavcodec-dev. + * debian/libavcodec.install, debian/libavutil.install: + + Moved ffmpeg-config (script and manpage) from libavutil-dev to + libavcodec-dev (really Closes: #482213, #482214). + + -- Fabian Greffrath Tue, 28 May 2008 16:02:03 +0200 + +ffmpeg-free (0.svn20080206-6) unstable; urgency=low + + * Bug fix: "libavg: FTBFS: ld: cannot find -ldts", thanks to Lucas + Nussbaum (Closes: #482213, 482214). Fixed by removing -ldts from + ffmpeg-config. + + -- Reinhard Tartler Tue, 27 May 2008 12:45:10 +0200 + +ffmpeg-free (0.svn20080206-5) unstable; urgency=low + + [ Fabian Greffrath ] + * debian/control: + + Fixed dependency typo, libswscale0 conflicts with libswsacle1d but not + libswscale1d (Closes: #481908). + + [ Reinhard Tartler ] + * disable 015_build_imgresample.diff. Please port all applications + needing the symbols sws_{scale,getContext}, + sws_{getCachedContext,freeContext} to use libswscale instead. + * downgrade debhelper depencency to level 5. We don't use any of the + level 6 features, and level 5 faciliates backporting to earlier + releases massively. + * remove unapplied patches from source to reduce the size of the + .diff.gz. The old patches can be retrieved from branches in our svn. + + -- Reinhard Tartler Thu, 22 May 2008 09:26:06 +0200 + +ffmpeg-free (0.svn20080206-4) unstable; urgency=low + + * debian/rules: + + Moved confflags, that result in GPL versions of the libraries, into a + dedicated variable gpl_confflags. Add this to the common confflags. + + Moved --prefix=/usr to the common confflags. + + Added some comments and whitespace (nothing special). + + Renamed the "risky" keyword to "internalencoders". Set this in + DEB_BUILD_OPTIONS in order to create and build from an unstripped tarball + in the get-orig-source and build rules (Closes: #478010). + + Introduced the "externalcodecs" keyword. Set this in DEB_BUILD_OPTIONS to + enable support for additional codecs via external libraries. + + Commented out the amr?b codecs among the external codecs, because the + resulting packages will be unredistributable. + + -- Fabian Greffrath Tue, 29 Apr 2008 09:07:11 +0100 + +ffmpeg-free (0.svn20080206-3) experimental; urgency=low + + * install qt-faststart. Thanks Stefan Hermann for the patch from ubuntu. + (Closes: #470484) + * Reenable 020_fix_libswscale_pic_code, fixes FTBFS on amd64. + * Reenable altivec, fixes FTBFS on powerpc. + * Add some notes about the removed mpeg encoders (Closes: #440702) + + -- Reinhard Tartler Fri, 18 Apr 2008 23:02:24 +0200 + +ffmpeg-free (0.svn20080206-2) experimental; urgency=low + + [ Reinhard Tartler ] + * patches/020_fix_sws_scale_crash: if sws_scale is given an invalid context + (e.g. a null pointer), the function will crash because of a null pointer + dereference. Add a check for that here. + * add Conflicts/Replaces for libswscale1d. + * Due to the fact that we no longer build the shared version of ffmpeg with + mmx optimisations, the following patches have been dropped: + - 020_mmx_optims.diff + - 020_mmx_pic_code.diff + - 020_disable_snow_mmx_in_pic.diff + - 020_fix_libswscale_pic_code + + [ Fabian Greffrath ] + * debian/control: + + Added libx11-dev and libxext-dev to Build-Depends. + * debian/rules: + + Build with --enable-x11grab (Closes: #441983). + + Build ffmpeg and shared libraries with --extra-cflags="-fPIC -DPIC" + (feeling confident that this closes: #472613) and "drop the surgery + regarding Makefile.pic and config.mak.pic". + + In this context, cleaned up build rule: Run '$(MAKE)' and '$(MAKE) clean' + from the top source directory instead of diving into the library + directories; force move during backup and recovery of the static + libraries; let the build rule itself depend on config-extra-includes.h + (instead of build-stamp) to avoid being run again from the binary rule; + some more minor changes of cosmetic type. + + Renamed config-extra-includes rule to config-extra-includes.h to + reflect the file name of the created file (also changed to override it + instead of appending) and to avoid the rule to be run twice. + + Disabled all architecture-specific optimizations for the time being. + + -- Fabian Greffrath Fri, 1 Apr 2008 17:22:00 +0100 + +ffmpeg-free (0.svn20080206-1) experimental; urgency=low + + [ Reinhard Tartler ] + * new upstream release (Closes: #471136) + * refreshed patches + * libogg was dropped upstream + * no longer install integer.h, as it is not part of the public API (see + upstream r11642). + * no longer install rtp.h, as it is not part of the public API (see + upstream r11505). + * install crc.h and sha1.h to libavutil-dev, since it is part of the + public API now. + * introduce new package: libavdevice52 and libavdevice-dev. + * Implemented debian/get-orig-source.sh and adjusted the get-orig-source + target in debian/rules to use that. + * fix invocation of the testsuite. + * bump standards version to 3.7.3 (no changes needed). + * add script recordshow.sh (Closes: 461434). Thanks to + Daniel Dickinson + * Introdcue binary package ffmpeg-dbg, which contains debugging symbols + of the shared library packages. + + [ Fabian Greffrath ] + * debian/changelog: + + Source is exported from SVN, not CVS. Reflect this in the versioning + scheme (Closes: #468319). + * debian/control: + + Changed Build-Depends to liba52-0.7.4-dev | liba52-dev. + + Improved descriptions and dependencies for libavdevice packages. + * debian/control, debian/compat: + + Bumped debhelper Build-Depends to (>= 6.0.0). + * debian/control, debian/*.install: + + Adopted shared library package names to upstream SONAMEs. + * debian/README.Debian: + + Updated, since AAC decoding (through FAAD) is now enabled. + + Updated URL for unofficial ffmpeg packages. + * debian/rules: + + Reordered confflags to optionally build LGPL versions of the libraries. + + Removed trailing whitespace. + + Removed unused strip rule. + + Added libxvidcore4-dev to weak-build-deps and fixed confflags + in DEB_BUILD_OPTIONS=risky accordingly. + + Added a get-orig-source rule to reproduce the source tarball. Produce an + unstripped tarball if DEB_BUILD_OPTIONS=risky. + + Do not run debian/fixup-config.sh if DEB_BUILD_OPTIONS=risky. + * debian/patches/011_link_plugins.diff: + + Updated to link all plugins against libavutil since they all use symbols + from this library. Resolves "symbols found in none of the libraries" + warnings from dpkg-shlibdeps. + + -- Reinhard Tartler Thu, 20 Mar 2008 17:57:21 +0100 + +ffmpeg-free (0.cvs20071007-4) experimental; urgency=low + + [ Fabian Greffrath ] + * debian/control: + + Wrapped Uploaders, Build-Depends and Depends, + Conflicts and Replaces fields. + + Added libfaad-dev to Build-Depends. + + Added Homepage field. + + Added ${misc:Depends} to all Depends. + * debian/rules: + + Enabled faad support via libfaad + (Closes: #400094, #418230, #447089, #448068, #449387). + + Added libmp3lame-dev to weak-build-deps in DEB_BUILD_OPTIONS=risky. + + Added support for amrnb, amrwb and x264 (Closes: #432170) in + DEB_BUILD_OPTIONS=risky. + + [ Reinhard Tartler ] + * added Fabian Greffrath to Uploaders + + -- Reinhard Tartler Thu, 20 Mar 2008 15:55:11 +0100 + +ffmpeg-free (0.cvs20071007-3) experimental; urgency=low + + * disable armv6 code generation. Thanks to Joey Hess for the patch + (Closes: #438923). + + -- Reinhard Tartler Sun, 13 Jan 2008 23:28:25 +0100 + +ffmpeg-free (0.cvs20071007-2) experimental; urgency=low + + * restore soname on libavutil. got dropped on previous upload. + * Bug fix: "needs libavutil-dev headers but doesn't depend on it", + thanks to rmh@aybabtu.com (Closes: #434494). This was actually already + fixed in a previous upload. + * build dependencies in debian/control are now multiline. + * Drop the XS- from the Vcs-Browser and Vcs-Svn field. + + -- Reinhard Tartler Sun, 16 Dec 2007 21:36:49 +0100 + +ffmpeg-free (0.cvs20071007-1) experimental; urgency=low + + * new upstream snapshot, using the same day as the mplayer release + * Refreshing patches: + -005_altivec_flags.diff: dropped, merged upstream + -005_m68k_workaround.diff: refreshed + -005_runtime_cpudetect.diff: refreshed + -006_mips_pthreads.diff: refreshed + -010_proper_rpath.diff: refreshed + -010_shared_library_versioning.diff: refreshed + -011_link_plugins.diff: refreshed (moved to top level makefile) + -015_build_imgresample.diff: refreshed + -020_disable_snow_mmx_in_pic.diff: refreshed + -020_fix_libswscale_pic_code.diff: refreshed + -020_mmx_optims.diff: refreshed + -020_mmx_pic_code.diff: refreshed + -040_early_altivec_detection.diff: disabled, doesn't apply anymore + -040_only_use_maltivec_when_needed.diff disabled, (causes ftbfs, needs revising) + -040_only_use_maltivec_when_needed.diff: refresh + -051_mjpeg_gray_support.diff, removed applied upstream + -053_rm_demux_crash.diff removed, applied upstream. + -060_fix_avi_skip.diff removed, does not apply anymore + * remove --enable-libdts. ffmpeg now has an internal dts decoder since + r9051 (2007-05-17). It seems that at least some packages link to libdts and + rely on the transitive dependency via ffmpeg. Please add explicit dependencies + on libdts instead! + * Don't ignore errors in upstream Makefile. Bug found via lintian. + + -- Reinhard Tartler Wed, 05 Dec 2007 17:33:34 +0100 + +ffmpeg-free (0.cvs20070307-7) UNRELEASED; urgency=low + + * debian/patches/051_mjpeg_gray_support.diff: + + Support grayscale MJPEG streams as sent by Axis cameras. + + -- Sam Hocevar (Debian packages) Tue, 31 Jul 2007 18:55:31 +0200 + +ffmpeg-free (0.cvs20070307-6) unstable; urgency=low + + * Rename the source package. We are (again) no longer shipping the + 'real' upstream source of ffmpeg. + * Add debian/strip.sh to strip ffmpeg upstream source disabling mpeg + based encoders as discussed with ftp-master at debconf7 + * update XS-Vcs tags in debian/control. + * make ffmpeg binNMU-able by using ${binary:Version} rather than + ${Source-Version} + + -- Reinhard Tartler Sat, 23 Jun 2007 15:11:21 +0100 + +ffmpeg (0.cvs20070307-5) unstable; urgency=low + + * upload to unstable + * remove x264 support, as it has been removed from unstable + + -- Reinhard Tartler Wed, 30 May 2007 15:19:20 +0200 + +ffmpeg (0.cvs20070307-4) experimental; urgency=low + + * added myself to uploaders + + * 020_fix_libswscale_pic_code: + + added, avoid some MMX code to avoid PIC code + + [ Sam Hocevar ] + + * fixed path in library installation. + + -- Reinhard Tartler Wed, 11 Apr 2007 23:17:47 +0200 + +ffmpeg (0.cvs20070307-3) experimental; urgency=low + + * debian/patches/015_build_imgresample.diff: + + Build imgresample functions even with swscaler activated, or legacy + applications will stop working. + + * debian/patches/053_rm_demux_crash.diff: + + New patch: fix a double free with corrupted rm files (Closes: #379922). + + * debian/patches/054_h264_mmx_chroma_mc_crash.diff: + + New patch: workaround for a buffer overflow in the MMX H264 chroma + motion compensation until upstream fixes it properly (Closes: #404176). + + * debian/patches/300_c++_compliant_headers.diff: + + Define INT64_C() when the system headers don't provide it, for instance + when building C++ code. + + * debian/control: + + Set pkg-multimedia-maintainers as main maintainer. + + Updated VCS fields. + * debian/rules: + + Huge cleanup. + + -- Sam Hocevar (Debian packages) Wed, 14 Mar 2007 19:40:42 +0100 + +ffmpeg (0.cvs20070307-2) experimental; urgency=low + + * debian/rules: + + Activate x264 support now that it is in unstable. + * debian/control: + + Build-depend on libx264-dev. + + -- Sam Hocevar (Debian packages) Mon, 12 Mar 2007 21:10:45 +0100 + +ffmpeg (0.cvs20070307-1) experimental; urgency=low + + [ Sam Hocevar ] + + * New upstream snapshot (Closes: #403330, #404788). + * This snapshot fixes numerous file parsing crashes (Closes: #404176, + Closes: #407003, #396282, #365006, #403398). + + * debian/patches/010_proper_rpath.diff: + + New patch. Link objects with the libraries that we generate, not the + ones installed on the system. + + * debian/patches/010_shared_library_versioning.diff: + + Strip unneeded prefix from .pc files (Closes: #404758). + + * debian/patches/011_link_plugins.diff: + + New patch. Link vhook plugins with the appropriate libraries. + + * debian/patches/013_strip_unneeded_linker_flags.diff: + + Remove unneeded -l flags from .pc files (Closes: #373986). + + * debian/patches/020_mmx_optims.diff: + * debian/patches/020_disable_snow_mmx_in_pic.diff: + + Sync patches. + + * debian/patches/020_really_use_liba52.diff: + * debian/patches/050_h264-misc-security-fixes.diff: + * debian/patches/051_asf-misc-security-fixes.diff: + + Drop patches, applied upstream or no longer relevant. + + * debian/patches/040_only_use_maltivec_when_needed.diff: + + Upgraded patch to cover libswscale. + + * debian/libavcodec-dev.install: + + Ship lzo.h and random.h. + + * debian/rules: + + Fix syntax for a few --enable flags. + + Only ship ffmpeg_powerpc_performance_evaluation_howto.txt.gz on + powerpc machines (Closes: #385079). + + Readded --enable-libtheora, it's here again. + + Activate --enable-swscaler (Closes: #399141, #398442). + + [ Reinhard Tartler ] + + * debian/rules: + + Ignore libswscale.pc and rgb2rgb.h. + + * debian/libavcodec-dev.install: + + Ship fifo.h and opt.h. + + * debian/patches/005_altivec_flags.diff: + * debian/patches/005_m68k_workaround.diff: + * debian/patches/005_runtime_cpudetect.diff: + * debian/patches/006_mips_pthreads.diff: + * debian/patches/020_really_use_liba52.diff: + + Sync patches. + + * debian/patches/007_disable_ffmpeg_option.diff: + * debian/patches/030_arm_cpu_detect.diff: + * debian/patches/030_arm_workaround.diff: + + Drop patches, applied upstream or no longer relevant. + + -- Sam Hocevar (Debian packages) Fri, 9 Mar 2007 15:13:16 +0100 + +ffmpeg (0.cvs20060823-7) unstable; urgency=high + + * debian/patches/040_only_use_maltivec_when_needed.diff: + + Fix a static function prototype that prevented programs using libpostproc + from working on PowerPC (Closes: #412214). + + * debian/control: + + Added Xs-Vcs-Browser and XS-Vcs-Svn fields. + + -- Sam Hocevar (Debian packages) Thu, 8 Mar 2007 17:51:37 +0100 + +ffmpeg (0.cvs20060823-6) unstable; urgency=high + + * Upload to unstable. + + -- Loic Minier Thu, 1 Feb 2007 21:36:47 +0100 + +ffmpeg (0.cvs20060823-5) testing-proposed-updates; urgency=high + + [ Loïc Minier ] + * Add myself to Uploaders. + * Exclude firewire libs from ffmpeg-config under kFreeBSD; based on a patch + by Petr Salinger; closes: #399701. + * Fix handling of debug in DEB_BUILD_OPTIONS; thanks Andreas Henriksson; + closes: #406474. + * SECURITY: New patch, 050_h264-misc-security-fixes, to properly check the + sps and pps ids before use and to check more bitstram values and fix + potential security holes; from upstream SVN r7585, r7586, and r7591. + * SECURITY: New patch, 051_asf-misc-security-fixes, to properly check + packet sizes, chunk sizes, and fragment positions; from upstream SVN r7640 + and r7650. + + [ Sam Hocevar ] + * debian/copyright: + + Fix typo and clarify licensing terms (Closes: #398235). + * debian/README.Debian: + + Removed mention of ffmpeg-config now that we ship .pc files. + * debian/patches/020_mmx_optims.diff: + + New patch, fix FTBFS with DEB_BUILD_OPTIONS=debug. + * debian/patches/040_early_altivec_detection.diff: + + New patch, detect AltiVec earlier on and only once so that we don't + risk using signal handlers in a multithreaded environment or when + the caller already installed a SIGILL handler. + * debian/patches/040_only_use_maltivec_when_needed.diff: + + New patch, only use -maltivec with files that use AltiVec intrinsics, + and make sure no codepath leads to these files on a non-AltiVec + machine (Closes: #405926). + * debian/patches/060_fix_avi_skip.diff: + + New patch, courtesy of Ben Hutchings: do not attempt to skip the ODML + if the current seek offset is already beyond it (Closes: #383734). + + -- Sam Hocevar (Debian packages) Mon, 29 Jan 2007 16:58:44 +0100 + +ffmpeg (0.cvs20060823-4) unstable; urgency=high + + * Maintainer upload. + * Acknowledging NMU (Closes: #386458). + + * High urgency because of FTBFS fix. + + * debian/patches/030_arm_workaround.diff: + + New patch courtesy of Aurélien Jarno: disable the broken ARM assembly + code in libavcodec/mpegaudiodec.c. + + * debian/patches/030_arm_cpu_detect.diff: + + New patch courtesy of Aurélien Jarno: correctly detect the newer ARM + CPUs. + + -- Sam Hocevar (Debian packages) Sun, 24 Sep 2006 23:38:29 +0200 + +ffmpeg (0.cvs20060823-3.1) unstable; urgency=medium + + * Non-maintainer upload. + * Fix variable substitution trick in debian/rules (Closes: #386458). + + -- Luk Claes Fri, 15 Sep 2006 21:29:07 +0200 + +ffmpeg (0.cvs20060823-3) unstable; urgency=low + + * debian/rules: + + Take local packages into account when computing shlibs dependencies, so + that ffplay/ffserver depend on the proper libraries (Closes: #386029). + + -- Sam Hocevar (Debian packages) Tue, 5 Sep 2006 17:44:00 +0200 + +ffmpeg (0.cvs20060823-2) unstable; urgency=low + + * debian/patches/020_really_use_liba52.diff: + + New patch: link with the shared liba52 instead of the built-in one. + + * debian/patches/006_mips_pthreads.diff: + + New patch: link libraries with -lpthreads on Linux MIPS because of a + known ld bug. + + * debian/patches/007_disable_ffmpeg_option.diff: + + New patch: add a --disable-ffmpeg option. + + -- Sam Hocevar (Debian packages) Wed, 30 Aug 2006 18:36:52 +0200 + +ffmpeg (0.cvs20060823-1) unstable; urgency=low + + * New SVN snapshot (Closes: #368904). + * debian/control: + + Set policy to 3.7.2. + + Do not build 1394 support on GNU/kFreeBSD or Hurd. Patch courtesy of + Petr Salinger (Closes: #372290). + * debian/rules: + + Minor cleanup. + + Removed --enable-theora, upstream dropped that option. + + * debian/patches/020_mmx_intrinsics.diff: + + Disabled intrinsics workaround because it is no longer necessary and it + causes trouble with some codecs such as H264 (Closes: #373765). + + -- Sam Hocevar (Debian packages) Wed, 23 Aug 2006 12:09:58 +0200 + +ffmpeg (0.cvs20060329-4) unstable; urgency=low + + * debian/control: + + Make each -dev package depend on the corresponding shared library + package (Closes: #361348). + + Moved libavutil files from libavformat-dev to libavcodec-dev which is + the real common dependency (Closes: #361269). + + -- Sam Hocevar (Debian packages) Sun, 9 Apr 2006 15:23:37 +0200 + +ffmpeg (0.cvs20060329-3) unstable; urgency=low + + * debian/rules: that build system is hopeless. We now run configure and + make twice, backup static libraries inbetween, then update timestamps + to fool make. That should fix the FTBFS (Closes: #361215). + + -- Sam Hocevar (Debian packages) Fri, 7 Apr 2006 11:33:15 +0200 + +ffmpeg (0.cvs20060329-2) unstable; urgency=low + + * debian/rules: fixed Makefile.pic generation. + + -- Sam Hocevar (Debian packages) Thu, 6 Apr 2006 16:37:05 +0200 + +ffmpeg (0.cvs20060329-1) unstable; urgency=low + + * New CVS snapshot. + * Upstream fixed a double free in img.c (Closes: #351455). + * Upstream fixed the libvorbisenc dependency in libavcodec.pc + (Closes: #357352). + + * debian/rules: + + Activated threading support (Closes: #335677). + + Manually reinstall dsputil.h. + + * debian/README.Debian: + + Removed mention of --plugin-libs. + + Added a note about the unofficial packages (Closes: #306752). + + * 020_disable_snow_mmx_in_pic.diff: (new patch) disable MMX acceleration in + the Snow encoder in PIC mode. + + -- Sam Hocevar (Debian packages) Thu, 30 Mar 2006 10:41:17 +0200 + +ffmpeg (0.cvs20060306-3) unstable; urgency=low + + * Switched patch system to quilt. + * debian/control: + + Build-depend on quilt. + + * 005_altivec_flags.diff: (new patch from old diff.gz) proper gcc flags to + only generate AltiVec code when explicitely asked. + + * 005_m68k_workaround.diff: (new patch from old diff.gz) use -O2 instead of + -O3 on m68k. + + * 005_runtime_cpudetect.diff: (new patch from old diff.gz) fix runtime CPU + detection on m68k and x86. + + * 010_ffmpeg-config.diff: (new patch from old diff.gz) the ffmpeg-config + script and associated manpage (legacy). + + * 010_shared_library_versioning.diff: (new patch from old diff.gz) use a + Debian-specific scheme for shared library versioning to avoid spreading + libraries incompatible with every other version. + + * 020_mmx_intrinsics.diff: (new patch from old diff.gz) use MMX intrinsics + in dsputil_mmx.c because gcc is unable to compute some register constraints + in PIC mode. + + * 020_mmx_pic_code.diff: (new patch from old diff.gz) ported some MMX code + to be PIC. + + -- Sam Hocevar (Debian packages) Wed, 29 Mar 2006 18:53:35 +0200 + +ffmpeg (0.cvs20060306-2) unstable; urgency=low + + * ffmpeg-config.in: removed references to _pic libraries. + + -- Sam Hocevar (Debian packages) Fri, 17 Mar 2006 20:08:29 +0100 + +ffmpeg (0.cvs20060306-1) unstable; urgency=low + + * New CVS snapshot. + * Upstream now properly installs dsputil.h (Closes: #354391). + * debian/control: + + Distribute shared versions of the libraries with a Debian-specific + soname. + * debian/rules: + + Removed all custom PIC rules. + + Moved ffmpeg-config to libavformat-dev instead of libavcodec-dev so that + it is present by default (Closes: #350750). + + Include apiexample.c in libavcodec-dev (Closes: #350027). + + -- Sam Hocevar (Debian packages) Mon, 6 Mar 2006 11:05:26 +0100 + +ffmpeg (0.cvs20050918-6) unstable; urgency=low + + * Developer upload. + * Acknowledge NMU. Thanks to Samuel Mimram (Closes: #342207). + * configure: + + Set RUNTIME_CPUDETECT (except on m68k where it ICEs and on x86 where it + fails to build some asm constructs) (Closes: #337846). + * debian/rules: + + Make the build process aware of DEB_BUILD_OPTIONS, thanks to Timo + Lindfors (Closes: #338895). + + -- Sam Hocevar (Debian packages) Sat, 21 Jan 2006 16:51:26 +0100 + +ffmpeg (0.cvs20050918-5.1) unstable; urgency=low + + * NMU. + * Fix exploitable heap overflow in libavcodec's handling of images with + PIX_FMT_PAL8 pixel formats (CVE-2005-4048), closes: #342207. + + -- Samuel Mimram Sun, 15 Jan 2006 14:44:36 +0100 + +ffmpeg (0.cvs20050918-5) unstable; urgency=low + + * ffmpeg-config.1: fixed the examples and added a note that static libraries + should be put after the objects that refer to them (Closes: #339803). + + -- Sam Hocevar (Debian packages) Fri, 18 Nov 2005 23:58:16 +0100 + +ffmpeg (0.cvs20050918-4) unstable; urgency=low + + * configure: + + Tell the configure script about m68k, ia64 and others. + + -- Sam Hocevar (Debian packages) Thu, 22 Sep 2005 14:43:59 +0200 + +ffmpeg (0.cvs20050918-3) unstable; urgency=low + + * configure: + + Use -O2 instead of -O3 on m68k to avoid ICEs. + + -- Sam Hocevar (Debian packages) Tue, 20 Sep 2005 17:33:14 +0200 + +ffmpeg (0.cvs20050918-2) unstable; urgency=low + + * libavcodec/i386/dsputil_mmx.c: + + Reworked the MMX intrinsics. + * tests/libav.regression.ref: + + Minor cosmetic fix to use double-digit numbers in test sequences. + * debian/control: + + PowerPC no longer needs to use gcc-3.4, since 4.x is the default. + * libavcodec/Makefile: + + Removed special compilation case for HPPA now that we use 4.x. + + -- Sam Hocevar (Debian packages) Sun, 18 Sep 2005 17:43:48 +0200 + +ffmpeg (0.cvs20050918-1) unstable; urgency=low + + * New CVS snapshot. + * Upstream applied most Debian patches. + * configure: + + Do not use -mabi=altivec (-maltivec is enough for our AltiVec code) so + that our code still runs on a G3 computer (Closes: #319151). + * debian/rules: + + When not cross-compiling, run the regression tests (Closes: #292102). + * debian/changelog: + + Updated the FSF address. + * ffmpeg-config.in: + + Fixed avcodec linkage (Closes: #328505). + * libavcodec/i386/mpegvideo_mmx_template.c: + + Applied patch from Tobias Grimm to fix the PIC MMX code for MPEG + encoding (Closes: #318493). + * libavcodec/i386/dsputil_mmx.c: + + Applied patch from Joshua Kwan to fix the AMD64 build (Closes: #324026). + + Reworked that patch so that it still compiles on x86. + + -- Sam Hocevar (Debian packages) Fri, 16 Sep 2005 13:03:47 +0200 + +ffmpeg (0.cvs20050811-2) unstable; urgency=low + + * ffmpeg-config.in: added a missing -lgsm. + + -- Sam Hocevar (Debian packages) Mon, 22 Aug 2005 19:51:53 +0200 + +ffmpeg (0.cvs20050811-1) unstable; urgency=low + + * New CVS snapshot. + * Upstream fixed an integer overflow in the MPEG encoder (Closes: #320150). + * debian/rules: + + Activated libgsm support. + + Fixed theora support. + + Switched installation method to dh_install. + * Applied patch from Christian Aichinger and others to fix the clobbering + of the %ebx register during build (Closes: #319563). + + -- Sam Hocevar (Debian packages) Thu, 11 Aug 2005 14:22:03 +0200 + +ffmpeg (0.cvs20050626-2) unstable; urgency=low + + * ffmpeg-config.in: fixed the theora link that caused FTBFS. + + -- Sam Hocevar (Debian packages) Fri, 1 Jul 2005 17:20:59 +0200 + +ffmpeg (0.cvs20050626-1) unstable; urgency=low + + * New CVS snapshot. + * debian/control: + + Set policy to 3.6.2.1. + * debian/rules: + + Fixed Vorbis support (Closes: #306023). + + Patch by Jonas Smedegaard : conditionally enable these + unofficial libraries if DEB_BUILD_OPTIONS includes "risky": + o Mpeg2 layer 3 / MP3 (liblame-dev). + o FAAD (libfaad2-dev). + o FAAC (libfaac-dev). + o XviD (libxvidcore-dev). + + Activated theora support. + + Activated IEEE 1394 support (Closes: #296737). + + -- Sam Hocevar (Debian packages) Sun, 26 Jun 2005 15:46:54 +0200 + +ffmpeg (0.cvs20050313-2) unstable; urgency=low + + * libavcodec/libpostproc/postprocess_template.c + libavcodec/i386/mpegvideo_mmx_template.c: fixed my PIC MMX code (Closes: #299700). + * debian/rules: use gcc-3.4 on PowerPC (Closes: #300686). + + -- Sam Hocevar (Debian packages) Mon, 21 Mar 2005 23:38:46 +0100 + +ffmpeg (0.cvs20050313-1) unstable; urgency=low + + * New CVS snapshot. + * configure: fixed the builtin vector test (Closes: #293284), thanks + to Jacob L. Anawalt. + * libavcodec/libpostproc/postprocess_template.c + libavcodec/i386/mpegvideo_mmx_template.c: fixed MMX code so that it can + be compiled in PIC mode, and reactivated MMX (Closes: #290447, #290358). + + -- Sam Hocevar (Debian packages) Sat, 12 Mar 2005 18:34:29 +0100 + +ffmpeg (0.cvs20050121-1) unstable; urgency=low + + * New CVS snapshot. + * This snapshot fixes integer overflows that may lead to arbitrary code + execution (Closes: #291566). + + -- Sam Hocevar (Debian packages) Fri, 21 Jan 2005 17:41:47 +0100 + +ffmpeg (0.cvs20050108-1) unstable; urgency=low + + * Re-done tarball snapshot so that it does not contain binaries. + * ffmpeg-config.in: + + Added missing -lvorbisenc (Closes: #289030). + * debian/rules: + + Install missing headers that are not in the install rule: bwswap.h, + dsputil.h, os_support.h (Closes: #289033). + + -- Sam Hocevar (Debian packages) Sat, 8 Jan 2005 11:30:58 +0100 + +ffmpeg (0.cvs20050106-1) unstable; urgency=low + + * New upstream snapshot. + * The extern/static declaration conflict was fixed upstream (Closes: #288906). + + -- Sam Hocevar (Debian packages) Thu, 6 Jan 2005 15:44:49 +0100 + +ffmpeg (0.cvs20040716-2) unstable; urgency=low + + * debian/rules: + + Include missing rtp.h / rtsp.h in libavformat-dev. + * ffmpeg-config.in: + + Added -lz to the libavcodec linking flags. + + Added -ldts / -ldts_pic, -la52, -lvorbis to the libavcodec linking flags. + + -- Sam Hocevar (Debian packages) Tue, 17 Aug 2004 13:27:41 +0200 + +ffmpeg (0.cvs20040716-1) unstable; urgency=low + + * Initial release (Closes: #199266). + + -- Sam Hocevar (Debian packages) Fri, 16 Jul 2004 12:47:27 +0200 diff --git a/clean b/clean new file mode 100644 index 0000000..0c9cff8 --- /dev/null +++ b/clean @@ -0,0 +1,4 @@ +config-extra-includes.h +EXTRA +codecs.txt +formats.txt diff --git a/compat b/compat new file mode 100644 index 0000000..ec63514 --- /dev/null +++ b/compat @@ -0,0 +1 @@ +9 diff --git a/confflags b/confflags new file mode 100644 index 0000000..385956c --- /dev/null +++ b/confflags @@ -0,0 +1,238 @@ +# -*- mode: makefile -*- +# vim:syntax=make + +export DEB_HOST_MULTIARCH ?= $(shell dpkg-architecture -qDEB_HOST_MULTIARCH) +export DEB_BUILD_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE) +export DEB_HOST_ARCH ?= $(shell dpkg-architecture -qDEB_HOST_ARCH) +export DEB_HOST_ARCH_CPU ?= $(shell dpkg-architecture -qDEB_HOST_ARCH_CPU) +export DEB_HOST_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_HOST_GNU_TYPE) + +SVNREVISION=$(shell cat .svnrevision 2>/dev/null || echo "UNKNOWN") + +CROSS := +ifneq ($(DEB_BUILD_GNU_TYPE),$(DEB_HOST_GNU_TYPE)) + CROSS := $(DEB_HOST_GNU_TYPE)- +endif + +# list of flavors we want to build +FLAVORS := + +# this outputs 0 or 1 depending on whether a macro appears in the *default* cpp +# -dM -P output; this is used to test the toolchain *default* configuration +check_cpp = $(shell $(CROSS)cpp -dM -P /dev/null | grep -q '^\#define $(1)' && echo 1 || echo 0) + +# this outputs 0 or 1 depending on whether a piece of assembly can be compiled +# with the *default* gcc flags; this is used to test the toolchain *default* +# configuration +check_asm = $(shell echo 'void foo(void) { __asm__ volatile("$(1)"); }' | $(CROSS)gcc -x c -c - -o /dev/null 2>/dev/null && echo 1 || echo 0) + +# the other flavors always build dynamic versions +# Also, disable architecture-specific optimizations for default shared build +ifeq ($(DEB_HOST_ARCH_CPU),arm) + # whether the toolchain *default* configuration includes vfp + vfp_asm := fadds s0, s0, s0 + has_vfp := $(call check_asm, $(vfp_asm)) + # whether the toolchain *default* configuration includes neon + neon_asm := vadd.i16 q0, q0, q0 + has_neon := $(call check_asm, $(neon_asm)) + # whether the toolchain *default* configuration enables ARMv7 + v7_asm := dmb + has_v7 := $(call check_asm, $(v7_asm)) + # whether the toolchain *default* configuration uses -mfloat-abi=soft + has_soft := $(call check_cpp,__SOFTFP__ 1) + + # only build a VFP flavour if the toolchain doesn't enable VFP by default + ifneq ($(has_vfp),1) + FLAVORS += vfp + endif + # only build a NEON flavour if the toolchain doesn't enable NEON by default + ifneq ($(has_neon),1) + FLAVORS += neon + endif + # calling-conventions for VFP and NEON flavours: if the toolchain uses + # -mfloat-abi=soft, we want to use softfp, otherwise we want to use the + # toolchain default (either softfp or hardfp) + ifeq ($(has_soft),1) + float_abi := -mfloat-abi=softfp + else + float_abi := + endif +else ifeq ($(DEB_HOST_ARCH),i386) + FLAVORS += cmov +else ifeq ($(DEB_HOST_ARCH),powerpc) + FLAVORS += altivec + nooptflags += --disable-altivec +else ifeq ($(DEB_HOST_ARCH),sparc) + FLAVORS += vis + nooptflags += --disable-vis +endif + +# build a static version on every architecture in the 'debian' Libav package +FLAVORS += static + +# shared is generic, i.e. without arch specific opcodes +# /!\ order matters, you want to list the shared flavor *last* so that the +# binaries from this flavor overwrite the ones from the optional optimized +# flavor(s) and from the static flavor +FLAVORS += shared + +$(info Building FLAVORS=$(FLAVORS)) + +# Conditionally enable certain features depending on +# the corresponding header file being installed or not +define cond_enable + $(shell test -r $(1) && echo --enable-$(2) ) +endef + +# variant that also requires --enable-version3 +define cond_enable_v3 + $(shell test -r $(1) && echo --enable-$(2) --enable-version3 ) +endef + +# variant that also requires --enable-nonfree +define cond_enable_nf + $(shell test -r $(1) && echo --enable-$(2) --enable-nonfree ) +endef + +# Common configuration flags +confflags += --arch='$(DEB_HOST_ARCH_CPU)' +confflags += --enable-pthreads +confflags += --enable-runtime-cpudetect +confflags += --extra-version='$(DEB_VERSION)' +confflags += --libdir=/usr/lib/$(DEB_HOST_MULTIARCH) +confflags += --prefix=/usr +confflags += $(shell test -x /usr/bin/yasm || echo --disable-yasm ) +confflags += --disable-avserver +# CVE-2016-1897 and CVE-2016-1898 +confflags += --disable-protocol=concat + +ifeq ($(DEB_HOST_ARCH),armel) +# this is required on Ubuntu lucid as it defaults to thumb2 and Libav has +# plenty of incompatible assembly; not sure how to detect that properly +confflags += --enable-pic +endif + +ifeq ($(DEB_HOST_ARCH),powerpc) +confflags += --enable-pic +endif + +# Additional features +confflags += $(call cond_enable,/usr/include/bzlib.h,bzlib) +confflags += $(call cond_enable,/usr/include/dc1394/dc1394.h,libdc1394) +confflags += $(call cond_enable,/usr/include/freetype2/ft2build.h,libfreetype) +confflags += $(call cond_enable,/usr/include/frei0r.h,frei0r) +confflags += $(call cond_enable,/usr/include/gnutls/gnutls.h,gnutls) +confflags += $(call cond_enable,/usr/include/gsm/gsm.h,libgsm) +confflags += $(call cond_enable,/usr/include/lame/lame.h,libmp3lame) +confflags += $(call cond_enable,/usr/include/librtmp/http.h,librtmp) +confflags += $(call cond_enable,/usr/include/opencv/cv.hpp,libopencv) +confflags += $(call cond_enable,/usr/include/openjpeg.h,libopenjpeg) +confflags += $(call cond_enable,/usr/include/opus/opus.h,libopus) +confflags += $(call cond_enable,/usr/include/pulse/simple.h,libpulse) +confflags += $(call cond_enable,/usr/include/schroedinger-1.0/schroedinger/schro.h,libschroedinger) +confflags += $(call cond_enable,/usr/include/speex/speex.h,libspeex) +confflags += $(call cond_enable,/usr/include/theora/theoraenc.h,libtheora) +confflags += $(call cond_enable,/usr/include/va/va.h,vaapi) +confflags += $(call cond_enable,/usr/include/vdpau/vdpau.h,vdpau) +confflags += $(call cond_enable,/usr/include/vorbis/vorbisenc.h,libvorbis) +confflags += $(call cond_enable,/usr/include/vpx/vpx_encoder.h,libvpx) +confflags += $(call cond_enable,/usr/include/zlib.h,zlib) + +# Configuration flags causing the libs to be GPL tainted +gpl_confflags += --enable-gpl +gpl_confflags += --enable-swscale +gpl_confflags += $(call cond_enable,/usr/include/cdio/paranoia.h,libcdio) +gpl_confflags += $(call cond_enable,/usr/include/X11/extensions/XShm.h,x11grab) +gpl_confflags += $(call cond_enable,/usr/include/x264.h,libx264) +gpl_confflags += $(call cond_enable,/usr/include/xvid.h,libxvid) +# comment out following line for LGPL versions of the libraries +confflags += $(gpl_confflags) + +# Features that require (L)GPL v3 +v3_confflags += $(call cond_enable_v3,/usr/include/opencore-amrnb/interf_dec.h,libopencore-amrnb) +v3_confflags += $(call cond_enable_v3,/usr/include/opencore-amrwb/dec_if.h,libopencore-amrwb) +v3_confflags += $(call cond_enable_v3,/usr/include/vo-aacenc/voAAC.h,libvo-aacenc) +v3_confflags += $(call cond_enable_v3,/usr/include/vo-amrwbenc/enc_if.h,libvo-amrwbenc) + +# FAAC is considered non-free +confflags += $(call cond_enable_nf,/usr/include/faac.h,libfaac) + +# Enable hardened build flags through dpkg-buildflags +CFLAGS := $(filter-out -g -O2,$(shell dpkg-buildflags --get CFLAGS)) +CPPFLAGS := $(shell dpkg-buildflags --get CPPFLAGS) +LDFLAGS := $(filter-out %-Bsymbolic-functions,$(shell dpkg-buildflags --get LDFLAGS)) + +ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS))) +# Various parts of Libav (and swscale) FTBFS when compiling with -fPIC +# and with mmx code enabled. + confflags += --disable-optimizations + confflags += --disable-mmx +endif + +# Configuration flags for the static libraries +static_build_confflags += $(confflags) + +# Configuration flags for the non-optimized shared libraries +shared_build_confflags += $(confflags) --shlibdir=/usr/lib/$(DEB_HOST_MULTIARCH) +# amd64 has no problems with optimized shared libs. i386 and arm do. +ifneq ($(DEB_HOST_ARCH),amd64) +shared_build_confflags += $(nooptflags) +endif +shared_build_confflags += --enable-shared +shared_build_confflags += --disable-static +# i386 shared builds must be optimized for 586, cf. #728928, #688384 +ifeq ($(DEB_HOST_ARCH),i386) +shared_build_confflags += --cpu='i586' +endif + +## specific to arm architectures +# Configuration flags for the optimised shared libraries +vfp_shlibdir := vfp +vfp_build_confflags += $(confflags) +vfp_build_confflags += --shlibdir=/usr/lib/$(DEB_HOST_MULTIARCH)/$(vfp_shlibdir) +vfp_build_confflags += --enable-shared +vfp_build_confflags += --disable-static +vfp_build_confflags += --extra-cflags="-mfpu=vfp $(float_abi)" +# NB: NEON always implies v7+ and Libav's NEON implementation requires VFP +neon_shlibdir := neon/vfp +neon_build_confflags += $(confflags) +neon_build_confflags += --shlibdir=/usr/lib/$(DEB_HOST_MULTIARCH)/$(neon_shlibdir) +# the NEON pass now requires ubfx which was introduced in armv6t2; we need to +# enable at least armv6t2 for the NEON pass to build, but NEON implies armv7-a +# so pass armv7-a if it's not already enabled +ifneq ($(has_v7),1) +neon_build_confflags += --cpu='armv7-a' +endif +neon_build_confflags += --extra-cflags="-mfpu=neon $(float_abi) -fPIC -DPIC" +neon_build_confflags += --enable-shared +neon_build_confflags += --disable-static + +## i386 architecture specific +# Configuration flags for the optimized shared libraries +cmov_shlibdir := i686/cmov +cmov_build_confflags += $(confflags) +cmov_build_confflags += $(nooptflags) +cmov_build_confflags += --shlibdir=/usr/lib/$(DEB_HOST_MULTIARCH)/$(cmov_shlibdir) +cmov_build_confflags += --cpu='i686' +cmov_build_confflags += --enable-shared +cmov_build_confflags += --disable-static + +## powerpc architecture specific +# Configuration flags for the optimized shared libraries +altivec_shlibdir := altivec +altivec_build_confflags += $(confflags) +altivec_build_confflags += --shlibdir=/usr/lib/$(DEB_HOST_MULTIARCH)/$(altivec_shlibdir) +altivec_build_confflags += --cpu='g4' +altivec_build_confflags += --enable-shared +altivec_build_confflags += --disable-static +altivec_build_confflags += --enable-altivec + +## sparc architecture specific +# Configuration flags for the optimized shared libraries +vis_shlibdir := v9 +vis_build_confflags += $(confflags) +vis_build_confflags += --shlibdir=/usr/lib/$(DEB_HOST_MULTIARCH)/$(vis_shlibdir) +vis_build_confflags += --cpu='sparc64' +vis_build_confflags += --enable-shared +vis_build_confflags += --disable-static +vis_build_confflags += --extra-cflags="-fPIC -DPIC" diff --git a/control b/control new file mode 100644 index 0000000..d39f5f6 --- /dev/null +++ b/control @@ -0,0 +1,411 @@ +Source: libav +Section: libs +Priority: optional +Maintainer: Debian Multimedia Maintainers +Uploaders: + Sam Hocevar (Debian packages) , + Loïc Minier , + Reinhard Tartler , + Fabian Greffrath , + Jonas Smedegaard , + Sebastian Ramacher +Standards-Version: 3.9.5 +Vcs-Git: git://anonscm.debian.org/pkg-multimedia/libav.git +Vcs-Browser: http://anonscm.debian.org/gitweb/?p=pkg-multimedia/libav.git;a=summary +Homepage: http://libav.org/ +Build-Depends-Indep: + doxygen +Build-Depends: + debhelper (>= 9), + frei0r-plugins-dev, + libasound2-dev [linux-any], + libbz2-dev, + libcdio-cdda-dev, + libcdio-dev, + libcdio-paranoia-dev, + libdc1394-22-dev [linux-any], + libfreetype6-dev (>= 2.5.1), + libgnutls28-dev, + libgsm1-dev, + libjack-dev, + libmp3lame-dev, + libopencore-amrnb-dev, + libopencore-amrwb-dev, + libopencv-dev, + libopenjpeg-dev, + libopus-dev (>= 1.0.1), + libpulse-dev, + libraw1394-dev [linux-any], + librtmp-dev (>= 2.2e-4), + libschroedinger-dev, + libsdl1.2-dev, + libspeex-dev, + libtheora-dev (>> 0.0.0.alpha4), + libtiff-dev, + libva-dev [!hurd-any], + libvdpau-dev, + libvo-aacenc-dev, + libvo-amrwbenc-dev, + libvorbis-dev, + libvpx-dev, + libx11-dev, + libx264-dev, + libxext-dev, + libxfixes-dev, + libxvidcore-dev, + libxvmc-dev, + texi2html, + yasm [any-amd64 any-i386], + zlib1g-dev + +Package: libav-tools +Section: video +Architecture: any +Replaces: + libavcodec-extra-53 (<< 4:0.6~) +Pre-Depends: + ${misc:Pre-Depends}, + dpkg (>= 1.15.7.2~) +Depends: + ${misc:Depends}, + ${shlibs:Depends} +Suggests: + frei0r-plugins (>= 1.3) +Conflicts: + ffprobe +Description: Multimedia player, encoder and transcoder + Libav is a complete, cross-platform solution to decode, encode, record, + convert and stream audio and video. + . + This package contains the avplay multimedia player, the avconv audio + and video encoder, and the avprobe stream analyzer. They support most + existing file formats (AVI, MPEG, OGG, Matroska, ASF...) and encoding + formats (MPEG, DivX, MPEG4, AC3, DV...). Additionally, it contains the + qt-faststart utility which rearranges Quicktime files to facilitate + network streaming. + . + This package replaces the 'ffmpeg' command-line tool that was provided + in earlier distroreleases. + +Package: libav-dbg +Section: debug +Priority: extra +Architecture: any +Replaces: + ffmpeg-dbg (<< 6:0.8.3-5), + libav-extra-dbg (<< 6:0.8.3-5) +Breaks: + ffmpeg-dbg (<< 6:0.8.3-5), + libav-extra-dbg (<< 6:0.8.3-5) +Depends: + libav-tools (= ${binary:Version}), + libavcodec56 (= ${binary:Version}) | libavcodec-extra-56 (= ${binary:Version}), + libavdevice55 (= ${binary:Version}), + libavformat56 (= ${binary:Version}), + libavutil54 (= ${binary:Version}), + libswscale3 (= ${binary:Version}), + ${misc:Depends} +Description: Debug symbols for Libav related packages + Libav is a complete, cross-platform solution to decode, encode, record, + convert and stream audio and video. + . + This package contains debug data of the Libav related shared libraries. + . + Most people will not need this package. Please install it to produce useful + stacktraces to help debugging the Libav library. + +Package: libav-doc +Section: doc +Architecture: all +Depends: + ${misc:Depends} +Description: Documentation of the Libav API + Libav is a complete, cross-platform solution to decode, encode, record, + convert and stream audio and video. + . + This package contains the html doxygen documentation of the Libav API. + . + Only application developers will find this package useful. + +Package: libavutil54 +Architecture: any +Multi-Arch: same +Pre-Depends: ${misc:Pre-Depends} +Depends: + ${misc:Depends}, + ${shlibs:Depends} +Description: Libav utility library + Libav is a complete, cross-platform solution to decode, encode, record, + convert and stream audio and video. + . + This is the common utility library from Libav. It contains shared code + used by all other Libav libraries. + +Package: libavcodec56 +Architecture: any +Multi-Arch: same +Pre-Depends: ${misc:Pre-Depends} +Depends: + ${misc:Depends}, + ${shlibs:Depends} +Conflicts: + libavcodec-extra-56 +Replaces: + libavcodec-extra-56 +Breaks: + mplayer (<< 2:1.0~rc4.dfsg1+svn34540-1~) +Description: Libav codec library + Libav is a complete, cross-platform solution to decode, encode, record, + convert and stream audio and video. + . + This is the codec library from Libav (both encoding and decoding). + . + It supports most existing codecs (MPEG, MPEG2, MPEG4, AC3, DV...). + +Package: libavdevice55 +Architecture: any +Multi-Arch: same +Pre-Depends: ${misc:Pre-Depends} +Depends: + ${misc:Depends}, + ${shlibs:Depends} +Description: Libav device handling library + Libav is a complete, cross-platform solution to decode, encode, record, + convert and stream audio and video. + . + This is the device handling library from Libav. + +Package: libavformat56 +Architecture: any +Multi-Arch: same +Pre-Depends: ${misc:Pre-Depends} +Depends: + ${misc:Depends}, + ${shlibs:Depends} +Description: Libav file format library + Libav is a complete, cross-platform solution to decode, encode, record, + convert and stream audio and video. + . + This is the library for handling file formats from Libav. + . + It supports most existing file formats (AVI, MPEG, OGG, Matroska, + ASF...). + +Package: libavfilter5 +Architecture: any +Multi-Arch: same +Pre-Depends: ${misc:Pre-Depends} +Depends: + ${misc:Depends}, + ${shlibs:Depends} +Suggests: + frei0r-plugins (>= 1.3) +Description: Libav video filtering library + Libav is a complete, cross-platform solution to decode, encode, record, + convert and stream audio and video. + . + This is the video filtering library from Libav. + +Package: libswscale3 +Architecture: any +Multi-Arch: same +Pre-Depends: ${misc:Pre-Depends} +Depends: + ${misc:Depends}, + ${shlibs:Depends} +Description: Libav video scaling library + Libav is a complete, cross-platform solution to decode, encode, record, + convert and stream audio and video. + . + This is the video software scaling library from Libav. + +Package: libavutil-dev +Section: libdevel +Architecture: any +Depends: + libavutil54 (= ${binary:Version}), + ${misc:Depends} +Description: Development files for libavutil + Libav is a complete, cross-platform solution to decode, encode, record, + convert and stream audio and video. + . + This is the common utility library from Libav. + . + This package contains the header files and static libraries needed to + compile applications or shared objects that use libavutil. + +Package: libavcodec-dev +Section: libdevel +Architecture: any +Depends: + libavcodec56 (<= ${source:Upstream-Version}-99) | libavcodec-extra-56 (<= ${source:Upstream-Version}-99), + libavcodec56 (>= ${binary:Version}) | libavcodec-extra-56 (>= ${binary:Version}), + libavutil-dev (= ${binary:Version}), + libavresample-dev (= ${binary:Version}), + ${misc:Depends} +Suggests: + libdc1394-22-dev [linux-any], + libgsm1-dev, + libogg-dev, + libraw1394-dev [linux-any], + libschroedinger-dev, + libspeex-dev, + libtheora-dev (>> 0.0.0.alpha4), + libvorbis-dev, + libx11-dev, + libxext-dev, + zlib1g-dev +Description: Development files for libavcodec + Libav is a complete, cross-platform solution to decode, encode, record, + convert and stream audio and video. + . + This is the codec library from Libav. It supports most existing + encoding formats (MPEG, DivX, MPEG4, AC3, DV...). + . + This package contains the header files and static libraries needed to + compile applications or shared objects that use libavcodec. + +Package: libavdevice-dev +Section: libdevel +Architecture: any +Depends: + libavdevice55 (= ${binary:Version}), + libavformat-dev (= ${binary:Version}), + ${misc:Depends} +Description: Development files for libavdevice + Libav is a complete, cross-platform solution to decode, encode, record, + convert and stream audio and video. + . + This is the device handling library from Libav. + . + This package contains the header files and static libraries needed to + compile applications or shared objects that use libavdevice. + +Package: libavformat-dev +Section: libdevel +Architecture: any +Depends: + libavcodec-dev (= ${binary:Version}), + libavformat56 (= ${binary:Version}), + libavutil-dev (= ${binary:Version}), + ${misc:Depends} +Description: Development files for libavformat + Libav is a complete, cross-platform solution to decode, encode, record, + convert and stream audio and video. + . + This is the demuxer library from Libav. It supports most + existing file formats (AVI, MPEG, OGG, Matroska, ASF...). + . + This package contains the header files and static libraries needed to + compile applications or shared objects that use libavformat. + +Package: libavfilter-dev +Section: libdevel +Architecture: any +Depends: + libavcodec-dev (= ${binary:Version}), + libavresample-dev (= ${binary:Version}), + libswscale-dev (= ${binary:Version}), + libavfilter5 (= ${binary:Version}), + ${misc:Depends} +Description: Development files for libavfilter + Libav is a complete, cross-platform solution to decode, encode, record, + convert and stream audio and video. + . + This is the video filtering library from Libav. + . + This package contains the header files and static libraries needed to + compile applications or shared objects that use libavfilter. + +Package: libswscale-dev +Section: libdevel +Architecture: any +Depends: + libavutil-dev (= ${binary:Version}), + libswscale3 (= ${binary:Version}), + ${misc:Depends} +Description: Development files for libswscale + Libav is a complete, cross-platform solution to decode, encode, record, + convert and stream audio and video. + . + This is the video scaling library from Libav. + . + This package contains the header files and static libraries needed to + compile applications or shared objects that use libswscale. + +Package: libavresample-dev +Section: libdevel +Architecture: any +Depends: + libavutil-dev (= ${binary:Version}), + libavresample2 (= ${binary:Version}), + ${misc:Depends} +Description: Development files for libavresample + Libav is a complete, cross-platform solution to decode, encode, record, + convert and stream audio and video. + . + This is the video scaling library from Libav. + . + This package contains the header files and static libraries needed to + compile applications or shared objects that use libswrescale. + +Package: libavresample2 +Architecture: any +Multi-Arch: same +Pre-Depends: ${misc:Pre-Depends} +Replaces: + libavresample0 +Depends: + ${misc:Depends}, + ${shlibs:Depends} +Description: Libav audio resampling library + Libav is a complete, cross-platform solution to decode, encode, record, + convert and stream audio and video. + . + This is the audio software resampling library from Libav. + +Package: libavcodec-extra-56 +Architecture: any +Multi-Arch: same +Pre-Depends: ${misc:Pre-Depends} +Depends: + ${misc:Depends}, + ${shlibs:Depends} +Replaces: + libavcodec56 +Conflicts: + libavcodec56 +Breaks: + mplayer (<< 2:1.0~rc4.dfsg1+svn34540-1~) +Description: Libav codec library (additional codecs) + Libav is a complete, cross-platform solution to decode, encode, record, + convert and stream audio and video. + . + This is the codec library from Libav (both encoding and decoding). + . + This package is a replacement for the regular libavcodec56 library package; + it contains the following additional codecs: + . + * OpenCORE Adaptive Multi-Rate (AMR) Narrow-Band (Encoder/Decoder) + * OpenCORE Adaptive Multi-Rate (AMR) Wide-Band (Decoder) + * Android VisualOn AAC (Encoder) + * Android VisualOn Adaptive Multi-Rate (AMR) Wide-Band (Encoder) + . + Because this package links against libraries that are licensed under + Apache License 2.0, the resulting binaries are distributed under the + GPL version 3 or later. + +Package: libavcodec-extra +Section: metapackages +Priority: extra +Architecture: all +Depends: + libavcodec-extra-56, + ${misc:Depends}, +Description: Libav codec library (additional codecs meta-package) + Libav is a complete, cross-platform solution to decode, encode, record, + convert and stream audio and video. + . + This package depends on the latest version of the libavcodec variant + that offers additional codec support. Application packages can depend + on it if they require or suggest this variant in a robust manner. diff --git a/copyright b/copyright new file mode 100644 index 0000000..2ae0b86 --- /dev/null +++ b/copyright @@ -0,0 +1,514 @@ +Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Upstream-Name: Libav +Upstream-Contact: libav-devel@libav.org +Source: http://libav.org +Comment: + The license for the whole work is the GPL, not the LGPL, because GPL-only + parts of Libav were activated -- namely libswscale, x11grab and + other GPL licensed libraries. If you need LGPL versions of the libraries, + please comment out the appropriate line in debian/confflags. + . + Because libavcodec-extra-* links against libraries that are licensed + under Apache License 2.0, the resulting binaries are distributed under + the GPL version 3 or later. + +Files: * +Copyright: 1994-2012, the Xiph.Org Foundation and contributors + 1995, The Bitmap Brothers Ltd. + 1999-2000, Sebastien Rougeaux + 1999, Intel Corporation + 1999, Roger Hardiman + 2000-2001, Gerard Lantau + 2000-2001, Michel Lespinasse + 2000-2001, Peter Gubanov + 2000-2003,2005,2010, Fabrice Bellard + 2000-2011, The libav developers + 2001-2003, BERO + 2001,2003, Dr. Tim Ferguson + 2001-2005, The ffmpeg Project + 2001-2012, Michael Niedermayer + 2001, Daniel Maas + 2001, Juan J. Sierralta P + 2001, Lionel Ulmer + 2002-2004,2006-2011, Maxim Poliakovski + 2002,2005, Francois Revol + 2002-2005, Roberto Togni + 2002-2006, Alex Beregszaszi + 2002-2008, The Libav Project + 2002, Brian Foley + 2002, Dieter Shirley + 2002, Falk Hueffner + 2002, Frederic 'dilb' Boulay + 2002, Gildas Bazin + 2002, Gunnar Monell + 2002, Laszlo Torok + 2002, Lennert Buytenhek + 2002, Mark Hills + 2002, Remi Guyomarch + 2002, Steve O'Hara-Smith + 2002, the xine project + 2003-2004,2006, Roman Shaposhnik + 2003-2004,2007, Mike Melanson + 2003-2004, Romain Dolbeau + 2003-2005, Christopher R. Hertel + 2003,2006-2007, Michel Bardiaux + 2003,2008-2011, Sascha Sommer + 2003-2012, x264 project + 2003, David S. Miller + 2003, Ewald Snel + 2003, Gustavo Sverzut Barbieri + 2003, International Business Machines, Corp + 2003, Ivan Kalvachev + 2003, James Klicman + 2003, Max Krasnyansky + 2003, Nick Kurshev + 2003, Pascal Massimino + 2003, Thomas Raivio + 2003, Tinic Uro + 2004-2005,2007-2010,2012, Loren Merritt + 2004-2005,2007, Denes Balatoni + 2004,2007, Benjamin Zores + 2004-2007, Eric Lasota + 2004,2007, Marc Hoffman + 2004-2012, Konstantin Shishkov + 2004, Adam Thayer + 2004, AGAWA Koji + 2004, Gildas Bazin + 2004, Maarten Daniels + 2005-2006, DivX, Inc + 2005-2006, Oded Shimon + 2005-2006, Robert Edele + 2005,2007-2008, Ian Caulfield + 2005,2007,2011-2012, Luca Barbato + 2005,2007, Wolfram Gloger + 2005-2008, Diego Biurrun + 2005-2011, Benjamin Larsson + 2005-2011, Reimar Döffinger + 2005-2012, Mans Rullgard + 2005, Alban Bedel + 2005, Anonymous + 2005, David Hammerton + 2005, Jeff Muizelaar + 2005, Matthieu CASTET + 2005, Ole André Vadla Ravnås + 2005, Roine Gustafsson + 2005, Steve Underwood + 2005, Vidar Madsen + 2005, Wim Taymans + 2005, Zoltan Hidvegi + 2006-2007, Baptiste Coudurier + 2006-2007, Maxim Gavrilov + 2006-2007, Reynaldo H. Verdejo Pinochet + 2006-2007, Ryan Martell + 2006-2007, SmartJog S.A. + 2006-2008, Baptiste Coudurier + 2006,2008, Gregory Montoir + 2006-2009, Luca Abeni + 2006-2009, Ramiro Polla + 2006-2009, Robert Swain + 2006,2009, Stefan Gehrer + 2006-2010, Aurelien Jacobs + 2006-2010, Prakash Punnoor + 2006-2012, Justin Ruggles + 2006, Corey Hickey + 2006, Daniel Maas + 2006, Guillaume Poirier + 2006, Kartikey Mahendra BHATT + 2006, Michael Benjamin + 2006, Patrick Guimond + 2006, Paul Richards + 2006, Steve Lhomme + 2006, Thijs Vermeir + 2007-2008, Ivo van Poorten + 2007-2008, Joseph Artsimovich + 2007-2008, Marco Gerards + 2007-2008, Siarhei Siamashka + 2007-2008, UAB "DKD" + 2007,2009-2012, Nicolas George + 2007-2009, Bartlomiej Wolowiec + 2007,2009, Björn Axelsson + 2007,2010, Anssi Hannula + 2007,2010, Bobby Bingham + 2007-2010, David Conrad + 2007-2010, Vitor Sessak + 2007-2011, Stefano Sabatini + 2007, Alexis Ballier + 2007, Benoit Fouet + 2007, Christian Ohm + 2007, Clemens Fruhwirth + 2007, Collabora Ltd + 2007, Denes Balatoni + 2007, Edward Hervey + 2007, Marc Hoffman + 2007, Marc Hoffman + 2007, Nicholas Tung + 2007, Nokia Corporation + 2007, Philippe Kalaf + 2007, Ronald S. Bultje + 2007, Ulion + 2008-2009, Andrej Stepanchuk + 2008-2009, Baptiste Coudurier + 2008-2009, Jaikrishnan Menon + 2008-2009, Ronald S. Bultje + 2008-2009, Splitted-Desktop Systems + 2008,2010, Alexander Strange + 2008,2010, Eli Friedman + 2008-2010, Laurent Aimar + 2008-2010, Paul Kendall + 2008,2010, Zhentan Feng + 2008, Affine Systems, Inc (Michael Sullivan, Bobby Impollonia) + 2008, Alessandro Sappia + 2008, Anuradha Suraparaju + 2008, BBC + 2008, GUCAS + 2008, NVIDIA + 2008, Robert Marston + 2008, robs@users.sourceforge.net + 2008, Sisir Koppaka + 2008, Victor Paesa + 2008, Vladimir Voroshilov + 2008, vmrsss + 2009-2010, Alex Converse + 2009-2010, Daniel Verkamp + 2009-2010, Howard Chu + 2009-2010, Thilo Borgmann + 2009-2012, Martin Storsjo + 2009,2012, Nathan Caldwell + 2009, Christian Schmidt + 2009, Colin McQuillan + 2009, Colin McQuillian + 2009, Dylan Yudaken + 2009, Giliard B. de Freitas + 2009, Ivan Schreter + 2009, James Darnley + 2009, Jimmy Christensen + 2009, Kenan Gillet + 2009, Michael Tison + 2009, Naotoshi Nojiri + 2009, Nicolas Martin + 2009, Samalyse + 2009, Sebastien Lucas + 2009, Stephen Backway + 2009, Thomas P. Higdon + 2009, Tobias Bindhammer + 2009, Toshimitsu Kimura + 2009, Xuggle Incorporated + 2009, Zuxy Meng + 2010-2011, Anatoly Nenashev + 2010,2011, Anton Khirnov + 2010-2011, Janne Grunau + 2010-2011, Vitor Sessak + 2010,2012, Google, Inc + 2010,2012, Ronald S. Bultje + 2010, Adrian Daerr + 2010, Amanda, Y.N. Wu + 2010, Baptiste Coudurier + 2010, Brandon Mintern + 2010, Carl Eugen Hoyos + 2010, Daniel G. Taylor + 2010, Francesco Lavra + 2010, Holger Lubitz + 2010, Jacob Meuser + 2010, Jason Garrett-Glaser + 2010, Josh Allmann + 2010, Marcelo Galvao Povoa + 2010, Mark Nauwelaerts + 2010, Michael Chinen + 2010, Michele Orrù + 2010, Mohamed Naufal Basheer + 2010, Nolan Lum + 2010, Rafael Carre + 2010, Rob Clark + 2010, Sebastian Vater + 2010, S.N. Hemanth Meenakshisundaram + 2010, Tomas Härdin + 2011-2012, Daniel Kang + 2011-2012, Derek Buitenhuis + 2011-2012, Mashiat Sarker Shakkhar + 2011-2012, Paul B Mahol + 2011, Andreas Öman + 2011, Juan Carlos Rodriguez + 2011, Kieran Kunhya + 2011, Mark Himsley + 2011, Matthew Hoops + 2011, Max Horn + 2011, Michael Bradshaw + 2011, Michael Karcher + 2011, Mina Nagy Zaki + 2011, Miroslav Slugeň + 2011, MirriAd Ltd + 2011, Sebastien Zwickert + 2011, Sven Hesse + 2012, Aneesh Dogra (lionaneesh) + 2012, Antti Seppälä + 2012, Christophe Gisquet + 2012, Jan Ekström + 2012, Samuel Pitoiset + CMU 1993, Computer Science, Speech Group Chengxiang Lu and Alex + Hauptmann + Sebastien Bechet +License: LGPL-2.1+~Libav +Comments: + Some copyright holder details extracted from referenced sources at + . + +Files: doc/doxy/doxy_stylesheet.css +Copyright: 2012, Twitter, Inc +License: Apache-2.0 + +Files: libavcodec/jfdctfst.c + libavcodec/jfdctint_template.c + libavcodec/jrevdct.c +Copyright: 1991-1996, Thomas G. Lane +License: IJG + +Files: libavdevice/x11grab.c + libavfilter/yadif.h + libavfilter/vf_blackframe.c + libavfilter/vf_boxblur.c + libavfilter/vf_cropdetect.c + libavfilter/vf_delogo.c + libavfilter/vf_hqdn3d.c + libavfilter/vf_yadif.c + libavfilter/x86/yadif.c + libavfilter/x86/yadif_template.c +Copyright: 1997-1998, Rasca, Berlin + 2000-2001, Fabrice Bellard + 2002-2003, Brian J. Murrell + 2002,2006-2010 Michael Niedermayer + 2002, A'rpi + 2002, Jindrich Makovicka + 2003-2004 Karl H. Beckers, Frankfurt + 2003, Daniel Moreno + 2006, Clemens Fruhwirth + 2006, Edouard Gomez + 2006, Ivo van Poorten + 2006, Julian Hall + 2010-2011, Stefano Sabatini + 2010, Baptiste Coudurier + 2012, Loren Merritt +License: GPL-2+~Libav + +Files: doc/texi2pod.pl +Copyright: 1999-2001, Free Software Foundation, Inc +License: GPL-2+~GCC + +Files: + libavcodec/arm/jrevdct_arm.S + libavcodec/nellymoser.c + libavcodec/nellymoserdec.c + libavcodec/nellymoser.h + libavcodec/x86/vc1dsp_init.c + libavcodec/x86/vc1dsp_mmx.c + libavformat/metadata-example.c + libavformat/oggdec.c + libavformat/oggdec.h + libavformat/oggparseogm.c + libavformat/oggparsespeex.c + libavformat/oggparsetheora.c + libavformat/oggparsevorbis.c + libavformat/output-example.c +Copyright: 2005, Alex Beregszaszi + 2001, Lionel Ulmer / + 2003, Fabrice Bellard + 2005, Matthieu CASTET + 2005, Michael Ahlberg + 2005, Måns Rullgård + 2007, 520e17cd55896441042b14df2566a6eb610ed444 + 2007, 539459aeb7d425140b62a3ec7dbf6dc8e408a306 + 2007, a840bda5870ba11f19698ff6eb9581dfb0f95fa5 + 2007, Benjamin Larsson + 2007, Christophe GISQUET + 2007, Loic Minier + 2008, Reimar Döffinger + 2011, Reinhard Tartler +License: Expat + +Files: libavcodec/faandct.c + libavcodec/zerocodec.c +Copyright: 2003, Michael Niedermayer + 2003, Roman Shaposhnik + 2012, Derek Buitenhuis +License: ISC + +Files: libavcodec/arm/vp8dsp_armv6.S +Copyright: 2010, Google Inc + 2010, Rob Clark + 2011, Mans Rullgard +License: BSD-3-clause~Google and LGPL-2.1+~Libav + +Files: libavutil/adler32.c +Copyright: 1995, Mark Adler +License: Zlib + +License: LGPL-2.1+~Libav + Libav is free software; you can redistribute it and/or modify it under + the terms of the GNU Lesser General Public License as published by the + Free Software Foundation; either version 2.1 of the License, or (at + your option) any later version. + . + Libav is distributed in the hope that it will be useful, but WITHOUT + ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + License for more details. + . + Comment: + . + On Debian systems the 'GNU Lesser General Public License' version 2.1 + is located in '/usr/share/common-licenses/LGPL-2.1'. + . + You should have received a copy of the 'GNU Lesser General Public + License' along with this program. If not, see + . + +License: GPL-2+~Libav + Libav is free software; you can redistribute it and/or modify it under + the terms of the GNU General Public License as published by the Free + Software Foundation; either version 2 of the License, or (at your + option) any later version. + . + Libav is distributed in the hope that it will be useful, but WITHOUT + ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + for more details. + . + Comment: + . + On Debian systems the 'GNU General Public License' version 2 is located + in '/usr/share/common-licenses/GPL-2'. + . + You should have received a copy of the 'GNU General Public License' + along with this program. If not, see . + +License: GPL-2+~GCC + GNU CC is free software; you can redistribute it and/or modify it under + the terms of the GNU General Public License as published by the Free + Software Foundation; either version 2, or (at your option) any later + version. + . + GNU CC is distributed in the hope that it will be useful, but WITHOUT + ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + for more details. + +License: Apache-2.0 + Licensed under the Apache License v2.0 + . + http://www.apache.org/licenses/LICENSE-2.0 + . + Comment: + . + On Debian systems the 'Apache License' version 2.0 is located in + '/usr/share/common-licenses/Apache-2.0'. + +License: IJG + Permission is hereby granted to use, copy, modify, and distribute this + software (or portions thereof) for any purpose, without fee, subject to + these conditions: + . + (1) If any part of the source code for this software is distributed, + then this README file must be included, with this copyright and + no-warranty notice unaltered; and any additions, deletions, or changes + to the original files must be clearly indicated in accompanying + documentation. + . + (2) If only executable code is distributed, then the accompanying + documentation must state that "this software is based in part on the + work of the Independent JPEG Group". + . + (3) Permission for use of this software is granted only if the user + accepts full responsibility for any undesirable consequences; the + authors accept NO LIABILITY for damages of any kind. + . + These conditions apply to any software derived from or based on the IJG + code, not just to the unmodified library. If you use our work, you + ought to acknowledge us. + . + Permission is NOT granted for the use of any IJG author's name or + company name in advertising or publicity relating to this software or + products derived from it. This software may be referred to only as + "the Independent JPEG Group's software". + . + We specifically permit and encourage the use of this software as the + basis of commercial products, provided that all warranty or liability + claims are assumed by the product vendor. + +License: BSD-3-clause~Google + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are + met: + . + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + . + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + . + * Neither the name of Google nor the names of its contributors may be + used to endorse or promote products derived from this software + without specific prior written permission. + . + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS + IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +License: Zlib + This software is provided 'as-is', without any express or implied + warranty. In no event will the authors be held liable for any damages + arising from the use of this software. + . + Permission is granted to anyone to use this software for any purpose, + including commercial applications, and to alter it and redistribute it + freely, subject to the following restrictions: + . + 1. The origin of this software must not be misrepresented; you must not + claim that you wrote the original software. If you use this software + in a product, an acknowledgment in the product documentation would + be appreciated but is not required. + 2. Altered source versions must be plainly marked as such, and must not + be misrepresented as being the original software. + 3. This notice may not be removed or altered from any source + distribution. + +License: Expat + Permission is hereby granted, free of charge, to any person obtaining a + copy of this software and associated documentation files (the + "Software"), to deal in the Software without restriction, including + without limitation the rights to use, copy, modify, merge, publish, + distribute, sublicense, and/or sell copies of the Software, and to + permit persons to whom the Software is furnished to do so, subject to + the following conditions: + . + The above copyright notice and this permission notice shall be included + in all copies or substantial portions of the Software. + . + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS + OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. + IN NO EVENT SHALL THE COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, + DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR + OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR + THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +License: ISC + Permission to use, copy, modify, and/or distribute this software for + any purpose with or without fee is hereby granted, provided that the + above copyright notice and this permission notice appear in all copies. + . + THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL + WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED + WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR + BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES + OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, + WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, + ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS + SOFTWARE. diff --git a/gbp.conf b/gbp.conf new file mode 100644 index 0000000..c0fe6b4 --- /dev/null +++ b/gbp.conf @@ -0,0 +1,8 @@ +[DEFAULT] +upstream-branch = upstream.jessie +debian-branch = jessie +upstream-tag = upstream/%(version)s +debian-tag = debian/%(version)s +pristine-tar = True +compression = xz + diff --git a/get_soname_version.sh b/get_soname_version.sh new file mode 100755 index 0000000..ebe2101 --- /dev/null +++ b/get_soname_version.sh @@ -0,0 +1,23 @@ +#!/bin/sh + +# small helper script to learn about library sonames +# adapted from upstream's configure script + +# Avoid locale weirdness, besides we really just want to translate ASCII. +toupper(){ + echo "$@" | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ +} + +get_version(){ + lcname=${1} + name=$(toupper $lcname) + file=$lcname/version.h + eval $(awk "/#define ${name}_VERSION_M/ { print \$2 \"=\" \$3 }" "$file") + eval ${name}_VERSION=\$${name}_VERSION_MAJOR.\$${name}_VERSION_MINOR.\$${name}_VERSION_MICRO + eval echo "${lcname}_VERSION=\$${name}_VERSION" + eval echo "${lcname}_VERSION_MAJOR=\$${name}_VERSION_MAJOR" + eval echo "${lcname}_VERSION_MINOR=\$${name}_VERSION_MINOR" +} + +get_version "$1" + diff --git a/libav-doc.doc-base b/libav-doc.doc-base new file mode 100644 index 0000000..337f506 --- /dev/null +++ b/libav-doc.doc-base @@ -0,0 +1,9 @@ +Document: libav-doc +Title: Libav API Documentation +Author: Libav Developers +Abstract: This is the main documentation for the Libav API. +Section: Programming + +Format: HTML +Index: /usr/share/doc/libav-doc/html/index.html +Files: /usr/share/doc/libav-doc/html/*.html diff --git a/libav-tools.install b/libav-tools.install new file mode 100644 index 0000000..3eb991a --- /dev/null +++ b/libav-tools.install @@ -0,0 +1,6 @@ +etc +usr/bin/av* +usr/bin/qt-faststart +usr/share/avconv/*.avpreset +usr/share/man/man1/av* +usr/share/doc/libav/*.html diff --git a/libav-tools.maintscript b/libav-tools.maintscript new file mode 100644 index 0000000..fd11a31 --- /dev/null +++ b/libav-tools.maintscript @@ -0,0 +1 @@ +rm_conffile /etc/avserver.conf 6:10.2-1~ diff --git a/libavcodec-dev.examples b/libavcodec-dev.examples new file mode 100644 index 0000000..c272481 --- /dev/null +++ b/libavcodec-dev.examples @@ -0,0 +1 @@ +doc/examples/*.c diff --git a/libavcodec-dev.install.in b/libavcodec-dev.install.in new file mode 100644 index 0000000..69ce957 --- /dev/null +++ b/libavcodec-dev.install.in @@ -0,0 +1,4 @@ +usr/include/libavcodec +usr/lib/@DEB_HOST_MULTIARCH@/libavcodec.a +usr/lib/@DEB_HOST_MULTIARCH_OPT@/libavcodec.so +usr/lib/@DEB_HOST_MULTIARCH@/pkgconfig/libavcodec.pc diff --git a/libavcodec-extra-56.install.in b/libavcodec-extra-56.install.in new file mode 100644 index 0000000..7c69bb0 --- /dev/null +++ b/libavcodec-extra-56.install.in @@ -0,0 +1 @@ +usr/lib/@DEB_HOST_MULTIARCH_OPT@/libavcodec.so.* diff --git a/libavcodec-extra-56.lintian-overrides b/libavcodec-extra-56.lintian-overrides new file mode 100644 index 0000000..295b2ff --- /dev/null +++ b/libavcodec-extra-56.lintian-overrides @@ -0,0 +1,3 @@ +# This is the sister package of libavcodec56 +libavcodec-extra-56: package-name-doesnt-match-sonames +libavcodec-extra-56: shlib-with-non-pic-code diff --git a/libavcodec56.install.in b/libavcodec56.install.in new file mode 100644 index 0000000..7c69bb0 --- /dev/null +++ b/libavcodec56.install.in @@ -0,0 +1 @@ +usr/lib/@DEB_HOST_MULTIARCH_OPT@/libavcodec.so.* diff --git a/libavcodec56.lintian-overrides b/libavcodec56.lintian-overrides new file mode 100644 index 0000000..999dd7e --- /dev/null +++ b/libavcodec56.lintian-overrides @@ -0,0 +1,2 @@ +# Overriding these fpic lintian errors. Please see bug #528080. +libavcodec56: shlib-with-non-pic-code diff --git a/libavdevice-dev.install.in b/libavdevice-dev.install.in new file mode 100644 index 0000000..985ce79 --- /dev/null +++ b/libavdevice-dev.install.in @@ -0,0 +1,4 @@ +usr/include/libavdevice +usr/lib/@DEB_HOST_MULTIARCH@/libavdevice.a +usr/lib/@DEB_HOST_MULTIARCH_OPT@/libavdevice.so +usr/lib/@DEB_HOST_MULTIARCH@/pkgconfig/libavdevice.pc diff --git a/libavdevice55.install.in b/libavdevice55.install.in new file mode 100644 index 0000000..e942547 --- /dev/null +++ b/libavdevice55.install.in @@ -0,0 +1 @@ +usr/lib/@DEB_HOST_MULTIARCH_OPT@/libavdevice.so.* diff --git a/libavdevice55.lintian-overrides b/libavdevice55.lintian-overrides new file mode 100644 index 0000000..e07bc71 --- /dev/null +++ b/libavdevice55.lintian-overrides @@ -0,0 +1,2 @@ +# Overriding these fpic lintian errors. Please see bug #528080. +libavdevice55: shlib-with-non-pic-code diff --git a/libavfilter-dev.install.in b/libavfilter-dev.install.in new file mode 100644 index 0000000..716ee90 --- /dev/null +++ b/libavfilter-dev.install.in @@ -0,0 +1,4 @@ +usr/include/libavfilter +usr/lib/@DEB_HOST_MULTIARCH@/libavfilter.a +usr/lib/@DEB_HOST_MULTIARCH_OPT@/libavfilter.so +usr/lib/@DEB_HOST_MULTIARCH@/pkgconfig/libavfilter.pc diff --git a/libavfilter5.install.in b/libavfilter5.install.in new file mode 100644 index 0000000..4e4157c --- /dev/null +++ b/libavfilter5.install.in @@ -0,0 +1 @@ +usr/lib/@DEB_HOST_MULTIARCH_OPT@/libavfilter.so.* diff --git a/libavfilter5.lintian-overrides b/libavfilter5.lintian-overrides new file mode 100644 index 0000000..cd28cbc --- /dev/null +++ b/libavfilter5.lintian-overrides @@ -0,0 +1,2 @@ +# Overriding these fpic lintian errors. Please see bug #528080. +libavfilter5: shlib-with-non-pic-code diff --git a/libavformat-dev.install.in b/libavformat-dev.install.in new file mode 100644 index 0000000..a4ee167 --- /dev/null +++ b/libavformat-dev.install.in @@ -0,0 +1,4 @@ +usr/include/libavformat +usr/lib/@DEB_HOST_MULTIARCH@/libavformat.a +usr/lib/@DEB_HOST_MULTIARCH_OPT@/libavformat.so +usr/lib/@DEB_HOST_MULTIARCH@/pkgconfig/libavformat.pc diff --git a/libavformat56.install.in b/libavformat56.install.in new file mode 100644 index 0000000..660f3a5 --- /dev/null +++ b/libavformat56.install.in @@ -0,0 +1 @@ +usr/lib/@DEB_HOST_MULTIARCH_OPT@/libavformat.so.* diff --git a/libavformat56.lintian-overrides b/libavformat56.lintian-overrides new file mode 100644 index 0000000..8f15f1c --- /dev/null +++ b/libavformat56.lintian-overrides @@ -0,0 +1,2 @@ +# Overriding these fpic lintian errors. Please see bug #528080. +libavformat56: shlib-with-non-pic-code diff --git a/libavresample-dev.install.in b/libavresample-dev.install.in new file mode 100644 index 0000000..8e1e76a --- /dev/null +++ b/libavresample-dev.install.in @@ -0,0 +1,4 @@ +usr/include/libavresample +usr/lib/@DEB_HOST_MULTIARCH@/libavresample.a +usr/lib/@DEB_HOST_MULTIARCH_OPT@/libavresample.so +usr/lib/@DEB_HOST_MULTIARCH@/pkgconfig/libavresample.pc diff --git a/libavresample2.install.in b/libavresample2.install.in new file mode 100644 index 0000000..d361728 --- /dev/null +++ b/libavresample2.install.in @@ -0,0 +1 @@ +usr/lib/@DEB_HOST_MULTIARCH_OPT@/libavresample.so.* diff --git a/libavresample2.lintian-overrides b/libavresample2.lintian-overrides new file mode 100644 index 0000000..3f86247 --- /dev/null +++ b/libavresample2.lintian-overrides @@ -0,0 +1,2 @@ +# Overriding these fpic lintian errors. Please see bug #528080. +libavresample2: shlib-with-non-pic-code diff --git a/libavutil-dev.install.in b/libavutil-dev.install.in new file mode 100644 index 0000000..5eeb883 --- /dev/null +++ b/libavutil-dev.install.in @@ -0,0 +1,4 @@ +usr/include/libavutil +usr/lib/@DEB_HOST_MULTIARCH@/libavutil.a +usr/lib/@DEB_HOST_MULTIARCH_OPT@/libavutil.so +usr/lib/@DEB_HOST_MULTIARCH@/pkgconfig/libavutil.pc diff --git a/libavutil54.install.in b/libavutil54.install.in new file mode 100644 index 0000000..3dc6cc2 --- /dev/null +++ b/libavutil54.install.in @@ -0,0 +1 @@ +usr/lib/@DEB_HOST_MULTIARCH_OPT@/libavutil.so.* diff --git a/libavutil54.lintian-overrides b/libavutil54.lintian-overrides new file mode 100644 index 0000000..eb64862 --- /dev/null +++ b/libavutil54.lintian-overrides @@ -0,0 +1,2 @@ +# Overriding these fpic lintian errors. Please see bug #528080. +libavutil54: shlib-with-non-pic-code diff --git a/libswscale-dev.install.in b/libswscale-dev.install.in new file mode 100644 index 0000000..71eb932 --- /dev/null +++ b/libswscale-dev.install.in @@ -0,0 +1,4 @@ +usr/include/libswscale +usr/lib/@DEB_HOST_MULTIARCH@/libswscale.a +usr/lib/@DEB_HOST_MULTIARCH_OPT@/libswscale.so +usr/lib/@DEB_HOST_MULTIARCH@/pkgconfig/libswscale.pc diff --git a/libswscale3.install.in b/libswscale3.install.in new file mode 100644 index 0000000..2ac5f14 --- /dev/null +++ b/libswscale3.install.in @@ -0,0 +1 @@ +usr/lib/@DEB_HOST_MULTIARCH_OPT@/libswscale.so.* diff --git a/libswscale3.lintian-overrides b/libswscale3.lintian-overrides new file mode 100644 index 0000000..eb53acd --- /dev/null +++ b/libswscale3.lintian-overrides @@ -0,0 +1,2 @@ +# Overriding these fpic lintian errors. Please see bug #528080. +libswscale3: shlib-with-non-pic-code diff --git a/patches/02-configure-disable-ebx-gcc-4.9.patch b/patches/02-configure-disable-ebx-gcc-4.9.patch new file mode 100644 index 0000000..5d1fa37 --- /dev/null +++ b/patches/02-configure-disable-ebx-gcc-4.9.patch @@ -0,0 +1,25 @@ +Description: Disable ebx_available on i586 +Author: Sebastian Ramacher , + Bernhard Übelacker +Bug: https://bugzilla.libav.org/show_bug.cgi?id=850 +Bug-Debian: https://bugs.debian.org/783082 +Last-Update: 2015-05-05 + +--- a/configure ++++ b/configure +@@ -3978,6 +3978,15 @@ + check_inline_asm ebx_available '""::"b"(0)' && + check_inline_asm ebx_available '"":::"%ebx"' + ++ # workaround for debian#783082 / libav#850 ++ if enabled gcc; then ++ case $($cc -dumpversion) in ++ 4.9.*|5.*) ++ disable ebx_available ++ ;; ++ esac ++ fi ++ + # check whether xmm clobbers are supported + check_inline_asm xmm_clobbers '"":::"%xmm0"' + diff --git a/patches/03-disable-configuration-warnings.patch b/patches/03-disable-configuration-warnings.patch new file mode 100644 index 0000000..0f5a630 --- /dev/null +++ b/patches/03-disable-configuration-warnings.patch @@ -0,0 +1,19 @@ +Author: Reinhard Tartler +Description: Disable configuration output warnings +Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=619530 +Bug-Ubuntu: https://launchpad.net/bugs/765357 +Forwarded: not-needed + +--- a/cmdutils.c ++++ b/cmdutils.c +@@ -765,7 +765,9 @@ void print_error(const char *filename, i + av_log(NULL, AV_LOG_ERROR, "%s: %s\n", filename, errbuf_ptr); + } + +-static int warned_cfg = 0; ++// Debian/Ubuntu: see http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=619530 ++// https://launchpad.net/bugs/765357 ++static int warned_cfg = 1; + + #define INDENT 1 + #define SHOW_VERSION 2 diff --git a/patches/CVE-2014-8542.patch b/patches/CVE-2014-8542.patch new file mode 100644 index 0000000..9010ec5 --- /dev/null +++ b/patches/CVE-2014-8542.patch @@ -0,0 +1,27 @@ +From 105654e376a736d243aef4a1d121abebce912e6b Mon Sep 17 00:00:00 2001 +From: Michael Niedermayer +Date: Fri, 3 Oct 2014 04:30:58 +0200 +Subject: [PATCH] avcodec/utils: Add case for jv to avcodec_align_dimensions2() + +Fixes out of array accesses +Fixes: asan_heap-oob_12304aa_8_asan_heap-oob_4da4f3_300_intro.jv + +Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind +Signed-off-by: Michael Niedermayer +--- + libavcodec/utils.c | 4 ++++ + 1 file changed, 4 insertions(+) + +--- a/libavcodec/utils.c ++++ b/libavcodec/utils.c +@@ -254,6 +254,10 @@ + w_align = 4; + h_align = 4; + } ++ if (s->codec_id == AV_CODEC_ID_JV) { ++ w_align = 8; ++ h_align = 8; ++ } + break; + case AV_PIX_FMT_BGR24: + if ((s->codec_id == AV_CODEC_ID_MSZH) || diff --git a/patches/CVE-2014-9317.patch b/patches/CVE-2014-9317.patch new file mode 100644 index 0000000..f21d41f --- /dev/null +++ b/patches/CVE-2014-9317.patch @@ -0,0 +1,31 @@ +From: Michael Niedermayer +Date: Wed, 26 Nov 2014 14:45:47 +0000 (+0100) +Subject: avcodec/pngdec: Check IHDR/IDAT order +X-Git-Tag: n2.5~151 +X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=79ceaf827be0b070675d4cd0a55c3386542defd8 + +avcodec/pngdec: Check IHDR/IDAT order + +Fixes out of array access +Fixes: asan_heap-oob_20a6c26_2690_cov_3434532168_mail.png +Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind +Signed-off-by: Michael Niedermayer + +[sunweaver] - Port this commit to libav in Debian jessie. +--- + +--- a/libavcodec/pngdec.c ++++ b/libavcodec/pngdec.c +@@ -445,6 +445,12 @@ + case MKTAG('I', 'H', 'D', 'R'): + if (length != 13) + goto fail; ++ ++ if (s->state & PNG_IDAT) { ++ av_log(avctx, AV_LOG_ERROR, "IHDR after IDAT\n"); ++ goto fail; ++ } ++ + s->width = bytestream2_get_be32(&s->gb); + s->height = bytestream2_get_be32(&s->gb); + if (av_image_check_size(s->width, s->height, 0, avctx)) { diff --git a/patches/CVE-2015-1207.patch b/patches/CVE-2015-1207.patch new file mode 100644 index 0000000..a4dd285 --- /dev/null +++ b/patches/CVE-2015-1207.patch @@ -0,0 +1,22 @@ +From 3859868c75313e318ebc5d0d33baada62d45dd75 Mon Sep 17 00:00:00 2001 +From: Michael Niedermayer +Date: Tue, 6 Jan 2015 04:29:10 +0100 +Subject: [PATCH] avformat/mov: fix integer overflow in mov_read_udta_string() + +Found-by: Paul Mehta +Signed-off-by: Michael Niedermayer +--- + libavformat/mov.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/libavformat/mov.c ++++ b/libavformat/mov.c +@@ -337,7 +337,7 @@ + + if (!key) + return 0; +- if (atom.size < 0) ++ if (atom.size < 0 || str_size >= INT_MAX/2) + return AVERROR_INVALIDDATA; + + str_size = FFMIN3(sizeof(str)-1, str_size, atom.size); diff --git a/patches/CVE-2015-1872.patch b/patches/CVE-2015-1872.patch new file mode 100644 index 0000000..4c1dc4c --- /dev/null +++ b/patches/CVE-2015-1872.patch @@ -0,0 +1,30 @@ +From fabbfaa095660982cc0bc63242c459561fa37037 Mon Sep 17 00:00:00 2001 +From: Michael Niedermayer +Date: Wed, 4 Feb 2015 20:48:30 +0100 +Subject: [PATCH] avcodec/mjpegdec: Check number of components for JPEG-LS + +Fixes out of array accesses +Fixes: asan_heap-oob_1c1a4ea_1242_cov_2274415971_TESTcmyk.jpg + +Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind +Signed-off-by: Michael Niedermayer +--- + libavcodec/mjpegdec.c | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) + +--- a/libavcodec/mjpegdec.c ++++ b/libavcodec/mjpegdec.c +@@ -375,8 +375,12 @@ + return AVERROR_PATCHWELCOME; + } + if (s->ls) { +- if (s->nb_components > 1) ++ if (s->nb_components == 3) { + s->avctx->pix_fmt = AV_PIX_FMT_RGB24; ++ } else if (s->nb_components != 1) { ++ av_log(s->avctx, AV_LOG_ERROR, "Unsupported number of components %d\n", s->nb_components); ++ return AVERROR_PATCHWELCOME; ++ } + else if (s->bits <= 8) + s->avctx->pix_fmt = AV_PIX_FMT_GRAY8; + else diff --git a/patches/CVE-2015-6761.patch b/patches/CVE-2015-6761.patch new file mode 100644 index 0000000..763c983 --- /dev/null +++ b/patches/CVE-2015-6761.patch @@ -0,0 +1,28 @@ +From: Michael Niedermayer +Date: Wed, 30 Sep 2015 11:10:48 +0000 (+0200) +Subject: avcodec/vp8: Do not use num_coeff_partitions in thread/buffer setup +X-Git-Tag: n3.0~2422 +X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=dabea74d0e82ea80cd344f630497cafcb3ef872c + +avcodec/vp8: Do not use num_coeff_partitions in thread/buffer setup + +The variable is not a constant and can lead to race conditions + +Fixes: repro.webm (not reproducable with FFmpeg alone) + +Found-by: Dale Curtis +Tested-by: Dale Curtis +Signed-off-by: Michael Niedermayer +--- + +--- a/libavcodec/vp8.c ++++ b/libavcodec/vp8.c +@@ -156,7 +156,7 @@ + s->mb_height = (s->avctx->coded_height + 15) / 16; + + s->mb_layout = is_vp7 || avctx->active_thread_type == FF_THREAD_SLICE && +- FFMIN(s->num_coeff_partitions, avctx->thread_count) > 1; ++ avctx->thread_count > 1; + if (!s->mb_layout) { // Frame threading and one thread + s->macroblocks_base = av_mallocz((s->mb_width + s->mb_height * 2 + 1) * + sizeof(*s->macroblocks)); diff --git a/patches/CVE-2015-6818.patch b/patches/CVE-2015-6818.patch new file mode 100644 index 0000000..0bc4513 --- /dev/null +++ b/patches/CVE-2015-6818.patch @@ -0,0 +1,31 @@ +From: Michael Niedermayer +Date: Mon, 29 Jun 2015 19:08:05 +0000 (+0200) +Subject: avcodec/pngdec: Only allow one IHDR chunk +X-Git-Tag: n2.8~1342 +X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=47f4e2d8960ca756ca153ab8e3e93d80449b8c91 + +avcodec/pngdec: Only allow one IHDR chunk + +Multiple IHDR chunks are forbidden in PNG +Fixes inconsistency and out of array accesses + +Fixes: asan_heap-oob_4d5c5a_1738_cov_2638287726_c-m2-8f2b481b7fd9bd745e620b7c01a18df2.png + +Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind +Signed-off-by: Michael Niedermayer +--- + +--- a/libavcodec/pngdec.c ++++ b/libavcodec/pngdec.c +@@ -451,6 +451,11 @@ + goto fail; + } + ++ if (s->state & PNG_IHDR) { ++ av_log(avctx, AV_LOG_ERROR, "Multiple IHDR\n"); ++ goto fail; ++ } ++ + s->width = bytestream2_get_be32(&s->gb); + s->height = bytestream2_get_be32(&s->gb); + if (av_image_check_size(s->width, s->height, 0, avctx)) { diff --git a/patches/CVE-2015-6820.patch b/patches/CVE-2015-6820.patch new file mode 100644 index 0000000..c44600a --- /dev/null +++ b/patches/CVE-2015-6820.patch @@ -0,0 +1,49 @@ +From: Michael Niedermayer +Date: Wed, 1 Jul 2015 00:05:43 +0000 (+0200) +Subject: avcodec/aacsbr: check that the element type matches before applying SBR +X-Git-Tag: n2.8~1308 +X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=79a98294da6cd85f8c86b34764c5e0c43b09eea3 + +avcodec/aacsbr: check that the element type matches before applying SBR + +Fixes out of array access +Fixes: signal_sigsegv_3670fc0_2818_cov_2307326154_moon.mux + +Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind +Signed-off-by: Michael Niedermayer +--- + +--- a/libavcodec/aacsbr.c ++++ b/libavcodec/aacsbr.c +@@ -1006,6 +1006,8 @@ + { + unsigned int cnt = get_bits_count(gb); + ++ sbr->id_aac = id_aac; ++ + if (id_aac == TYPE_SCE || id_aac == TYPE_CCE) { + if (read_sbr_single_channel_element(ac, sbr, gb)) { + sbr_turnoff(sbr); +@@ -1658,6 +1660,12 @@ + int nch = (id_aac == TYPE_CPE) ? 2 : 1; + int err; + ++ if (id_aac != sbr->id_aac) { ++ av_log(ac->avctx, AV_LOG_ERROR, ++ "element type mismatch %d != %d\n", id_aac, sbr->id_aac); ++ sbr_turnoff(sbr); ++ } ++ + if (!sbr->kx_and_m_pushed) { + sbr->kx[0] = sbr->kx[1]; + sbr->m[0] = sbr->m[1]; +--- a/libavcodec/sbr.h ++++ b/libavcodec/sbr.h +@@ -114,6 +114,7 @@ + typedef struct SpectralBandReplication { + int sample_rate; + int start; ++ int id_aac; + int reset; + SpectrumParameters spectrum_params; + int bs_amp_res_header; diff --git a/patches/CVE-2015-6821.patch b/patches/CVE-2015-6821.patch new file mode 100644 index 0000000..5aa4fe5 --- /dev/null +++ b/patches/CVE-2015-6821.patch @@ -0,0 +1,121 @@ +From: Michael Niedermayer +Date: Thu, 9 Jul 2015 20:16:15 +0000 (+0200) +Subject: avcodec/mpegvideo: Clear pointers in ff_mpv_common_init() +X-Git-Tag: n2.8~1148 +X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=b160fc290cf49b516c5b6ee0730fd9da7fc623b1 + +avcodec/mpegvideo: Clear pointers in ff_mpv_common_init() + +This ensures that no stale pointers leak through on any path + +Fixes: signal_sigsegv_c3097a_991_xtrem_e2_m64q15_a32sxx.3gp + +Found-by: Samuel Groß, Mateusz "j00ru" Jurczyk and Gynvael Coldwind +Signed-off-by: Michael Niedermayer +--- + +--- a/libavcodec/mpegvideo.c ++++ b/libavcodec/mpegvideo.c +@@ -1228,6 +1228,82 @@ + return AVERROR(ENOMEM); + } + ++static void clear_context(MpegEncContext *s) ++{ ++ int i, j, k; ++ ++ memset(&s->next_picture, 0, sizeof(s->next_picture)); ++ memset(&s->last_picture, 0, sizeof(s->last_picture)); ++ memset(&s->current_picture, 0, sizeof(s->current_picture)); ++ memset(&s->new_picture, 0, sizeof(s->new_picture)); ++ ++ memset(s->thread_context, 0, sizeof(s->thread_context)); ++ ++ s->me.map = NULL; ++ s->me.score_map = NULL; ++ s->dct_error_sum = NULL; ++ s->block = NULL; ++ s->blocks = NULL; ++ memset(s->pblocks, 0, sizeof(s->pblocks)); ++ s->ac_val_base = NULL; ++ s->ac_val[0] = ++ s->ac_val[1] = ++ s->ac_val[2] =NULL; ++ s->edge_emu_buffer = NULL; ++ s->me.scratchpad = NULL; ++ s->me.temp = ++ s->rd_scratchpad = ++ s->b_scratchpad = ++ s->obmc_scratchpad = NULL; ++ ++ s->parse_context.buffer = NULL; ++ s->parse_context.buffer_size = 0; ++ s->bitstream_buffer = NULL; ++ s->allocated_bitstream_buffer_size = 0; ++ s->picture = NULL; ++ s->mb_type = NULL; ++ s->p_mv_table_base = NULL; ++ s->b_forw_mv_table_base = NULL; ++ s->b_back_mv_table_base = NULL; ++ s->b_bidir_forw_mv_table_base = NULL; ++ s->b_bidir_back_mv_table_base = NULL; ++ s->b_direct_mv_table_base = NULL; ++ s->p_mv_table = NULL; ++ s->b_forw_mv_table = NULL; ++ s->b_back_mv_table = NULL; ++ s->b_bidir_forw_mv_table = NULL; ++ s->b_bidir_back_mv_table = NULL; ++ s->b_direct_mv_table = NULL; ++ for (i = 0; i < 2; i++) { ++ for (j = 0; j < 2; j++) { ++ for (k = 0; k < 2; k++) { ++ s->b_field_mv_table_base[i][j][k] = NULL; ++ s->b_field_mv_table[i][j][k] = NULL; ++ } ++ s->b_field_select_table[i][j] = NULL; ++ s->p_field_mv_table_base[i][j] = NULL; ++ s->p_field_mv_table[i][j] = NULL; ++ } ++ s->p_field_select_table[i] = NULL; ++ } ++ ++ s->dc_val_base = NULL; ++ s->coded_block_base = NULL; ++ s->mbintra_table = NULL; ++ s->cbp_table = NULL; ++ s->pred_dir_table = NULL; ++ ++ s->mbskip_table = NULL; ++ ++ s->er.error_status_table = NULL; ++ s->er.er_temp_buffer = NULL; ++ s->mb_index2xy = NULL; ++ s->lambda_table = NULL; ++ ++ s->cplx_tab = NULL; ++ s->bits_tab = NULL; ++} ++ + /** + * init common structure for both encoder and decoder. + * this assumes that some variables like width/height are already set +@@ -1239,6 +1315,8 @@ + s->avctx->active_thread_type & FF_THREAD_SLICE) ? + s->avctx->thread_count : 1; + ++ clear_context(s); ++ + if (s->encoding && s->avctx->slices) + nb_slices = s->avctx->slices; + +@@ -1290,10 +1368,6 @@ + if (!s->picture[i].f) + goto fail; + } +- memset(&s->next_picture, 0, sizeof(s->next_picture)); +- memset(&s->last_picture, 0, sizeof(s->last_picture)); +- memset(&s->current_picture, 0, sizeof(s->current_picture)); +- memset(&s->new_picture, 0, sizeof(s->new_picture)); + s->next_picture.f = av_frame_alloc(); + if (!s->next_picture.f) + goto fail; diff --git a/patches/CVE-2015-6822.patch b/patches/CVE-2015-6822.patch new file mode 100644 index 0000000..54454d4 --- /dev/null +++ b/patches/CVE-2015-6822.patch @@ -0,0 +1,24 @@ +From: Michael Niedermayer +Date: Mon, 13 Jul 2015 14:05:21 +0000 (+0200) +Subject: avcodec/sanm: Reset sizes in destroy_buffers() +X-Git-Tag: n2.8~1072 +X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=39bbdebb1ed8eb9c9b0cd6db85afde6ba89d86e4 + +avcodec/sanm: Reset sizes in destroy_buffers() + +Fixes crash in 1288a2fe8e9ae6b00ca40e089d08ca65_signal_sigsegv_7ffff71426a7_354_accident.san with allocation limit 65536 + +Found-by: Samuel Groß, Mateusz "j00ru" Jurczyk and Gynvael Coldwind +Signed-off-by: Michael Niedermayer +--- + +--- a/libavcodec/sanm.c ++++ b/libavcodec/sanm.c +@@ -406,6 +406,7 @@ + ctx->frm0_size = + ctx->frm1_size = + ctx->frm2_size = 0; ++ init_sizes(ctx, 0, 0); + } + + static av_cold int init_buffers(SANMVideoContext *ctx) diff --git a/patches/CVE-2015-6823.patch b/patches/CVE-2015-6823.patch new file mode 100644 index 0000000..6c1b5f2 --- /dev/null +++ b/patches/CVE-2015-6823.patch @@ -0,0 +1,29 @@ +From: Michael Niedermayer +Date: Mon, 13 Jul 2015 13:46:10 +0000 (+0200) +Subject: avcodec/alac: Clear pointers in allocate_buffers() +X-Git-Tag: n2.8~1073 +X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=f7068bf277a37479aecde2832208d820682b35e6 + +avcodec/alac: Clear pointers in allocate_buffers() + +Fixes: 06a4edb39ad8a9883175f9bd428334a2_signal_sigsegv_7ffff713351a_706_mov__alac__ALAC_6ch.mov + +Found-by: Samuel Groß, Mateusz "j00ru" Jurczyk and Gynvael Coldwind +Signed-off-by: Michael Niedermayer +--- + +--- a/libavcodec/alac.c ++++ b/libavcodec/alac.c +@@ -482,6 +482,12 @@ + int ch; + int buf_size = alac->max_samples_per_frame * sizeof(int32_t); + ++ for (ch = 0; ch < 2; ch++) { ++ alac->predict_error_buffer[ch] = NULL; ++ alac->output_samples_buffer[ch] = NULL; ++ alac->extra_bits_buffer[ch] = NULL; ++ } ++ + for (ch = 0; ch < FFMIN(alac->channels, 2); ch++) { + FF_ALLOC_OR_GOTO(alac->avctx, alac->predict_error_buffer[ch], + buf_size, buf_alloc_fail); diff --git a/patches/CVE-2015-6824.patch b/patches/CVE-2015-6824.patch new file mode 100644 index 0000000..b7fa1dd --- /dev/null +++ b/patches/CVE-2015-6824.patch @@ -0,0 +1,30 @@ +From: Michael Niedermayer +Date: Wed, 15 Jul 2015 17:20:19 +0000 (+0200) +Subject: swscale/utils: Clear pix buffers +X-Git-Tag: n2.8~1024 +X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=a5d44d5c220e12ca0cb7a4eceb0f74759cb13111 + +swscale/utils: Clear pix buffers + +Fixes use of uninitialized memory +Fixes: a96874b9466b6edc660a519c7ad47977_signal_sigsegv_7ffff713351a_744_nc_sample.avi with memlimit 2147483648 + +Found-by: Samuel Groß, Mateusz "j00ru" Jurczyk and Gynvael Coldwind +Signed-off-by: Michael Niedermayer +--- + +--- a/libswscale/utils.c ++++ b/libswscale/utils.c +@@ -1217,9 +1217,9 @@ + + /* Allocate pixbufs (we use dynamic allocation because otherwise we would + * need to allocate several megabytes to handle all possible cases) */ +- FF_ALLOC_OR_GOTO(c, c->lumPixBuf, c->vLumBufSize * 3 * sizeof(int16_t *), fail); +- FF_ALLOC_OR_GOTO(c, c->chrUPixBuf, c->vChrBufSize * 3 * sizeof(int16_t *), fail); +- FF_ALLOC_OR_GOTO(c, c->chrVPixBuf, c->vChrBufSize * 3 * sizeof(int16_t *), fail); ++ FF_ALLOCZ_OR_GOTO(c, c->lumPixBuf, c->vLumBufSize * 3 * sizeof(int16_t *), fail); ++ FF_ALLOCZ_OR_GOTO(c, c->chrUPixBuf, c->vChrBufSize * 3 * sizeof(int16_t *), fail); ++ FF_ALLOCZ_OR_GOTO(c, c->chrVPixBuf, c->vChrBufSize * 3 * sizeof(int16_t *), fail); + if (CONFIG_SWSCALE_ALPHA && isALPHA(c->srcFormat) && isALPHA(c->dstFormat)) + FF_ALLOCZ_OR_GOTO(c, c->alpPixBuf, c->vLumBufSize * 3 * sizeof(int16_t *), fail); + /* Note we need at least one pixel more at the end because of the MMX code diff --git a/patches/CVE-2015-6825.patch b/patches/CVE-2015-6825.patch new file mode 100644 index 0000000..ed9011a --- /dev/null +++ b/patches/CVE-2015-6825.patch @@ -0,0 +1,24 @@ +From: Michael Niedermayer +Date: Thu, 16 Jul 2015 09:52:33 +0000 (+0200) +Subject: avcodec/pthread_frame: clear priv_data, avoid stale pointer in error case +X-Git-Tag: n2.8~1010 +X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=f1a38264f20382731cf2cc75fdd98f4c9a84a626 + +avcodec/pthread_frame: clear priv_data, avoid stale pointer in error case + +Fixes: b4b47bc2b3fb7ca710bfffe5aa969e37_signal_sigabrt_7ffff70eccc9_744_nc_sample2.avi with memlimit of 4194304 + +Found-by: Samuel Groß, Mateusz "j00ru" Jurczyk and Gynvael Coldwind +Signed-off-by: Michael Niedermayer +--- + +--- a/libavcodec/pthread_frame.c ++++ b/libavcodec/pthread_frame.c +@@ -616,6 +616,7 @@ + + copy->internal = av_malloc(sizeof(AVCodecInternal)); + if (!copy->internal) { ++ copy->priv_data = NULL; + err = AVERROR(ENOMEM); + goto error; + } diff --git a/patches/CVE-2015-6826.patch b/patches/CVE-2015-6826.patch new file mode 100644 index 0000000..e334deb --- /dev/null +++ b/patches/CVE-2015-6826.patch @@ -0,0 +1,32 @@ +From: Michael Niedermayer +Date: Sat, 18 Jul 2015 09:24:45 +0000 (+0200) +Subject: avcodec/rv34: Clear pointers in ff_rv34_decode_init_thread_copy() +X-Git-Tag: n2.8~958 +X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=3197c0aa87a3b7190e17d49e6fbc7b554e4b3f0a + +avcodec/rv34: Clear pointers in ff_rv34_decode_init_thread_copy() + +Avoids leaving stale pointers +Fixes: signal_sigabrt_7ffff70eccc9_819_sabtriple.rm with memlimit 536870912 + +Found-by: Samuel Groß, Mateusz "j00ru" Jurczyk and Gynvael Coldwind +Signed-off-by: Michael Niedermayer +--- + +--- a/libavcodec/rv34.c ++++ b/libavcodec/rv34.c +@@ -1525,7 +1525,14 @@ + + if (avctx->internal->is_copy) { + r->tmp_b_block_base = NULL; ++ r->cbp_chroma = NULL; ++ r->cbp_luma = NULL; ++ r->deblock_coefs = NULL; ++ r->intra_types_hist = NULL; ++ r->mb_type = NULL; ++ + ff_mpv_idct_init(&r->s); ++ + if ((err = ff_mpv_common_init(&r->s)) < 0) + return err; + if ((err = rv34_decoder_alloc(r)) < 0) { diff --git a/patches/CVE-2015-8216.patch b/patches/CVE-2015-8216.patch new file mode 100644 index 0000000..3328f3e --- /dev/null +++ b/patches/CVE-2015-8216.patch @@ -0,0 +1,39 @@ +From: Michael Niedermayer +Date: Wed, 4 Nov 2015 17:08:52 +0000 (+0100) +Subject: avcodec/mjpegdec: Check index in ljpeg_decode_yuv_scan() before using it +X-Git-Tag: n3.0~1729 +X-Git-Url: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=d24888ef19ba38b787b11d1ee091a3d94920c76a + +avcodec/mjpegdec: Check index in ljpeg_decode_yuv_scan() before using it + +Fixes: 04715144ba237443010554be0d05343f/asan_heap-oob_1eafc76_1737_c685b48041a563461839e4e7ab97abb8.jpg +Fixes out of array access + +Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind +Signed-off-by: Michael Niedermayer + +[sunweaver] Re-based for libav 11.12 in Debian jessie LTS. + +--- + +--- a/libavcodec/mjpegdec.c ++++ b/libavcodec/mjpegdec.c +@@ -768,6 +768,10 @@ + + for (j = 0; j < n; j++) { + int pred; ++ if ( h * mb_x + x >= s->width ++ || v * mb_y + y >= s->height) { ++ // Nothing to do ++ } else { + // FIXME optimize this crap + ptr = s->picture_ptr->data[c] + + (linesize * (v * mb_y + y)) + +@@ -788,6 +792,7 @@ + if (s->interlaced && s->bottom_field) + ptr += linesize >> 1; + *ptr = pred + (mjpeg_decode_dc(s, s->dc_index[i]) << point_transform); ++ } + + if (++x == h) { + x = 0; diff --git a/patches/CVE-2015-8217.patch b/patches/CVE-2015-8217.patch new file mode 100644 index 0000000..2187520 --- /dev/null +++ b/patches/CVE-2015-8217.patch @@ -0,0 +1,33 @@ +From: Michael Niedermayer +Date: Thu, 5 Nov 2015 13:52:33 +0000 (+0100) +Subject: avcodec/hevc_ps: Check chroma_format_idc +X-Git-Tag: n3.0~1722 +X-Git-Url: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=93f30f825c08477fe8f76be00539e96014cc83c8 + +avcodec/hevc_ps: Check chroma_format_idc + +Fixes out of array access +Fixes: 24d05e8b84676799c735c9e27d97895e/asan_heap-oob_1b70f6a_2955_7c3652a7f370f9f3ef40642bc2c99bb2.bit + +Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind +Signed-off-by: Michael Niedermayer + +[sunweaver] Ported to libav 11.12 in Debian jessie LTS. + +--- + +--- a/libavcodec/hevc_ps.c ++++ b/libavcodec/hevc_ps.c +@@ -661,9 +661,9 @@ + } + + sps->chroma_format_idc = get_ue_golomb_long(gb); +- if (sps->chroma_format_idc != 1) { +- avpriv_report_missing_feature(s->avctx, "chroma_format_idc != 1\n"); +- ret = AVERROR_PATCHWELCOME; ++ if (sps->chroma_format_idc > 3u) { ++ av_log(s->avctx, AV_LOG_ERROR, "chroma_format_idc %d is invalid\n", sps->chroma_format_idc); ++ ret = AVERROR_INVALIDDATA; + goto err; + } + diff --git a/patches/CVE-2015-8363.patch b/patches/CVE-2015-8363.patch new file mode 100644 index 0000000..5d19571 --- /dev/null +++ b/patches/CVE-2015-8363.patch @@ -0,0 +1,36 @@ + +m: Michael Niedermayer +Date: Fri, 13 Nov 2015 23:51:56 +0000 (+0100) +Subject: avcodec/jpeg2000dec: Check for duplicate SIZ marker +X-Git-Tag: n3.0~1580 +X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=44a7f17d0b20e6f8d836b2957e3e357b639f19a2 + +avcodec/jpeg2000dec: Check for duplicate SIZ marker + +Fixes: 0231a17345734228011c6f35a64e4594/asan_heap-oob_1d92a72_3218_1213809a9e3affec77e4c191fdfdc0a9.mov + +Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind +Signed-off-by: Michael Niedermayer +--- + +--- a/libavcodec/jpeg2000dec.c ++++ b/libavcodec/jpeg2000dec.c +@@ -1265,6 +1265,7 @@ + } + av_freep(&s->tile); + s->numXtiles = s->numYtiles = 0; ++ s->ncomponents = 0; + } + + static int jpeg2000_read_main_headers(Jpeg2000DecoderContext *s) +@@ -1315,6 +1316,10 @@ + + switch (marker) { + case JPEG2000_SIZ: ++ if (s->ncomponents) { ++ av_log(s->avctx, AV_LOG_ERROR, "Duplicate SIZ\n"); ++ return AVERROR_INVALIDDATA; ++ } + ret = get_siz(s); + break; + case JPEG2000_COC: diff --git a/patches/CVE-2015-8364.patch b/patches/CVE-2015-8364.patch new file mode 100644 index 0000000..98830e8 --- /dev/null +++ b/patches/CVE-2015-8364.patch @@ -0,0 +1,34 @@ +From: Michael Niedermayer +Date: Sat, 14 Nov 2015 01:36:22 +0000 (+0100) +Subject: avcodec/ivi: Check image dimensions +X-Git-Tag: n3.0~1578 +X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=df91aa034b82b77a3c4e01791f4a2b2ff6c82066 + +avcodec/ivi: Check image dimensions + +Fixes integer overflow +Fixes: 1e32c6c591d940337c20b197ec1c4d3d/asan_heap-oob_4a52e5_8946_0bb0d9e863def56005e49f1d89bdc94d.avi + +Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind +Signed-off-by: Michael Niedermayer +--- + +--- a/libavcodec/ivi_common.c ++++ b/libavcodec/ivi_common.c +@@ -30,6 +30,7 @@ + + #define BITSTREAM_READER_LE + #include "libavutil/attributes.h" ++#include "libavutil/imgutils.h" + #include "libavutil/timer.h" + #include "avcodec.h" + #include "get_bits.h" +@@ -312,7 +313,7 @@ + + ivi_free_buffers(planes); + +- if (cfg->pic_width < 1 || cfg->pic_height < 1 || ++ if (av_image_check_size(cfg->pic_width, cfg->pic_height, 0, NULL) < 0 || + cfg->luma_bands < 1 || cfg->chroma_bands < 1) + return AVERROR_INVALIDDATA; + diff --git a/patches/CVE-2015-8661.patch b/patches/CVE-2015-8661.patch new file mode 100644 index 0000000..8b1ee24 --- /dev/null +++ b/patches/CVE-2015-8661.patch @@ -0,0 +1,25 @@ +From: Michael Niedermayer +Date: Tue, 24 Nov 2015 21:12:37 +0000 (+0100) +Subject: avcodec/h264_slice: Limit max_contexts when slice_context_count is initialized +X-Git-Tag: n3.0~1433 +X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=4ea4d2f438c9a7eba37980c9a87be4b34943e4d5 + +avcodec/h264_slice: Limit max_contexts when slice_context_count is initialized + +Fixes out of array access +Fixes: 1430e9c43fae47a24c179c7c54f94918/signal_sigsegv_421427_2049_f2192b6829ab6e0eefcb035329c03c60.264 + +Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind +Signed-off-by: Michael Niedermayer +--- + +--- a/libavcodec/h264_slice.c ++++ b/libavcodec/h264_slice.c +@@ -1118,6 +1118,7 @@ + nb_slices = max_slices; + } + h->slice_context_count = nb_slices; ++ h->max_contexts = FFMIN(h->max_contexts, nb_slices); + + if (!HAVE_THREADS || !(h->avctx->active_thread_type & FF_THREAD_SLICE)) { + ret = ff_h264_context_init(h); diff --git a/patches/CVE-2015-8662.patch b/patches/CVE-2015-8662.patch new file mode 100644 index 0000000..9eef1ed --- /dev/null +++ b/patches/CVE-2015-8662.patch @@ -0,0 +1,27 @@ +From: Michael Niedermayer +Date: Fri, 27 Nov 2015 19:52:39 +0000 (+0100) +Subject: avcodec/jpeg2000dwt: Check ndeclevels before calling dwt_decode*() +X-Git-Tag: n3.0~1388 +X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=75422280fbcdfbe9dc56bde5525b4d8b280f1bc5 + +avcodec/jpeg2000dwt: Check ndeclevels before calling dwt_decode*() + +Fixes out of array access +Fixes: 01859c9a9ac6cd60a008274123275574/asan_heap-oob_1dff571_8250_50d3d1611e294c3519fd1fa82198b69b.avi + +Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind +Signed-off-by: Michael Niedermayer +--- + +--- a/libavcodec/jpeg2000dwt.c ++++ b/libavcodec/jpeg2000dwt.c +@@ -334,6 +334,9 @@ + + int ff_dwt_decode(DWTContext *s, void *t) + { ++ if (s->ndeclevels == 0) ++ return 0; ++ + switch (s->type) { + case FF_DWT97: + dwt_decode97_float(s, t); diff --git a/patches/CVE-2015-8663.patch b/patches/CVE-2015-8663.patch new file mode 100644 index 0000000..13d49f0 --- /dev/null +++ b/patches/CVE-2015-8663.patch @@ -0,0 +1,106 @@ +From: Michael Niedermayer +Date: Sat, 28 Nov 2015 19:08:46 +0000 (+0100) +Subject: avcodec/utils: Clear dimensions in ff_get_buffer() on failure +X-Git-Tag: n3.0~1374 +X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=abee0a1c60612e8638640a8a3738fffb65e16dbf + +avcodec/utils: Clear dimensions in ff_get_buffer() on failure + +Fixes out of array access +Fixes: 482d8f2fd17c9f532b586458a33f267c/asan_heap-oob_4a52b6_7417_1d08d477736d66cdadd833d146bb8bae.mov + +Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind +Signed-off-by: Michael Niedermayer + +[sunweaver] - manually adapted for Debian jessie's libav version which lacks the get_internal_buffer() symbol. +--- + +### +### original patch from ffmpeg's Git repository: +### http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=abee0a1c60612e8638640a8a3738fffb65e16dbf +### +#diff --git a/libavcodec/utils.c b/libavcodec/utils.c +#index e018e445f4..d00dfae4ac 100644 +#--- a/libavcodec/utils.c +#+++ b/libavcodec/utils.c +#@@ -888,8 +888,10 @@ end: +# int ff_get_buffer(AVCodecContext *avctx, AVFrame *frame, int flags) +# { +# int ret = get_buffer_internal(avctx, frame, flags); +#- if (ret < 0) +#+ if (ret < 0) { +# av_log(avctx, AV_LOG_ERROR, "get_buffer() failed\n"); +#+ frame->width = frame->height = 0; +#+ } +# return ret; +# } +Index: libav-11.12-deb8u2/libavcodec/utils.c +=================================================================== +--- libav-11.12-deb8u2.orig/libavcodec/utils.c ++++ libav-11.12-deb8u2/libavcodec/utils.c +@@ -617,6 +617,10 @@ int ff_get_buffer(AVCodecContext *avctx, + + switch (avctx->codec_type) { + case AVMEDIA_TYPE_VIDEO: ++ if (av_image_check_size(avctx->width, avctx->height, 0, avctx) < 0) { ++ frame->width = frame->height = 0; ++ return AVERROR(EINVAL); ++ } + if (frame->width <= 0 || frame->height <= 0) { + frame->width = FFMAX(avctx->width, avctx->coded_width); + frame->height = FFMAX(avctx->height, avctx->coded_height); +@@ -634,9 +638,6 @@ int ff_get_buffer(AVCodecContext *avctx, + frame->sample_aspect_ratio.den); + frame->sample_aspect_ratio = (AVRational){ 0, 1 }; + } +- +- if ((ret = av_image_check_size(avctx->width, avctx->height, 0, avctx)) < 0) +- return ret; + break; + case AVMEDIA_TYPE_AUDIO: + if (!frame->sample_rate) +@@ -670,8 +671,11 @@ int ff_get_buffer(AVCodecContext *avctx, + } + + ret = ff_decode_frame_props(avctx, frame); +- if (ret < 0) ++ if (ret < 0) { ++ if (avctx->codec_type == AVMEDIA_TYPE_VIDEO) ++ frame->width = frame->height = 0; + return ret; ++ } + + if (hwaccel && hwaccel->alloc_frame) { + ret = hwaccel->alloc_frame(avctx, frame); +@@ -696,8 +700,11 @@ FF_DISABLE_DEPRECATION_WARNINGS + frame->reference = 1; + + ret = avctx->get_buffer(avctx, frame); +- if (ret < 0) ++ if (ret < 0) { ++ if (avctx->codec_type == AVMEDIA_TYPE_VIDEO) ++ frame->width = frame->height = 0; + return ret; ++ } + + /* return if the buffers are already set up + * this would happen e.g. when a custom get_buffer() calls +@@ -789,6 +796,8 @@ fail: + avctx->release_buffer(avctx, frame); + av_freep(&priv); + av_buffer_unref(&dummy_buf); ++ if (avctx->codec_type == AVMEDIA_TYPE_VIDEO) ++ frame->width = frame->height = 0; + return ret; + } + FF_ENABLE_DEPRECATION_WARNINGS +@@ -802,6 +811,9 @@ end: + frame->height = avctx->height; + } + ++ if ((ret < 0) && (avctx->codec_type == AVMEDIA_TYPE_VIDEO)) ++ frame->width = frame->height = 0; ++ + return ret; + } + diff --git a/patches/CVE-2016-10190-pre1-3668701f.patch b/patches/CVE-2016-10190-pre1-3668701f.patch new file mode 100644 index 0000000..7919214 --- /dev/null +++ b/patches/CVE-2016-10190-pre1-3668701f.patch @@ -0,0 +1,30 @@ +From 3668701f96005f4f7fc3145c800911e39351c132 Mon Sep 17 00:00:00 2001 +From: Michael Niedermayer +Date: Sun, 29 Mar 2015 00:33:35 +0100 +Subject: [PATCH] avformat/http: Return an error in case of prematurely ending + data + +Fixes Ticket 4039 + +Signed-off-by: Michael Niedermayer +--- + libavformat/http.c | 8 ++++++++ + 1 file changed, 8 insertions(+) + +--- a/libavformat/http.c ++++ b/libavformat/http.c +@@ -707,6 +707,14 @@ + s->filesize >= 0 && s->off >= s->filesize) + return AVERROR_EOF; + len = ffurl_read(s->hd, buf, size); ++ if (!len && (!s->willclose || s->chunksize < 0) && ++ s->filesize >= 0 && s->off < s->filesize) { ++ av_log(h, AV_LOG_ERROR, ++ "Streams ends prematurly at %"PRId64", should be %"PRId64"\n", ++ s->off, s->filesize ++ ); ++ return AVERROR(EIO); ++ } + } + if (len > 0) { + s->off += len; diff --git a/patches/CVE-2016-10190-pre2-362c17e6.patch b/patches/CVE-2016-10190-pre2-362c17e6.patch new file mode 100644 index 0000000..647afc7 --- /dev/null +++ b/patches/CVE-2016-10190-pre2-362c17e6.patch @@ -0,0 +1,31 @@ +From 362c17e6563808ef48655e5ddf59a35b6497b8b2 Mon Sep 17 00:00:00 2001 +From: Rodger Combs +Date: Sun, 18 Oct 2015 17:50:21 -0500 +Subject: [PATCH] lavf/http: fix incorrect warning in range requests + +--- + libavformat/http.c | 7 ++++--- + 1 file changed, 4 insertions(+), 3 deletions(-) + +--- a/libavformat/http.c ++++ b/libavformat/http.c +@@ -703,15 +703,16 @@ + memcpy(buf, s->buf_ptr, len); + s->buf_ptr += len; + } else { ++ int64_t target_end = s->end_off ? s->end_off : s->filesize; + if ((!s->willclose || s->chunksize < 0) && +- s->filesize >= 0 && s->off >= s->filesize) ++ target_end >= 0 && s->off >= target_end) + return AVERROR_EOF; + len = ffurl_read(s->hd, buf, size); + if (!len && (!s->willclose || s->chunksize < 0) && +- s->filesize >= 0 && s->off < s->filesize) { ++ target_end >= 0 && s->off < target_end) { + av_log(h, AV_LOG_ERROR, + "Streams ends prematurly at %"PRId64", should be %"PRId64"\n", +- s->off, s->filesize ++ s->off, target_end + ); + return AVERROR(EIO); + } diff --git a/patches/CVE-2016-10190-pre3-strtoull.patch b/patches/CVE-2016-10190-pre3-strtoull.patch new file mode 100644 index 0000000..e5f8fe2 --- /dev/null +++ b/patches/CVE-2016-10190-pre3-strtoull.patch @@ -0,0 +1,20 @@ +--- a/configure ++++ b/configure +@@ -2942,7 +2942,7 @@ + _ld_lib='lib%.a' + _ld_path='-libpath:' + _flags='-nologo' +- _cflags='-D_USE_MATH_DEFINES -D_CRT_SECURE_NO_WARNINGS -Dinline=__inline -FIstdlib.h -Dstrtoll=_strtoi64' ++ _cflags='-D_USE_MATH_DEFINES -D_CRT_SECURE_NO_WARNINGS -Dinline=__inline -FIstdlib.h -Dstrtoll=_strtoi64 -Dstrtoull=_strtoui64' + elif $_cc 2>&1 | grep -q Intel; then + _type=icl + _ident=$($cc 2>&1 | head -n1) +@@ -2965,7 +2965,7 @@ + _flags='-nologo -Qdiag-error:4044,10157' + # -Qvec- -Qsimd- to prevent miscompilation, -GS for consistency + # with MSVC which enables it by default. +- _cflags='-D_USE_MATH_DEFINES -FIstdlib.h -Dstrtoll=_strtoi64 -Qms0 -Qvec- -Qsimd- -GS' ++ _cflags='-D_USE_MATH_DEFINES -FIstdlib.h -Dstrtoll=_strtoi64 -Dstrtoull=_strtoui64 -Qms0 -Qvec- -Qsimd- -GS' + elif $_cc --version 2>/dev/null | grep -q ^cparser; then + _type=cparser + _ident=$($_cc --version | head -n1) diff --git a/patches/CVE-2016-10190.patch b/patches/CVE-2016-10190.patch new file mode 100644 index 0000000..c6a2000 --- /dev/null +++ b/patches/CVE-2016-10190.patch @@ -0,0 +1,231 @@ +From 2a05c8f813de6f2278827734bf8102291e7484aa Mon Sep 17 00:00:00 2001 +From: "Ronald S. Bultje" +Date: Mon, 5 Dec 2016 08:02:33 -0500 +Subject: [PATCH] http: make length/offset-related variables unsigned. + +Fixes #5992, reported and found by Paul Cher . +--- + libavformat/http.c | 70 +++++++++++++++++++++++++--------------------- + 1 file changed, 38 insertions(+), 32 deletions(-) + +--- a/libavformat/http.c ++++ b/libavformat/http.c +@@ -52,8 +52,8 @@ + int line_count; + int http_code; + /* Used if "Transfer-Encoding: chunked" otherwise -1. */ +- int64_t chunksize; +- int64_t off, end_off, filesize; ++ uint64_t chunksize; ++ uint64_t off, end_off, filesize; + char *location; + HTTPAuthState auth_state; + HTTPAuthState proxy_auth_state; +@@ -75,9 +75,9 @@ + int post_datalen; + int icy; + /* how much data was read since the last ICY metadata packet */ +- int icy_data_read; ++ uint64_t icy_data_read; + /* after how many bytes of read data a new metadata packet will be found */ +- int icy_metaint; ++ uint64_t icy_metaint; + char *icy_metadata_headers; + char *icy_metadata_packet; + AVDictionary *metadata; +@@ -278,7 +278,7 @@ + + h->is_streamed = 1; + +- s->filesize = -1; ++ s->filesize = UINT64_MAX; + s->location = av_strdup(uri); + if (!s->location) + return AVERROR(ENOMEM); +@@ -375,9 +375,9 @@ + + if (!strncmp(p, "bytes ", 6)) { + p += 6; +- s->off = strtoll(p, NULL, 10); ++ s->off = strtoull(p, NULL, 10); + if ((slash = strchr(p, '/')) && strlen(slash) > 0) +- s->filesize = strtoll(slash + 1, NULL, 10); ++ s->filesize = strtoull(slash + 1, NULL, 10); + } + h->is_streamed = 0; /* we _can_ in fact seek */ + } +@@ -479,8 +479,9 @@ + if ((ret = parse_location(s, p)) < 0) + return ret; + *new_location = 1; +- } else if (!av_strcasecmp(tag, "Content-Length") && s->filesize == -1) { +- s->filesize = strtoll(p, NULL, 10); ++ } else if (!av_strcasecmp(tag, "Content-Length") && ++ s->filesize == UINT64_MAX) { ++ s->filesize = strtoull(p, NULL, 10); + } else if (!av_strcasecmp(tag, "Content-Range")) { + parse_content_range(h, p); + } else if (!av_strcasecmp(tag, "Accept-Ranges") && +@@ -488,7 +489,7 @@ + h->is_streamed = 0; + } else if (!av_strcasecmp(tag, "Transfer-Encoding") && + !av_strncasecmp(p, "chunked", 7)) { +- s->filesize = -1; ++ s->filesize = UINT64_MAX; + s->chunksize = 0; + } else if (!av_strcasecmp(tag, "WWW-Authenticate")) { + ff_http_auth_handle_header(&s->auth_state, tag, p); +@@ -503,7 +504,7 @@ + av_free(s->mime_type); + s->mime_type = av_strdup(p); + } else if (!av_strcasecmp(tag, "Icy-MetaInt")) { +- s->icy_metaint = strtoll(p, NULL, 10); ++ s->icy_metaint = strtoull(p, NULL, 10); + } else if (!av_strncasecmp(tag, "Icy-", 4)) { + if ((ret = parse_icy(s, tag, p)) < 0) + return ret; +@@ -529,7 +530,7 @@ + char line[MAX_URL_SIZE]; + int err = 0; + +- s->chunksize = -1; ++ s->chunksize = UINT64_MAX; + + for (;;) { + if ((err = http_get_line(s, line, sizeof(line))) < 0) +@@ -556,7 +557,7 @@ + int post, err; + char headers[HTTP_HEADERS_SIZE] = ""; + char *authstr = NULL, *proxyauthstr = NULL; +- int64_t off = s->off; ++ uint64_t off = s->off; + int len = 0; + const char *method; + int send_expect_100 = 0; +@@ -604,7 +605,7 @@ + // server supports seeking by analysing the reply headers. + if (!has_header(s->headers, "\r\nRange: ") && !post) { + len += av_strlcatf(headers + len, sizeof(headers) - len, +- "Range: bytes=%"PRId64"-", s->off); ++ "Range: bytes=%"PRIu64"-", s->off); + if (s->end_off) + len += av_strlcatf(headers + len, sizeof(headers) - len, + "%"PRId64, s->end_off - 1); +@@ -671,7 +672,7 @@ + s->line_count = 0; + s->off = 0; + s->icy_data_read = 0; +- s->filesize = -1; ++ s->filesize = UINT64_MAX; + s->willclose = 0; + s->end_chunked_post = 0; + s->end_header = 0; +@@ -688,7 +689,7 @@ + if (err < 0) + return err; + +- return (off == s->off) ? 0 : -1; ++ return (off == s->off) ? 0 : UINT64_MAX; + } + + static int http_buf_read(URLContext *h, uint8_t *buf, int size) +@@ -703,15 +704,13 @@ + memcpy(buf, s->buf_ptr, len); + s->buf_ptr += len; + } else { +- int64_t target_end = s->end_off ? s->end_off : s->filesize; +- if ((!s->willclose || s->chunksize < 0) && +- target_end >= 0 && s->off >= target_end) ++ uint64_t target_end = s->end_off ? s->end_off : s->filesize; ++ if ((!s->willclose || s->chunksize == UINT64_MAX) && s->off >= target_end) + return AVERROR_EOF; + len = ffurl_read(s->hd, buf, size); +- if (!len && (!s->willclose || s->chunksize < 0) && +- target_end >= 0 && s->off < target_end) { ++ if (!len && (!s->willclose || s->chunksize == UINT64_MAX) && s->off < target_end) { + av_log(h, AV_LOG_ERROR, +- "Streams ends prematurly at %"PRId64", should be %"PRId64"\n", ++ "Streams ends prematurly at %"PRIu64", should be %"PRIu64"\n", + s->off, target_end + ); + return AVERROR(EIO); +@@ -772,7 +771,7 @@ + return err; + } + +- if (s->chunksize >= 0) { ++ if (s->chunksize != UINT64_MAX) { + if (!s->chunksize) { + char line[32]; + +@@ -782,19 +781,23 @@ + return err; + } while (!*line); /* skip CR LF from last chunk */ + +- s->chunksize = strtoll(line, NULL, 16); ++ s->chunksize = strtoull(line, NULL, 16); + +- av_dlog(NULL, "Chunked encoding data size: %"PRId64"'\n", ++ av_log(h, AV_LOG_DEBUG, ++ "Chunked encoding data size: %"PRIu64"'\n", + s->chunksize); +- if (s->chunksize < 0) +- return AVERROR_INVALIDDATA; +- else if (!s->chunksize) ++ if (!s->chunksize) + return 0; +- break; ++ else if (s->chunksize == UINT64_MAX) { ++ av_log(h, AV_LOG_ERROR, "Invalid chunk size %"PRIu64"\n", ++ s->chunksize); ++ return AVERROR_INVALIDDATA; ++ } + } + } + size = FFMIN(size, s->chunksize); + } ++ + #if CONFIG_ZLIB + if (s->compressed) + return http_buf_read_compressed(h, buf, size); +@@ -844,10 +847,11 @@ + { + HTTPContext *s = h->priv_data; + /* until next metadata packet */ +- int remaining = s->icy_metaint - s->icy_data_read; ++ uint64_t remaining; + +- if (remaining < 0) ++ if (s->icy_metaint < s->icy_data_read) + return AVERROR_INVALIDDATA; ++ remaining = s->icy_metaint - s->icy_data_read; + + if (!remaining) { + /* The metadata packet is variable sized. It has a 1 byte header +@@ -960,7 +964,7 @@ + { + HTTPContext *s = h->priv_data; + URLContext *old_hd = s->hd; +- int64_t old_off = s->off; ++ uint64_t old_off = s->off; + uint8_t old_buf[BUFFER_SIZE]; + int old_buf_size, ret; + AVDictionary *options = NULL; +@@ -970,7 +974,7 @@ + else if ((whence == SEEK_CUR && off == 0) || + (whence == SEEK_SET && off == s->off)) + return s->off; +- else if ((s->filesize == -1 && whence == SEEK_END) || h->is_streamed) ++ else if ((s->filesize == UINT64_MAX && whence == SEEK_END) || h->is_streamed) + return AVERROR(ENOSYS); + + /* we save the old context in case the seek fails */ +@@ -1105,7 +1109,7 @@ + s->buf_ptr = s->buffer; + s->buf_end = s->buffer; + s->line_count = 0; +- s->filesize = -1; ++ s->filesize = UINT64_MAX; + cur_auth_type = s->proxy_auth_state.auth_type; + + /* Note: This uses buffering, potentially reading more than the diff --git a/patches/CVE-2016-10191.patch b/patches/CVE-2016-10191.patch new file mode 100644 index 0000000..e26bb98 --- /dev/null +++ b/patches/CVE-2016-10191.patch @@ -0,0 +1,34 @@ +From 7d57ca4d9a75562fa32e40766211de150f8b3ee7 Mon Sep 17 00:00:00 2001 +From: Michael Niedermayer +Date: Mon, 5 Dec 2016 11:14:51 +0100 +Subject: [PATCH] avformat/rtmppkt: Check for packet size mismatches + +Fixes out of array access + +Found-by: Paul Cher +Reviewed-by: Paul Cher +Signed-off-by: Michael Niedermayer +--- + libavformat/rtmppkt.c | 8 ++++++++ + 1 file changed, 8 insertions(+) + +diff --git a/libavformat/rtmppkt.c b/libavformat/rtmppkt.c +index 0d693c27f7f..cde0da78ce1 100644 +--- a/libavformat/rtmppkt.c ++++ b/libavformat/rtmppkt.c +@@ -235,6 +235,14 @@ static int rtmp_packet_read_one_chunk(URLContext *h, RTMPPacket *p, + if (hdr != RTMP_PS_TWELVEBYTES) + timestamp += prev_pkt[channel_id].timestamp; + ++ if (prev_pkt[channel_id].read && size != prev_pkt[channel_id].size) { ++ av_log(NULL, AV_LOG_ERROR, "RTMP packet size mismatch %d != %d\n", ++ size, ++ prev_pkt[channel_id].size); ++ ff_rtmp_packet_destroy(&prev_pkt[channel_id]); ++ prev_pkt[channel_id].read = 0; ++ } ++ + if (!prev_pkt[channel_id].read) { + if ((ret = ff_rtmp_packet_create(p, channel_id, type, timestamp, + size)) < 0) + diff --git a/patches/CVE-2017-10001.patch b/patches/CVE-2017-10001.patch new file mode 100644 index 0000000..53207fb --- /dev/null +++ b/patches/CVE-2017-10001.patch @@ -0,0 +1,65 @@ +From: Michael Niedermayer +Date: Sat, 31 Mar 2018 01:10:43 +0000 (+0200) +Subject: avcodec/utvideodec: Set pro flag based on fourcc +X-Git-Tag: n4.0~194 +X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=47b7c68ae54560e2308bdb6be4fb076c73b93081 + +avcodec/utvideodec: Set pro flag based on fourcc + +This avoids mixing 8bit variants with pro and 10bit with non pro mode. +Fixes: out of array read +Fixes: poc_03_30.avi + +Found-by: GwanYeong Kim +Reviewed-by: Paul B Mahol +Signed-off-by: Michael Niedermayer +--- + +diff --git a/libavcodec/utvideodec.c b/libavcodec/utvideodec.c +index 086129d094..82cb038ccd 100644 +--- a/libavcodec/utvideodec.c ++++ b/libavcodec/utvideodec.c +@@ -949,14 +949,17 @@ static av_cold int decode_init(AVCodecContext *avctx) + break; + case MKTAG('U', 'Q', 'Y', '2'): + c->planes = 3; ++ c->pro = 1; + avctx->pix_fmt = AV_PIX_FMT_YUV422P10; + break; + case MKTAG('U', 'Q', 'R', 'G'): + c->planes = 3; ++ c->pro = 1; + avctx->pix_fmt = AV_PIX_FMT_GBRP10; + break; + case MKTAG('U', 'Q', 'R', 'A'): + c->planes = 4; ++ c->pro = 1; + avctx->pix_fmt = AV_PIX_FMT_GBRAP10; + break; + case MKTAG('U', 'L', 'H', '0'): +@@ -1031,7 +1034,7 @@ static av_cold int decode_init(AVCodecContext *avctx) + if (c->compression != 2) + avpriv_request_sample(avctx, "Unknown compression type"); + c->slices = avctx->extradata[9] + 1; +- } else if (avctx->extradata_size >= 16) { ++ } else if (!c->pro && avctx->extradata_size >= 16) { + av_log(avctx, AV_LOG_DEBUG, "Encoder version %d.%d.%d.%d\n", + avctx->extradata[3], avctx->extradata[2], + avctx->extradata[1], avctx->extradata[0]); +@@ -1046,14 +1049,13 @@ static av_cold int decode_init(AVCodecContext *avctx) + c->slices = (c->flags >> 24) + 1; + c->compression = c->flags & 1; + c->interlaced = c->flags & 0x800; +- } else if (avctx->extradata_size == 8) { ++ } else if (c->pro && avctx->extradata_size == 8) { + av_log(avctx, AV_LOG_DEBUG, "Encoder version %d.%d.%d.%d\n", + avctx->extradata[3], avctx->extradata[2], + avctx->extradata[1], avctx->extradata[0]); + av_log(avctx, AV_LOG_DEBUG, "Original format %"PRIX32"\n", + AV_RB32(avctx->extradata + 4)); + c->interlaced = 0; +- c->pro = 1; + c->frame_info_size = 4; + } else { + av_log(avctx, AV_LOG_ERROR, + diff --git a/patches/CVE-2017-1000460.patch b/patches/CVE-2017-1000460.patch new file mode 100644 index 0000000..730e137 --- /dev/null +++ b/patches/CVE-2017-1000460.patch @@ -0,0 +1,40 @@ +From 76f7e70aa04fc5dbef5242b11cbf8fe4499f61d4 Mon Sep 17 00:00:00 2001 +From: Anton Khirnov +Date: Wed, 20 Jul 2016 08:31:38 +0200 +Subject: [PATCH] h264dec: handle zero-sized NAL units in get_last_needed_nal() + +The current code will ignore the init_get_bits() failure and do an +invalid read from the uninitialized GetBitContext. + +Found-By: Jan Ruge +Bug-Id: 952 +--- + libavcodec/h264.c | 11 +++++++++-- + 1 file changed, 9 insertions(+), 2 deletions(-) + +--- a/libavcodec/h264.c ++++ b/libavcodec/h264.c +@@ -1364,6 +1364,7 @@ + int nal_index = 0; + int buf_index = 0; + int nals_needed = 0; ++ int ret = 0; + + while(1) { + int nalsize = 0; +@@ -1405,7 +1406,14 @@ + case NAL_DPA: + case NAL_IDR_SLICE: + case NAL_SLICE: +- init_get_bits(&h->gb, ptr, bit_length); ++ ret = init_get_bits8(&h->gb, ptr, bit_length); ++ if (ret < 0) { ++ av_log(h->avctx, AV_LOG_ERROR, "Invalid zero-sized VCL NAL unit\n"); ++ if (h->avctx->err_recognition & AV_EF_EXPLODE) ++ return ret; ++ ++ break; ++ } + if (!get_ue_golomb(&h->gb)) + nals_needed = nal_index; + } diff --git a/patches/CVE-2017-14055.patch b/patches/CVE-2017-14055.patch new file mode 100644 index 0000000..d1ddb98 --- /dev/null +++ b/patches/CVE-2017-14055.patch @@ -0,0 +1,22 @@ +From: Markus Koschany +Date: Sun, 30 Dec 2018 14:27:49 +0100 +Subject: CVE-2017-14055 + +Origin: https://github.com/FFmpeg/FFmpeg/commit/4f05e2e2dc1a89f38cd9f0960a6561083d714f1e +--- + libavformat/mvdec.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/libavformat/mvdec.c b/libavformat/mvdec.c +index e21ec06..4c62993 100644 +--- a/libavformat/mvdec.c ++++ b/libavformat/mvdec.c +@@ -327,6 +327,8 @@ static int mv_read_header(AVFormatContext *avctx) + uint32_t pos = avio_rb32(pb); + uint32_t asize = avio_rb32(pb); + uint32_t vsize = avio_rb32(pb); ++ if (avio_feof(pb)) ++ return AVERROR_INVALIDDATA; + avio_skip(pb, 8); + av_add_index_entry(ast, pos, timestamp, asize, 0, AVINDEX_KEYFRAME); + av_add_index_entry(vst, pos + asize, i, vsize, 0, AVINDEX_KEYFRAME); diff --git a/patches/CVE-2017-14056.patch b/patches/CVE-2017-14056.patch new file mode 100644 index 0000000..81a8201 --- /dev/null +++ b/patches/CVE-2017-14056.patch @@ -0,0 +1,38 @@ +From: Markus Koschany +Date: Sun, 30 Dec 2018 14:25:04 +0100 +Subject: CVE-2017-14056 + +Origin: https://github.com/FFmpeg/FFmpeg/commit/96f24d1bee7fe7bac08e2b7c74db1a046c9dc0de +--- + libavformat/rl2.c | 15 ++++++++++++--- + 1 file changed, 12 insertions(+), 3 deletions(-) + +diff --git a/libavformat/rl2.c b/libavformat/rl2.c +index 5d30bf8..48c1ea6 100644 +--- a/libavformat/rl2.c ++++ b/libavformat/rl2.c +@@ -175,12 +175,21 @@ static av_cold int rl2_read_header(AVFormatContext *s) + } + + /** read offset and size tables */ +- for(i=0; i < frame_count;i++) ++ for(i=0; i < frame_count;i++) { ++ if (avio_feof(pb)) ++ return AVERROR_INVALIDDATA; + chunk_size[i] = avio_rl32(pb); +- for(i=0; i < frame_count;i++) ++ } ++ for(i=0; i < frame_count;i++) { ++ if (avio_feof(pb)) ++ return AVERROR_INVALIDDATA; + chunk_offset[i] = avio_rl32(pb); +- for(i=0; i < frame_count;i++) ++ } ++ for(i=0; i < frame_count;i++) { ++ if (avio_feof(pb)) ++ return AVERROR_INVALIDDATA; + audio_size[i] = avio_rl32(pb) & 0xFFFF; ++ } + + /** build the sample index */ + for(i=0;i +Date: Mon, 31 Jan 2018 14:48:32 +0100 +Subject: CVE-2017-14057 + +Origin: https://github.com/FFmpeg/FFmpeg/commit/7f9ec5593e04827249e7aeb466da06a98a0d7329 +--- + libavformat/asfdec.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/libavformat/asfdec.c b/libavformat/asfdec.c +index 85e800d..1ec36aa 100644 +--- a/libavformat/asfdec.c ++++ b/libavformat/asfdec.c +@@ -683,13 +683,15 @@ static int asf_read_marker(AVFormatContext *s, int64_t size) + count = avio_rl32(pb); // markers count + avio_rl16(pb); // reserved 2 bytes + name_len = avio_rl16(pb); // name length +- for (i = 0; i < name_len; i++) +- avio_r8(pb); // skip the name ++ avio_skip(pb, name_len); + + for (i = 0; i < count; i++) { + int64_t pres_time; + int name_len; + ++ if (avio_feof(pb)) ++ return AVERROR_INVALIDDATA; ++ + avio_rl64(pb); // offset, 8 bytes + pres_time = avio_rl64(pb); // presentation time + pres_time -= asf->hdr.preroll * 10000; diff --git a/patches/CVE-2017-14058.patch b/patches/CVE-2017-14058.patch new file mode 100644 index 0000000..3960eb2 --- /dev/null +++ b/patches/CVE-2017-14058.patch @@ -0,0 +1,69 @@ +From 7ec414892ddcad88313848494b6fc5f437c9ca4a Mon Sep 17 00:00:00 2001 +From: Michael Niedermayer +Date: Sat, 26 Aug 2017 01:26:58 +0200 +Subject: [PATCH] avformat/hls: Fix DoS due to infinite loop + +Fixes: loop.m3u + +The default max iteration count of 1000 is arbitrary and ideas for a better solution are welcome + +Found-by: Xiaohei and Wangchu from Alibaba Security Team + +Previous version reviewed-by: Steven Liu +Signed-off-by: Michael Niedermayer + +[sunweaver] Rebased against a libavformat/hls.c version that did not yet have AVOption support. + Initializing HLS_Context.max_reload statically with the value 1000. + +--- + doc/demuxers.texi | 18 ++++++++++++++++++ + libavformat/hls.c | 7 +++++++ + 2 files changed, 25 insertions(+) + +#--- a/doc/demuxers.texi +#+++ b/doc/demuxers.texi +#@@ -18,6 +18,24 @@ +# +# The description of some of the currently available demuxers follows. +# +#+@section hls +#+ +#+HLS demuxer +#+ +#+It accepts the following options: +#+ +#+@table @option +#+@item live_start_index +#+segment index to start live streams at (negative values are from the end). +#+ +#+@item allowed_extensions +#+',' separated list of file extensions that hls is allowed to access. +#+ +#+@item max_reload +#+Maximum number of times a insufficient list is attempted to be reloaded. +#+Default value is 1000. +#+@end table +#+ +# @section image2 +# +# Image file demuxer. +--- a/libavformat/hls.c ++++ b/libavformat/hls.c +@@ -381,6 +381,7 @@ + struct variant *v = opaque; + HLSContext *c = v->parent->priv_data; + int ret, i; ++ int reload_count = 0; + + restart: + if (!v->input) { +@@ -391,6 +392,9 @@ + v->target_duration; + + reload: ++ reload_count++; ++ if (reload_count > 1000) ++ return AVERROR_EOF; + if (!v->finished && + av_gettime() - v->last_load_time >= reload_interval) { + if ((ret = parse_playlist(c, v->url, v, NULL)) < 0) diff --git a/patches/CVE-2017-14169.patch b/patches/CVE-2017-14169.patch new file mode 100644 index 0000000..286a746 --- /dev/null +++ b/patches/CVE-2017-14169.patch @@ -0,0 +1,36 @@ +From 9d00fb9d70ee8c0cc7002b89318c5be00f1bbdad Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?=E5=AD=99=E6=B5=A9=28=E6=99=93=E9=BB=91=29?= + +Date: Tue, 29 Aug 2017 23:59:21 +0200 +Subject: [PATCH] avformat/mxfdec: Fix Sign error in mxf_read_primer_pack() +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Fixes: 20170829B.mxf + +Co-Author: 张洪亮(望初)" +Found-by: Xiaohei and Wangchu from Alibaba Security Team +Signed-off-by: Michael Niedermayer +--- + libavformat/mxfdec.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/libavformat/mxfdec.c ++++ b/libavformat/mxfdec.c +@@ -407,12 +407,13 @@ + avpriv_request_sample(pb, "Primer pack item length %d", item_len); + return AVERROR_PATCHWELCOME; + } +- if (item_num > UINT_MAX / item_len) ++ if (item_num > 65536 || item_num < 0) ++ av_log(mxf->fc, AV_LOG_ERROR, "item_num %d is too large\n", item_num); + return AVERROR_INVALIDDATA; +- mxf->local_tags_count = item_num; + mxf->local_tags = av_malloc(item_num*item_len); + if (!mxf->local_tags) + return AVERROR(ENOMEM); ++ mxf->local_tags_count = item_num; + avio_read(pb, mxf->local_tags, item_num*item_len); + return 0; + } diff --git a/patches/CVE-2017-14170.patch b/patches/CVE-2017-14170.patch new file mode 100644 index 0000000..14864ec --- /dev/null +++ b/patches/CVE-2017-14170.patch @@ -0,0 +1,31 @@ +From: Markus Koschany +Date: Sun, 30 Dec 2018 20:53:42 +0100 +Subject: CVE-2017-14170 + +Origin: https://github.com/FFmpeg/FFmpeg/commit/900f39692ca0337a98a7cf047e4e2611071810c2 +--- + libavformat/mxfdec.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/libavformat/mxfdec.c b/libavformat/mxfdec.c +index 9aedd47..5392ed9 100644 +--- a/libavformat/mxfdec.c ++++ b/libavformat/mxfdec.c +@@ -743,6 +743,8 @@ static int mxf_read_index_entry_array(AVIOContext *pb, MXFIndexTableSegment *seg + return AVERROR(ENOMEM); + + length = avio_rb32(pb); ++ if(segment->nb_index_entries && length < 11) ++ return AVERROR_INVALIDDATA; + + segment->temporal_offset_entries = av_mallocz(segment->nb_index_entries * + sizeof(*segment->temporal_offset_entries)); +@@ -760,6 +762,8 @@ static int mxf_read_index_entry_array(AVIOContext *pb, MXFIndexTableSegment *seg + } + + for (i = 0; i < segment->nb_index_entries; i++) { ++ if(avio_feof(pb)) ++ return AVERROR_INVALIDDATA; + segment->temporal_offset_entries[i] = avio_r8(pb); + avio_r8(pb); /* KeyFrameOffset */ + segment->flag_entries[i] = avio_r8(pb); diff --git a/patches/CVE-2017-14171.patch b/patches/CVE-2017-14171.patch new file mode 100644 index 0000000..b6883ae --- /dev/null +++ b/patches/CVE-2017-14171.patch @@ -0,0 +1,26 @@ +From: Markus Koschany +Date: Sun, 30 Dec 2018 20:51:01 +0100 +Subject: CVE-2017-14171 + +Origin: https://github.com/FFmpeg/FFmpeg/commit/c24bcb553650b91e9eff15ef6e54ca73de2453b7 +--- + libavformat/nsvdec.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/libavformat/nsvdec.c b/libavformat/nsvdec.c +index 670b867..25cc443 100644 +--- a/libavformat/nsvdec.c ++++ b/libavformat/nsvdec.c +@@ -351,8 +351,11 @@ static int nsv_parse_NSVf_header(AVFormatContext *s) + if (!nsv->nsvs_file_offset) + return AVERROR(ENOMEM); + +- for(i=0;insvs_file_offset[i] = avio_rl32(pb) + size; ++ } + + if(table_entries > table_entries_used && + avio_rl32(pb) == MKTAG('T','O','C','2')) { diff --git a/patches/CVE-2017-14223.patch b/patches/CVE-2017-14223.patch new file mode 100644 index 0000000..a3e72ad --- /dev/null +++ b/patches/CVE-2017-14223.patch @@ -0,0 +1,30 @@ +From afc9c683ed9db01edb357bc8c19edad4282b3a97 Mon Sep 17 00:00:00 2001 +From: Michael Niedermayer +Date: Tue, 5 Sep 2017 00:16:29 +0200 +Subject: [PATCH] avformat/asfdec: Fix DoS in asf_build_simple_index() + +Fixes: Missing EOF check in loop +No testcase + +Found-by: Xiaohei and Wangchu from Alibaba Security Team +Signed-off-by: Michael Niedermayer + +[sunweaver] - Backport to libav as found in Debian jessie LTS. +--- + libavformat/asfdec.c | 5 +++++ + 1 file changed, 5 insertions(+) + +--- a/libavformat/asfdec.c ++++ b/libavformat/asfdec.c +@@ -1442,6 +1442,11 @@ + int64_t pos = s->data_offset + s->packet_size * (int64_t)pktnum; + int64_t index_pts = FFMAX(av_rescale(itime, i, 10000) - asf->hdr.preroll, 0); + ++ if (avio_feof(s->pb)) { ++ ret = AVERROR_INVALIDDATA; ++ goto end; ++ } ++ + if (pos != last_pos) { + av_log(s, AV_LOG_DEBUG, "pktnum:%d, pktct:%d pts: %"PRId64"\n", + pktnum, pktct, index_pts); diff --git a/patches/CVE-2017-14767.patch b/patches/CVE-2017-14767.patch new file mode 100644 index 0000000..50fb744 --- /dev/null +++ b/patches/CVE-2017-14767.patch @@ -0,0 +1,25 @@ +From: Markus Koschany +Date: Sun, 30 Dec 2018 17:39:40 +0100 +Subject: CVE-2017-14767 + +Origin: https://github.com/FFmpeg/FFmpeg/commit/c42a1388a6d1bfd8001bf6a4241d8ca27e49326d +--- + libavformat/rtpdec_h264.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/libavformat/rtpdec_h264.c b/libavformat/rtpdec_h264.c +index abf1f39..72f645f 100644 +--- a/libavformat/rtpdec_h264.c ++++ b/libavformat/rtpdec_h264.c +@@ -116,6 +116,11 @@ static int sdp_parse_fmtp_config_h264(AVFormatContext *s, + codec->extradata_size = 0; + av_freep(&codec->extradata); + ++ if (*value == 0 || value[strlen(value) - 1] == ',') { ++ av_log(s, AV_LOG_WARNING, "Missing PPS in sprop-parameter-sets, ignoring\n"); ++ return 0; ++ } ++ + while (*value) { + char base64packet[1024]; + uint8_t decoded_packet[1024]; diff --git a/patches/CVE-2017-15672.patch b/patches/CVE-2017-15672.patch new file mode 100644 index 0000000..b5390c4 --- /dev/null +++ b/patches/CVE-2017-15672.patch @@ -0,0 +1,22 @@ +From: Markus Koschany +Date: Sun, 30 Dec 2018 17:29:28 +0100 +Subject: CVE-2017-15672 + +Origin: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=c20f4fcb74da2d0432c7b54499bb98f48236b904 +--- + libavcodec/ffv1dec.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/libavcodec/ffv1dec.c b/libavcodec/ffv1dec.c +index 50b220f..84a4b1b 100644 +--- a/libavcodec/ffv1dec.c ++++ b/libavcodec/ffv1dec.c +@@ -730,7 +730,7 @@ static int read_header(FFV1Context *f) + } else { + const uint8_t *p = c->bytestream_end; + for (f->slice_count = 0; +- f->slice_count < MAX_SLICES && 3 < p - c->bytestream_start; ++ f->slice_count < MAX_SLICES && 3 + 5*!!f->ec < p - c->bytestream_start; + f->slice_count++) { + int trailer = 3 + 5 * !!f->ec; + int size = AV_RB24(p - trailer); diff --git a/patches/CVE-2017-17127.patch b/patches/CVE-2017-17127.patch new file mode 100644 index 0000000..ffe406a --- /dev/null +++ b/patches/CVE-2017-17127.patch @@ -0,0 +1,33 @@ +Origin: https://git.ffmpeg.org/gitweb/ffmpeg.git/commitdiff/ccce723c6d0ea1ea89ea6c47160a07d37cdeeba2 +Author: Michael Niedermayer +Reviewed-by: Sylvain Beucler +Last-Update: 2019-12-04 + +commit ccce723c6d0ea1ea89ea6c47160a07d37cdeeba2 +Author: Michael Niedermayer +Date: Wed Nov 14 17:34:37 2012 +0100 + + vc1dec: check first field slices, fix out of array read. + + Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind + Signed-off-by: Michael Niedermayer + +Index: libav-11.12/libavcodec/vc1dec.c +=================================================================== +--- libav-11.12.orig/libavcodec/vc1dec.c ++++ libav-11.12/libavcodec/vc1dec.c +@@ -6072,8 +6072,13 @@ static int vc1_decode_frame(AVCodecConte + s->start_mb_y = (i == 0) ? 0 : FFMAX(0, slices[i-1].mby_start % mb_height); + if (!v->field_mode || v->second_field) + s->end_mb_y = (i == n_slices ) ? mb_height : FFMIN(mb_height, slices[i].mby_start % mb_height); +- else ++ else { ++ if (i >= n_slices) { ++ av_log(v->s.avctx, AV_LOG_ERROR, "first field slice count too large\n"); ++ continue; ++ } + s->end_mb_y = (i <= n_slices1 + 1) ? mb_height : FFMIN(mb_height, slices[i].mby_start % mb_height); ++ } + + if (s->end_mb_y <= s->start_mb_y) { + av_log(v->s.avctx, AV_LOG_ERROR, "Invalid slice size\n"); diff --git a/patches/CVE-2017-17130.patch b/patches/CVE-2017-17130.patch new file mode 100644 index 0000000..8477fac --- /dev/null +++ b/patches/CVE-2017-17130.patch @@ -0,0 +1,28 @@ +From: Markus Koschany +Date: Sun, 30 Dec 2018 17:14:54 +0100 +Subject: CVE-2017-17130 + +Origin: https://github.com/libav/libav/commit/49cf72b3ac77140cf4715c18fe7c7610d918d912 +--- + libavcodec/vc1dec.c | 4 ++-- + 1 files changed, 2 insertions(+), 2 deletions(-) +--- a/libavcodec/vc1dec.c ++++ b/libavcodec/vc1dec.c +@@ -5844,7 +5844,7 @@ static int vc1_decode_frame(AVCodecContext *avctx, void *data, + buf_size3 << 3); + /* assuming that the field marker is at the exact middle, + hope it's correct */ +- slices[n_slices].mby_start = s->mb_height >> 1; ++ slices[n_slices].mby_start = s->mb_height + 1 >> 1; + n_slices1 = n_slices - 1; // index of the last slice of the first field + n_slices++; + break; +@@ -5892,7 +5892,7 @@ static int vc1_decode_frame(AVCodecContext *avctx, void *data, + buf_size3 = vc1_unescape_buffer(divider + 4, buf + buf_size - divider - 4, slices[n_slices].buf); + init_get_bits(&slices[n_slices].gb, slices[n_slices].buf, + buf_size3 << 3); +- slices[n_slices].mby_start = s->mb_height >> 1; ++ slices[n_slices].mby_start = s->mb_height + 1 >> 1; + n_slices1 = n_slices - 1; + n_slices++; + } diff --git a/patches/CVE-2017-18245.patch b/patches/CVE-2017-18245.patch new file mode 100644 index 0000000..b0398cb --- /dev/null +++ b/patches/CVE-2017-18245.patch @@ -0,0 +1,29 @@ +Origin: https://git.ffmpeg.org/gitweb/ffmpeg.git/commitdiff/b737a2c52857b214be246ff615c6293730033cfa +Author: wm4 +Reviewed-by: Sylvain Beucler +Last-Update: 2019-12-05 + +commit b737a2c52857b214be246ff615c6293730033cfa +Author: wm4 +Date: Tue Feb 3 19:04:11 2015 +0100 + + avformat/mpc8: fix broken pointer math + + This could overflow and crash at least on 32 bit systems. + + Reviewed-by: Reimar Döffinger + Signed-off-by: Michael Niedermayer + +diff --git a/libavformat/mpc8.c b/libavformat/mpc8.c +index 722d0ee05f..6524c7e489 100644 +--- a/libavformat/mpc8.c ++++ b/libavformat/mpc8.c +@@ -91,7 +91,7 @@ static int mpc8_probe(AVProbeData *p) + size = bs_get_v(&bs); + if (size < 2) + return 0; +- if (bs + size - 2 >= bs_end) ++ if (size >= bs_end - bs + 2) + return AVPROBE_SCORE_EXTENSION - 1; // seems to be valid MPC but no header yet + if (header_found) { + if (size < 11 || size > 28) diff --git a/patches/CVE-2017-7863.patch b/patches/CVE-2017-7863.patch new file mode 100644 index 0000000..0623e6a --- /dev/null +++ b/patches/CVE-2017-7863.patch @@ -0,0 +1,36 @@ +From e477f09d0b3619f3d29173b2cd593e17e2d1978e Mon Sep 17 00:00:00 2001 +From: Michael Niedermayer +Date: Sat, 4 Feb 2017 12:24:14 +0100 +Subject: [PATCH] avcodec/pngdec: Check trns more completely + +Fixes out of array access +Fixes: 546/clusterfuzz-testcase-4809433909559296 + +Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg +Signed-off-by: Michael Niedermayer + +[sunweaver] ported to libav in Debian jessie LTS (which only supports palette based transparency). + +--- + libavcodec/pngdec.c | 15 ++++++++++++++- + 1 file changed, 14 insertions(+), 1 deletion(-) + +--- a/libavcodec/pngdec.c ++++ b/libavcodec/pngdec.c +@@ -592,6 +592,16 @@ + { + int v, i; + ++ if (!(s->state & PNG_IHDR)) { ++ av_log(avctx, AV_LOG_ERROR, "trns before IHDR\n"); ++ return AVERROR_INVALIDDATA; ++ } ++ ++ if (s->state & PNG_IDAT) { ++ av_log(avctx, AV_LOG_ERROR, "trns after IDAT\n"); ++ return AVERROR_INVALIDDATA; ++ } ++ + /* read the transparency. XXX: Only palette mode supported */ + if (s->color_type != PNG_COLOR_TYPE_PALETTE || + length > 256 || diff --git a/patches/CVE-2017-7865.patch b/patches/CVE-2017-7865.patch new file mode 100644 index 0000000..32f5e36 --- /dev/null +++ b/patches/CVE-2017-7865.patch @@ -0,0 +1,37 @@ +From 2080bc33717955a0e4268e738acf8c1eeddbf8cb Mon Sep 17 00:00:00 2001 +From: Michael Niedermayer +Date: Wed, 25 Jan 2017 00:20:19 +0100 +Subject: [PATCH] avcodec/utils: correct align value for interplay + +Fixes out of array access +Fixes: 452/fuzz-1-ffmpeg_VIDEO_AV_CODEC_ID_INTERPLAY_VIDEO_fuzzer + +Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg +Signed-off-by: Michael Niedermayer +--- + libavcodec/utils.c | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +--- a/libavcodec/utils.c ++++ b/libavcodec/utils.c +@@ -247,6 +247,10 @@ + w_align = 4; + h_align = 4; + } ++ if (s->codec_id == AV_CODEC_ID_INTERPLAY_VIDEO) { ++ w_align = 8; ++ h_align = 8; ++ } + case AV_PIX_FMT_PAL8: + case AV_PIX_FMT_BGR8: + case AV_PIX_FMT_RGB8: +@@ -254,7 +258,8 @@ + w_align = 4; + h_align = 4; + } +- if (s->codec_id == AV_CODEC_ID_JV) { ++ if (s->codec_id == AV_CODEC_ID_JV || ++ s->codec_id == AV_CODEC_ID_INTERPLAY_VIDEO) { + w_align = 8; + h_align = 8; + } diff --git a/patches/CVE-2017-9987-1.patch b/patches/CVE-2017-9987-1.patch new file mode 100644 index 0000000..cd12c89 --- /dev/null +++ b/patches/CVE-2017-9987-1.patch @@ -0,0 +1,37 @@ +From 9f0eaf792a8560a089643489403e549c30fb3170 Mon Sep 17 00:00:00 2001 +From: Michael Niedermayer +Date: Sun, 8 Mar 2015 01:27:56 +0100 +Subject: [PATCH] avcodec/mpegvideo_motion: Fix off by 1 error in MV bounds + checking + +Fixes Ticket4299 + +Signed-off-by: Michael Niedermayer +--- + libavcodec/mpegvideo_motion.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +--- a/libavcodec/mpegvideo_motion.c ++++ b/libavcodec/mpegvideo_motion.c +@@ -209,8 +209,8 @@ + dxy |= (motion_y & 1) << 1; + src += src_y * s->linesize + src_x; + +- if ((unsigned)src_x > FFMAX(s->h_edge_pos - (motion_x & 1) - 8, 0) || +- (unsigned)src_y > FFMAX(s->v_edge_pos - (motion_y & 1) - 8, 0)) { ++ if ((unsigned)src_x > FFMAX(s->h_edge_pos - (motion_x & 1) - 7, 0) || ++ (unsigned)src_y > FFMAX(s->v_edge_pos - (motion_y & 1) - 7, 0)) { + s->vdsp.emulated_edge_mc(s->edge_emu_buffer, src, + s->linesize, s->linesize, + 9, 9, src_x, src_y, +@@ -304,8 +304,8 @@ + ptr_cb = ref_picture[1] + uvsrc_y * uvlinesize + uvsrc_x; + ptr_cr = ref_picture[2] + uvsrc_y * uvlinesize + uvsrc_x; + +- if ((unsigned)src_x > FFMAX(s->h_edge_pos - (motion_x & 1) - 16, 0) || +- (unsigned)src_y > FFMAX(v_edge_pos - (motion_y & 1) - h, 0)) { ++ if ((unsigned)src_x > FFMAX(s->h_edge_pos - (motion_x & 1) - 15, 0) || ++ (unsigned)src_y > FFMAX(v_edge_pos - (motion_y & 1) - h + 1, 0)) { + if (is_mpeg12 || + s->codec_id == AV_CODEC_ID_MPEG2VIDEO || + s->codec_id == AV_CODEC_ID_MPEG1VIDEO) { diff --git a/patches/CVE-2017-9987-2.patch b/patches/CVE-2017-9987-2.patch new file mode 100644 index 0000000..2093ead --- /dev/null +++ b/patches/CVE-2017-9987-2.patch @@ -0,0 +1,48 @@ +From 8849c4ceac0f35e88b2dc406bf5ffc4173a38ffe Mon Sep 17 00:00:00 2001 +From: Michael Niedermayer +Date: Sun, 8 Mar 2015 01:45:53 +0100 +Subject: [PATCH] avcodec/mpegvideo_motion: Fix off by 1 error in MV bounds + checking in qpel, chroma_4mv and 8x8 + +No testcase available + +Signed-off-by: Michael Niedermayer +--- + libavcodec/mpegvideo_motion.c | 12 ++++++------ + 1 file changed, 6 insertions(+), 6 deletions(-) + +--- a/libavcodec/mpegvideo_motion.c ++++ b/libavcodec/mpegvideo_motion.c +@@ -533,8 +533,8 @@ + ptr_cb = ref_picture[1] + uvsrc_y * uvlinesize + uvsrc_x; + ptr_cr = ref_picture[2] + uvsrc_y * uvlinesize + uvsrc_x; + +- if ((unsigned)src_x > FFMAX(s->h_edge_pos - (motion_x & 3) - 16, 0) || +- (unsigned)src_y > FFMAX(v_edge_pos - (motion_y & 3) - h, 0)) { ++ if ((unsigned)src_x > FFMAX(s->h_edge_pos - (motion_x & 3) - 15, 0) || ++ (unsigned)src_y > FFMAX(v_edge_pos - (motion_y & 3) - h + 1, 0)) { + s->vdsp.emulated_edge_mc(s->edge_emu_buffer, ptr_y, + s->linesize, s->linesize, + 17, 17 + field_based, +@@ -616,8 +616,8 @@ + + offset = src_y * s->uvlinesize + src_x; + ptr = ref_picture[1] + offset; +- if ((unsigned)src_x > FFMAX((s->h_edge_pos >> 1) - (dxy & 1) - 8, 0) || +- (unsigned)src_y > FFMAX((s->v_edge_pos >> 1) - (dxy >> 1) - 8, 0)) { ++ if ((unsigned)src_x >= FFMAX((s->h_edge_pos >> 1) - (dxy & 1) - 7, 0) || ++ (unsigned)src_y >= FFMAX((s->v_edge_pos >> 1) - (dxy >> 1) - 7, 0)) { + s->vdsp.emulated_edge_mc(s->edge_emu_buffer, ptr, + s->uvlinesize, s->uvlinesize, + 9, 9, src_x, src_y, +@@ -774,8 +774,8 @@ + dxy &= ~12; + + ptr = ref_picture[0] + (src_y * s->linesize) + (src_x); +- if ((unsigned)src_x > FFMAX(s->h_edge_pos - (motion_x & 3) - 8, 0) || +- (unsigned)src_y > FFMAX(s->v_edge_pos - (motion_y & 3) - 8, 0)) { ++ if ((unsigned)src_x >= FFMAX(s->h_edge_pos - (motion_x & 3) - 7, 0) || ++ (unsigned)src_y >= FFMAX(s->v_edge_pos - (motion_y & 3) - 7, 0)) { + s->vdsp.emulated_edge_mc(s->edge_emu_buffer, ptr, + s->linesize, s->linesize, + 9, 9, diff --git a/patches/CVE-2017-9993.patch b/patches/CVE-2017-9993.patch new file mode 100644 index 0000000..ad2b2b6 --- /dev/null +++ b/patches/CVE-2017-9993.patch @@ -0,0 +1,23 @@ +From: Markus Koschany +Date: Sun, 30 Dec 2018 16:57:18 +0100 +Subject: CVE-2017-9993 + +Origin: https://github.com/FFmpeg/FFmpeg/commit/a5d849b149ca67ced2d271dc84db0bc95a548abb +--- + libavformat/avidec.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/libavformat/avidec.c b/libavformat/avidec.c +index 928bbaa..713f822 100644 +--- a/libavformat/avidec.c ++++ b/libavformat/avidec.c +@@ -870,6 +870,9 @@ static int read_gab2_sub(AVStream *st, AVPacket *pkt) + if (!(sub_demuxer = av_probe_input_format2(&pd, 1, &score))) + goto error; + ++ if (strcmp(sub_demuxer->name, "srt") && strcmp(sub_demuxer->name, "ass")) ++ goto error; ++ + if (!(ast->sub_ctx = avformat_alloc_context())) + goto error; + diff --git a/patches/CVE-2017-9994.patch b/patches/CVE-2017-9994.patch new file mode 100644 index 0000000..e96096f --- /dev/null +++ b/patches/CVE-2017-9994.patch @@ -0,0 +1,46 @@ +From: Markus Koschany +Date: Sun, 30 Dec 2018 16:54:59 +0100 +Subject: CVE-2017-9994 + +Origin: https://github.com/FFmpeg/FFmpeg/commit/6b5d3fb26fb4be48e4966e4b1d97c2165538d4ef +--- + libavcodec/vp8.c | 3 +++ + libavcodec/webp.c | 3 +-- + 2 files changed, 4 insertions(+), 2 deletions(-) + +diff --git a/libavcodec/vp8.c b/libavcodec/vp8.c +index 08b72c9..9c55f5d 100644 +--- a/libavcodec/vp8.c ++++ b/libavcodec/vp8.c +@@ -32,6 +32,7 @@ + #include "thread.h" + #include "vp8.h" + #include "vp8data.h" ++#include "libavutil/avassert.h" + + #if ARCH_ARM + # include "arm/vp8.h" +@@ -2463,6 +2464,8 @@ int vp78_decode_frame(AVCodecContext *avctx, void *data, int *got_frame, + enum AVDiscard skip_thresh; + VP8Frame *av_uninit(curframe), *prev_frame; + ++ av_assert0(avctx->pix_fmt == AV_PIX_FMT_YUVA420P || avctx->pix_fmt == AV_PIX_FMT_YUV420P); ++ + if (is_vp7) + ret = vp7_decode_frame_header(s, avpkt->data, avpkt->size); + else +diff --git a/libavcodec/webp.c b/libavcodec/webp.c +index 4138e54..c167537 100644 +--- a/libavcodec/webp.c ++++ b/libavcodec/webp.c +@@ -1304,9 +1304,8 @@ static int vp8_lossy_decode_frame(AVCodecContext *avctx, AVFrame *p, + if (!s->initialized) { + ff_vp8_decode_init(avctx); + s->initialized = 1; +- if (s->has_alpha) +- avctx->pix_fmt = AV_PIX_FMT_YUVA420P; + } ++ avctx->pix_fmt = s->has_alpha ? AV_PIX_FMT_YUVA420P : AV_PIX_FMT_YUV420P; + s->lossless = 0; + + if (data_size > INT_MAX) { diff --git a/patches/CVE-2018-11102-1.patch b/patches/CVE-2018-11102-1.patch new file mode 100644 index 0000000..247d7c3 --- /dev/null +++ b/patches/CVE-2018-11102-1.patch @@ -0,0 +1,21 @@ +From a4fe661157b22a353ecce51f5c717c42c8fe00b0 Mon Sep 17 00:00:00 2001 +From: Michael Niedermayer +Date: Wed, 17 Oct 2012 17:20:12 +0200 +Subject: [PATCH] mov_probe: fix integer overflows + +Signed-off-by: Michael Niedermayer +--- + libavformat/mov.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/libavformat/mov.c ++++ b/libavformat/mov.c +@@ -2916,7 +2916,7 @@ + + static int mov_probe(AVProbeData *p) + { +- unsigned int offset; ++ int64_t offset; + uint32_t tag; + int score = 0; + diff --git a/patches/CVE-2018-11102-2.patch b/patches/CVE-2018-11102-2.patch new file mode 100644 index 0000000..1196e1e --- /dev/null +++ b/patches/CVE-2018-11102-2.patch @@ -0,0 +1,95 @@ +From 7abf394814d818973db562102f21ab9d10540840 Mon Sep 17 00:00:00 2001 +From: Petter Ericson +Date: Wed, 17 Oct 2012 16:53:19 +0200 +Subject: [PATCH] mov.c: Check for stsd + m1s tag indicating MOV-wrapped + MPEG-PS, and force continued probing if found. + +Fixes Ticket241 +Signed-off-by: Michael Niedermayer +--- + libavformat/mov.c | 45 +++++++++++++++++++++++++++++++++++++-------- + 1 file changed, 37 insertions(+), 8 deletions(-) + +--- a/libavformat/mov.c ++++ b/libavformat/mov.c +@@ -2919,43 +2919,72 @@ + int64_t offset; + uint32_t tag; + int score = 0; ++ int moov_offset = -1; + + /* check file header */ + offset = 0; + for (;;) { + /* ignore invalid offset */ + if ((offset + 8) > (unsigned int)p->buf_size) +- return score; ++ break; + tag = AV_RL32(p->buf + offset + 4); + switch(tag) { + /* check for obvious tags */ +- case MKTAG('j','P',' ',' '): /* jpeg 2000 signature */ + case MKTAG('m','o','o','v'): ++ moov_offset = offset + 4; ++ case MKTAG('j','P',' ',' '): /* jpeg 2000 signature */ + case MKTAG('m','d','a','t'): + case MKTAG('p','n','o','t'): /* detect movs with preview pics like ew.mov and april.mov */ + case MKTAG('u','d','t','a'): /* Packet Video PVAuthor adds this and a lot of more junk */ + case MKTAG('f','t','y','p'): +- return AVPROBE_SCORE_MAX; ++ score = AVPROBE_SCORE_MAX; ++ offset = FFMAX(4, AV_RB32(p->buf+offset)) + offset; ++ break; + /* those are more common words, so rate then a bit less */ + case MKTAG('e','d','i','w'): /* xdcam files have reverted first tags */ + case MKTAG('w','i','d','e'): + case MKTAG('f','r','e','e'): + case MKTAG('j','u','n','k'): + case MKTAG('p','i','c','t'): +- return AVPROBE_SCORE_MAX - 5; ++ score = FFMAX(score, AVPROBE_SCORE_MAX - 5); ++ offset = FFMAX(4, AV_RB32(p->buf+offset)) + offset; ++ break; + case MKTAG(0x82,0x82,0x7f,0x7d): + case MKTAG('s','k','i','p'): + case MKTAG('u','u','i','d'): + case MKTAG('p','r','f','l'): +- offset = AV_RB32(p->buf+offset) + offset; + /* if we only find those cause probedata is too small at least rate them */ +- score = AVPROBE_SCORE_EXTENSION; ++ score = FFMAX(score, AVPROBE_SCORE_MAX - 50); ++ offset = FFMAX(4, AV_RB32(p->buf+offset)) + offset; + break; + default: +- /* unrecognized tag */ +- return score; ++ offset = FFMAX(4, AV_RB32(p->buf+offset)) + offset; + } + } ++ if(tag > AVPROBE_SCORE_MAX - 50 && moov_offset != -1) { ++ /* moov atom in the header - we should make sure that this is not a ++ * MOV-packed MPEG-PS */ ++ offset = moov_offset; ++ ++ while(offset < (p->buf_size - 20)){ /* Sufficient space */ ++ /* We found an actual stsd atom */ ++ if(AV_RL32(p->buf+offset) == MKTAG('s','t','s','d') && ++ /* Make sure there's only one stream */ ++ AV_RB32(p->buf + offset + 8) == 1 && ++ AV_RL32(p->buf + offset + 16) == MKTAG('m','1','s',' ') ++ ){ ++ av_log(NULL, AV_LOG_WARNING, "Found m1s tag indicating this is a MOV-packed MPEG-PS.\n"); ++ /* We found an stsd atom describing an MPEG-PS-in-MOV, return a ++ * low score to force expanding the probe window until ++ * mpegps_probe finds what it needs */ ++ return 5; ++ }else ++ /* Keep looking */ ++ offset+=2; ++ } ++ } ++ ++ return score; + } + + // must be done after parsing all trak because there's no order requirement diff --git a/patches/CVE-2018-14394.patch b/patches/CVE-2018-14394.patch new file mode 100644 index 0000000..bc41e39 --- /dev/null +++ b/patches/CVE-2018-14394.patch @@ -0,0 +1,25 @@ +From: Markus Koschany +Date: Sun, 30 Dec 2018 16:51:20 +0100 +Subject: CVE-2018-14394 + +Origin: https://github.com/FFmpeg/FFmpeg/commit/3a2d21bc5f97aa0161db3ae731fc2732be6108b8 +--- + libavformat/movenc.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/libavformat/movenc.c b/libavformat/movenc.c +index e48a363..6d99a0a 100644 +--- a/libavformat/movenc.c ++++ b/libavformat/movenc.c +@@ -3033,6 +3033,11 @@ int ff_mov_write_packet(AVFormatContext *s, AVPacket *pkt) + else + samples_in_chunk = 1; + ++ if (samples_in_chunk < 1) { ++ av_log(s, AV_LOG_ERROR, "fatal error, input packet contains no samples\n"); ++ return AVERROR_PATCHWELCOME; ++ } ++ + /* copy extradata if it exists */ + if (trk->vos_len == 0 && enc->extradata_size > 0) { + trk->vos_len = enc->extradata_size; diff --git a/patches/CVE-2018-15822.patch b/patches/CVE-2018-15822.patch new file mode 100644 index 0000000..067704b --- /dev/null +++ b/patches/CVE-2018-15822.patch @@ -0,0 +1,28 @@ +From 6b67d7f05918f7a1ee8fc6ff21355d7e8736aa10 Mon Sep 17 00:00:00 2001 +From: Michael Niedermayer +Date: Sat, 28 Jul 2018 15:03:50 +0200 +Subject: [PATCH] avformat/flvenc: Check audio packet size + +Fixes: Assertion failure +Fixes: assert_flvenc.c:941_1.swf + +Found-by: #CHEN HONGXU# +Signed-off-by: Michael Niedermayer +--- + libavformat/flvenc.c | 5 +++++ + 1 file changed, 5 insertions(+) + +--- a/libavformat/flvenc.c ++++ b/libavformat/flvenc.c +@@ -438,6 +438,11 @@ + uint8_t *data = NULL; + int flags = 0, flags_size; + ++ if (enc->codec_type == AVMEDIA_TYPE_AUDIO && !pkt->size) { ++ av_log(s, AV_LOG_WARNING, "Empty audio Packet\n"); ++ return AVERROR(EINVAL); ++ } ++ + if (enc->codec_id == AV_CODEC_ID_VP6F || enc->codec_id == AV_CODEC_ID_VP6A || + enc->codec_id == AV_CODEC_ID_AAC) + flags_size = 2; diff --git a/patches/CVE-2018-19128.patch b/patches/CVE-2018-19128.patch new file mode 100644 index 0000000..f69dd53 --- /dev/null +++ b/patches/CVE-2018-19128.patch @@ -0,0 +1,30 @@ +Origin: https://git.ffmpeg.org/gitweb/ffmpeg.git/commitdiff/6c36b3afe72d1ab635efba36e78c849630ed9ec6 +Author: Michael Niedermayer +Reviewed-by: Sylvain Beucler +Last-Update: 2019-11-16 + +commit 6c36b3afe72d1ab635efba36e78c849630ed9ec6 +Author: Michael Niedermayer +Date: Thu Aug 14 15:18:49 2014 +0200 + + avcodec/lcldec: initialize encoded correctly + + Fixes out of array read + Fixes: yuv111_no_compr_crash.avi + + Found-by: Piotr Bandurski + Signed-off-by: Michael Niedermayer + +Index: libav-11.12/libavcodec/lcldec.c +=================================================================== +--- libav-11.12.orig/libavcodec/lcldec.c ++++ libav-11.12/libavcodec/lcldec.c +@@ -164,7 +164,7 @@ static int decode_frame(AVCodecContext * + LclDecContext * const c = avctx->priv_data; + unsigned int pixel_ptr; + int row, col; +- unsigned char *encoded, *outptr; ++ unsigned char *encoded = avpkt->data, *outptr; + uint8_t *y_out, *u_out, *v_out; + unsigned int width = avctx->width; // Real image width + unsigned int height = avctx->height; // Real image height diff --git a/patches/CVE-2018-1999010.patch b/patches/CVE-2018-1999010.patch new file mode 100644 index 0000000..35fced6 --- /dev/null +++ b/patches/CVE-2018-1999010.patch @@ -0,0 +1,69 @@ +From: Markus Koschany +Date: Sun, 30 Dec 2018 16:39:05 +0100 +Subject: CVE-2018-1999010 + +Origin: https://github.com/FFmpeg/FFmpeg/commit/cced03dd667a5df6df8fd40d8de0bff477ee02e +--- + libavformat/mms.c | 42 ++++++++++++++++++++++++++---------------- + 1 file changed, 26 insertions(+), 16 deletions(-) + +diff --git a/libavformat/mms.c b/libavformat/mms.c +index fb16a3c..787edf1 100644 +--- a/libavformat/mms.c ++++ b/libavformat/mms.c +@@ -94,22 +94,26 @@ int ff_mms_asf_header_parser(MMSContext *mms) + } + } + } else if (!memcmp(p, ff_asf_stream_header, sizeof(ff_asf_guid))) { +- flags = AV_RL16(p + sizeof(ff_asf_guid)*3 + 24); +- stream_id = flags & 0x7F; +- //The second condition is for checking CS_PKT_STREAM_ID_REQUEST packet size, +- //we can calcuate the packet size by stream_num. +- //Please see function send_stream_selection_request(). +- if (mms->stream_num < MMS_MAX_STREAMS && +- 46 + mms->stream_num * 6 < sizeof(mms->out_buffer)) { +- mms->streams = av_fast_realloc(mms->streams, +- &mms->nb_streams_allocated, +- (mms->stream_num + 1) * sizeof(MMSStream)); +- mms->streams[mms->stream_num].id = stream_id; +- mms->stream_num++; +- } else { +- av_log(NULL, AV_LOG_ERROR, +- "Corrupt stream (too many A/V streams)\n"); +- return AVERROR_INVALIDDATA; ++ if (end - p >= (sizeof(ff_asf_guid) * 3 + 26)) { ++ flags = AV_RL16(p + sizeof(ff_asf_guid)*3 + 24); ++ stream_id = flags & 0x7F; ++ //The second condition is for checking CS_PKT_STREAM_ID_REQUEST packet size, ++ //we can calculate the packet size by stream_num. ++ //Please see function send_stream_selection_request(). ++ if (mms->stream_num < MMS_MAX_STREAMS && ++ 46 + mms->stream_num * 6 < sizeof(mms->out_buffer)) { ++ mms->streams = av_fast_realloc(mms->streams, ++ &mms->nb_streams_allocated, ++ (mms->stream_num + 1) * sizeof(MMSStream)); ++ if (!mms->streams) ++ return AVERROR(ENOMEM); ++ mms->streams[mms->stream_num].id = stream_id; ++ mms->stream_num++; ++ } else { ++ av_log(NULL, AV_LOG_ERROR, ++ "Corrupt stream (too many A/V streams)\n"); ++ return AVERROR_INVALIDDATA; ++ } + } + } else if (!memcmp(p, ff_asf_ext_stream_header, sizeof(ff_asf_guid))) { + if (end - p >= 88) { +@@ -141,6 +145,12 @@ int ff_mms_asf_header_parser(MMSContext *mms) + } + } else if (!memcmp(p, ff_asf_head1_guid, sizeof(ff_asf_guid))) { + chunksize = 46; // see references [2] section 3.4. This should be set 46. ++ if (chunksize > end - p) { ++ av_log(NULL, AV_LOG_ERROR, ++ "Corrupt stream (header chunksize %"PRId64" is invalid)\n", ++ chunksize); ++ return AVERROR_INVALIDDATA; ++ } + } + p += chunksize; + } diff --git a/patches/CVE-2018-1999012.patch b/patches/CVE-2018-1999012.patch new file mode 100644 index 0000000..1487273 --- /dev/null +++ b/patches/CVE-2018-1999012.patch @@ -0,0 +1,28 @@ +From 9807d3976be0e92e4ece3b4b1701be894cd7c2e1 Mon Sep 17 00:00:00 2001 +From: Michael Niedermayer +Date: Tue, 3 Jul 2018 22:14:42 +0200 +Subject: [PATCH] avformat/pva: Check for EOF before retrying in + read_part_of_packet() + +Fixes: Infinite loop +Fixes: pva-4b1835dbc2027bf3c567005dcc78e85199240d06 + +Found-by: Paul Ch +Signed-off-by: Michael Niedermayer +--- + libavformat/pva.c | 4 ++++ + 1 file changed, 4 insertions(+) + +--- a/libavformat/pva.c ++++ b/libavformat/pva.c +@@ -120,6 +120,10 @@ + pes_flags = avio_rb16(pb); + pes_header_data_length = avio_r8(pb); + ++ if (avio_feof(pb)) { ++ return AVERROR_EOF; ++ } ++ + if (pes_signal != 1) { + pva_log(s, AV_LOG_WARNING, "expected signaled PES packet, " + "trying to recover\n"); diff --git a/patches/CVE-2018-5766.patch b/patches/CVE-2018-5766.patch new file mode 100644 index 0000000..e2e5a17 --- /dev/null +++ b/patches/CVE-2018-5766.patch @@ -0,0 +1,23 @@ +From f077ad69c682c13ab75a72aec11a61cac53f0c91 Mon Sep 17 00:00:00 2001 +From: Carl Eugen Hoyos +Date: Sun, 4 Sep 2016 21:11:02 +0200 +Subject: [PATCH] lavc/avpacket: Fix undefined behaviour, do not pass a null + pointer to memcpy(). + +Fixes ticket #5128. +--- + libavcodec/avpacket.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +--- a/libavcodec/avpacket.c ++++ b/libavcodec/avpacket.c +@@ -364,7 +364,8 @@ + ret = packet_alloc(&dst->buf, src->size); + if (ret < 0) + goto fail; +- memcpy(dst->buf->data, src->data, src->size); ++ if (src->size) ++ memcpy(dst->buf->data, src->data, src->size); + + dst->data = dst->buf->data; + } else { diff --git a/patches/CVE-2018-6392-1.patch b/patches/CVE-2018-6392-1.patch new file mode 100644 index 0000000..ceef05e --- /dev/null +++ b/patches/CVE-2018-6392-1.patch @@ -0,0 +1,51 @@ +From 3f621455d62e46745453568d915badd5b1e5bcd5 Mon Sep 17 00:00:00 2001 +From: Michael Niedermayer +Date: Sun, 28 Jan 2018 02:46:56 +0100 +Subject: [PATCH] avfilter/vf_transpose: Fix regression with packed pixel + formats + +Regression since: c6939f65a116b1ffed345d29d8621ee4ffb32235 +Found-by: Paul B Mahol +Reviewed-by: Paul B Mahol +Signed-off-by: Michael Niedermayer +--- + libavfilter/vf_transpose.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/libavfilter/vf_transpose.c ++++ b/libavfilter/vf_transpose.c +@@ -27,6 +27,7 @@ + + #include + ++#include "libavutil/avassert.h" + #include "libavutil/imgutils.h" + #include "libavutil/internal.h" + #include "libavutil/intreadwrite.h" +@@ -48,6 +49,7 @@ + typedef struct TransContext { + const AVClass *class; + int hsub, vsub; ++ int planes; + int pixsteps[4]; + + enum TransposeDir dir; +@@ -93,6 +95,9 @@ + + trans->hsub = desc_in->log2_chroma_w; + trans->vsub = desc_in->log2_chroma_h; ++ trans->planes = desc_in->nb_components; ++ ++ av_assert0(desc_in->nb_components == desc_out->nb_components); + + av_image_fill_max_pixsteps(trans->pixsteps, NULL, desc_out); + +@@ -135,7 +140,7 @@ + out->sample_aspect_ratio.den = in->sample_aspect_ratio.num; + } + +- for (plane = 0; out->data[plane]; plane++) { ++ for (plane = 0; plane < trans->planes; plane++) { + int hsub = plane == 1 || plane == 2 ? trans->hsub : 0; + int vsub = plane == 1 || plane == 2 ? trans->vsub : 0; + int pixstep = trans->pixsteps[plane]; diff --git a/patches/CVE-2018-6392-2.patch b/patches/CVE-2018-6392-2.patch new file mode 100644 index 0000000..0242ba6 --- /dev/null +++ b/patches/CVE-2018-6392-2.patch @@ -0,0 +1,25 @@ +From 3f621455d62e46745453568d915badd5b1e5bcd5 Mon Sep 17 00:00:00 2001 +From: Michael Niedermayer +Date: Sun, 28 Jan 2018 02:46:56 +0100 +Subject: [PATCH] avfilter/vf_transpose: Fix regression with packed pixel + formats + +Regression since: c6939f65a116b1ffed345d29d8621ee4ffb32235 +Found-by: Paul B Mahol +Reviewed-by: Paul B Mahol +Signed-off-by: Michael Niedermayer +--- + libavfilter/vf_transpose.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/libavfilter/vf_transpose.c ++++ b/libavfilter/vf_transpose.c +@@ -95,7 +95,7 @@ + + trans->hsub = desc_in->log2_chroma_w; + trans->vsub = desc_in->log2_chroma_h; +- trans->planes = desc_in->nb_components; ++ trans->planes = av_pix_fmt_count_planes(outlink->format); + + av_assert0(desc_in->nb_components == desc_out->nb_components); + diff --git a/patches/CVE-2018-6621.patch b/patches/CVE-2018-6621.patch new file mode 100644 index 0000000..e275722 --- /dev/null +++ b/patches/CVE-2018-6621.patch @@ -0,0 +1,22 @@ +From: Markus Koschany +Date: Sun, 6 Jan 2019 16:05:17 +0100 +Subject: CVE-2018-6621 + +Origin: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/118e1b0b3370dd1c0da442901b486689efd1654b +--- + libavcodec/utvideodec.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/libavcodec/utvideodec.c b/libavcodec/utvideodec.c +index 553f45d..63556b8 100644 +--- a/libavcodec/utvideodec.c ++++ b/libavcodec/utvideodec.c +@@ -362,7 +362,7 @@ static int decode_frame(AVCodecContext *avctx, void *data, int *got_frame, + slice_end = bytestream2_get_le32u(&gb); + slice_size = slice_end - slice_start; + if (slice_end < 0 || slice_size < 0 || +- bytestream2_get_bytes_left(&gb) < slice_end) { ++ bytestream2_get_bytes_left(&gb) < slice_end + 1024LL) { + av_log(avctx, AV_LOG_ERROR, "Incorrect slice size\n"); + return AVERROR_INVALIDDATA; + } diff --git a/patches/CVE-2018-7557.patch b/patches/CVE-2018-7557.patch new file mode 100644 index 0000000..d4a821a --- /dev/null +++ b/patches/CVE-2018-7557.patch @@ -0,0 +1,43 @@ +From: Markus Koschany +Date: Sun, 30 Dec 2018 15:14:44 +0100 +Subject: CVE-2018-7557 + +Origin: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/7414d0bda7763f9bd69c26c068e482ab297c1c96 +--- + libavcodec/utvideodec.c | 9 +++++++++ + 1 file changed, 9 insertions(+) + +diff --git a/libavcodec/utvideodec.c b/libavcodec/utvideodec.c +index bb8c7aa..553f45d 100644 +--- a/libavcodec/utvideodec.c ++++ b/libavcodec/utvideodec.c +@@ -28,6 +28,7 @@ + #include + + #include "libavutil/intreadwrite.h" ++#include "libavutil/pixdesc.h" + #include "avcodec.h" + #include "bswapdsp.h" + #include "bytestream.h" +@@ -477,6 +478,7 @@ static int decode_frame(AVCodecContext *avctx, void *data, int *got_frame, + static av_cold int decode_init(AVCodecContext *avctx) + { + UtvideoContext * const c = avctx->priv_data; ++ int h_shift, v_shift; + + c->avctx = avctx; + +@@ -541,6 +543,13 @@ static av_cold int decode_init(AVCodecContext *avctx) + return AVERROR_INVALIDDATA; + } + ++ av_pix_fmt_get_chroma_sub_sample(avctx->pix_fmt, &h_shift, &v_shift); ++ if ((avctx->width & ((1<height & ((1< +Date: Sat, 23 Mar 2019 20:55:08 +0100 +Subject: [PATCH] avcodec/hevc: Avoid only partly skiping duplicate first + slices + +Fixes: NULL pointer dereference and out of array access +Fixes: 13871/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HEVC_fuzzer-5746167087890432 +Fixes: 13845/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HEVC_fuzzer-5650370728034304 + +This also fixes the return code for explode mode + +Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg +Reviewed-by: James Almer +Signed-off-by: Michael Niedermayer +--- + libavcodec/hevc.c | 14 ++++++++++---- + 1 file changed, 10 insertions(+), 4 deletions(-) + +[sunweaver] Rebase for patching libav in Debian jessie LTS. + + This patch implicitly ships the previous change: + + commit 70c8c8a818f39bc262565ec29fae2baffb3e1660 + Author: James Almer + Date: Mon Mar 18 17:25:58 2019 -0300 + + avcodec/hevcdec: decode at most one slice reporting being the first in the picture + + Fixes deadlocks when decoding packets containing more than one of the aforementioned + slices when using frame threads. + + Tested-by: Derek Buitenhuis + Signed-off-by: James Almer + +--- a/libavcodec/hevc.c ++++ b/libavcodec/hevc.c +@@ -461,6 +461,11 @@ + + // Coded parameters + sh->first_slice_in_pic_flag = get_bits1(gb); ++ if (s->ref && sh->first_slice_in_pic_flag) { ++ av_log(s->avctx, AV_LOG_ERROR, "Two slices reporting being the first in the same frame.\n"); ++ return 1; // This slice will be skiped later, do not corrupt state ++ } ++ + if ((IS_IDR(s) || IS_BLA(s)) && sh->first_slice_in_pic_flag) { + s->seq_decode = (s->seq_decode + 1) & 0xff; + s->max_ra = INT_MAX; +@@ -2900,6 +2905,8 @@ + ret = ff_hevc_output_frame(s, data, 1); + if (ret < 0) + return ret; ++ if (ret == 1) ++ return AVERROR_INVALIDDATA; + + *got_output = ret; + return 0; diff --git a/patches/CVE-2019-14372.patch b/patches/CVE-2019-14372.patch new file mode 100644 index 0000000..4829de6 --- /dev/null +++ b/patches/CVE-2019-14372.patch @@ -0,0 +1,23 @@ +From 3dca5a5c41f67a2e149582f3d46a09647b183e71 Mon Sep 17 00:00:00 2001 +From: Paul B Mahol +Date: Mon, 18 Aug 2014 11:00:24 +0000 +Subject: [PATCH] wvdec: check for eof in wv_read_block_header() + +Fixes Ticket #3865 +Found-by: Piotr Bandurski +Signed-off-by: Paul B Mahol +--- + libavformat/wvdec.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/libavformat/wvdec.c ++++ b/libavformat/wvdec.c +@@ -121,7 +121,7 @@ + "Cannot determine additional parameters\n"); + return AVERROR_INVALIDDATA; + } +- while (avio_tell(pb) < block_end) { ++ while (avio_tell(pb) < block_end && !avio_feof(pb)) { + int id, size; + id = avio_r8(pb); + size = (id & 0x80) ? avio_rl24(pb) : avio_r8(pb); diff --git a/patches/CVE-2019-14442.patch b/patches/CVE-2019-14442.patch new file mode 100644 index 0000000..4d0c399 --- /dev/null +++ b/patches/CVE-2019-14442.patch @@ -0,0 +1,30 @@ +From 56cc024220886927350cfc26ee695062ca7ecaf4 Mon Sep 17 00:00:00 2001 +From: wm4 +Date: Tue, 3 Feb 2015 19:04:12 +0100 +Subject: [PATCH] avformat/mpc8: fix hang with fuzzed file + +This can lead to an endless loop by seeking back a few bytes after each +attempted chunk read. Assuming negative sizes are always invalid, this +is easy to fix. Other code in this demuxer treats negative sizes as +invalid as well. + +Fixes ticket #4262. + +Signed-off-by: Michael Niedermayer +--- + libavformat/mpc8.c | 4 ++++ + 1 file changed, 4 insertions(+) + +--- a/libavformat/mpc8.c ++++ b/libavformat/mpc8.c +@@ -216,6 +216,10 @@ + while(!pb->eof_reached){ + pos = avio_tell(pb); + mpc8_get_chunk_header(pb, &tag, &size); ++ if (size < 0) { ++ av_log(s, AV_LOG_ERROR, "Invalid chunk length\n"); ++ return AVERROR_INVALIDDATA; ++ } + if(tag == TAG_STREAMHDR) + break; + mpc8_handle_chunk(s, tag, pos, size); diff --git a/patches/CVE-2019-14443.patch b/patches/CVE-2019-14443.patch new file mode 100644 index 0000000..49de5d0 --- /dev/null +++ b/patches/CVE-2019-14443.patch @@ -0,0 +1,36 @@ +Origin: https://git.ffmpeg.org/gitweb/ffmpeg.git/commitdiff/8937230719ad7039ff908793f3bb2111e26e4edc +Author: Michael Niedermayer +Reviewed-by: Sylvain Beucler +Last-Update: 2019-11-08 + +commit 8937230719ad7039ff908793f3bb2111e26e4edc +Author: Michael Niedermayer +Date: Thu May 2 16:45:06 2013 +0200 + + ape_decode_value_3900: check tmpk + + Fixes division by 0 + + Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind + Signed-off-by: Michael Niedermayer + +Index: libav-11.12/libavcodec/apedec.c +=================================================================== +--- libav-11.12.orig/libavcodec/apedec.c ++++ libav-11.12/libavcodec/apedec.c +@@ -541,9 +541,13 @@ static inline int ape_decode_value_3900( + } else + tmpk = (rice->k < 1) ? 0 : rice->k - 1; + +- if (tmpk <= 16 || ctx->fileversion < 3910) ++ if (tmpk <= 16 || ctx->fileversion < 3910) { ++ if (tmpk > 23) { ++ av_log(ctx->avctx, AV_LOG_ERROR, "Too many bits: %d\n", tmpk); ++ return AVERROR_INVALIDDATA; ++ } + x = range_decode_bits(ctx, tmpk); +- else if (tmpk <= 32) { ++ } else if (tmpk <= 32) { + x = range_decode_bits(ctx, 16); + x |= (range_decode_bits(ctx, tmpk - 16) << 16); + } else { diff --git a/patches/CVE-2019-17542.patch b/patches/CVE-2019-17542.patch new file mode 100644 index 0000000..1a8d0d4 --- /dev/null +++ b/patches/CVE-2019-17542.patch @@ -0,0 +1,33 @@ +Origin: https://git.ffmpeg.org/gitweb/ffmpeg.git/commitdiff/ccce723c6d0ea1ea89ea6c47160a07d37cdeeba2 +Author: Michael Niedermayer +Reviewed-by: Sylvain Beucler +Last-Update: 2019-11-08 + +From 02f909dc24b1f05cfbba75077c7707b905e63cd2 Mon Sep 17 00:00:00 2001 +From: Michael Niedermayer +Date: Fri, 26 Jul 2019 00:35:32 +0200 +Subject: [PATCH] avcodec/vqavideo: Set video size + +Fixes: out of array access +Fixes: 15919/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VQA_fuzzer-5657368257363968 + +Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg +Signed-off-by: Michael Niedermayer +--- + libavcodec/vqavideo.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/libavcodec/vqavideo.c b/libavcodec/vqavideo.c +index 0e70be1000a..b9743abda95 100644 +--- a/libavcodec/vqavideo.c ++++ b/libavcodec/vqavideo.c +@@ -147,7 +147,7 @@ static av_cold int vqa_decode_init(AVCodecContext *avctx) + } + s->width = AV_RL16(&s->avctx->extradata[6]); + s->height = AV_RL16(&s->avctx->extradata[8]); +- if ((ret = av_image_check_size(s->width, s->height, 0, avctx)) < 0) { ++ if ((ret = ff_set_dimensions(avctx, s->width, s->height)) < 0) { + s->width= s->height= 0; + return ret; + } + diff --git a/patches/avio_feof.patch b/patches/avio_feof.patch new file mode 100644 index 0000000..415fa55 --- /dev/null +++ b/patches/avio_feof.patch @@ -0,0 +1,45 @@ +From: Markus Koschany +Date: Sun, 30 Dec 2018 12:12:16 +0100 +Subject: avio_feof + +This function is needed for several of the CVE-2017-140xx flaws. +--- + libavformat/avio.h | 2 ++ + libavformat/aviobuf.c | 11 +++++++++++ + 2 files changed, 13 insertions(+) + +diff --git a/libavformat/avio.h b/libavformat/avio.h +index 3360e82..7669132 100644 +--- a/libavformat/avio.h ++++ b/libavformat/avio.h +@@ -227,6 +227,8 @@ static av_always_inline int64_t avio_tell(AVIOContext *s) + */ + int64_t avio_size(AVIOContext *s); + ++int avio_feof(AVIOContext *s); ++ + /** @warning currently size is limited */ + int avio_printf(AVIOContext *s, const char *fmt, ...) av_printf_format(2, 3); + +diff --git a/libavformat/aviobuf.c b/libavformat/aviobuf.c +index 6923b78..17b8300 100644 +--- a/libavformat/aviobuf.c ++++ b/libavformat/aviobuf.c +@@ -257,6 +257,17 @@ int64_t avio_size(AVIOContext *s) + return size; + } + ++int avio_feof(AVIOContext *s) ++{ ++ if(!s) ++ return 0; ++ if(s->eof_reached){ ++ s->eof_reached=0; ++ fill_buffer(s); ++ } ++ return s->eof_reached; ++} ++ + void avio_wl32(AVIOContext *s, unsigned int val) + { + avio_w8(s, val); diff --git a/patches/series b/patches/series new file mode 100644 index 0000000..68156ce --- /dev/null +++ b/patches/series @@ -0,0 +1,65 @@ +02-configure-disable-ebx-gcc-4.9.patch +03-disable-configuration-warnings.patch +CVE-2015-6761.patch +CVE-2014-9317.patch +CVE-2015-6818.patch +CVE-2015-6820.patch +CVE-2015-6821.patch +CVE-2015-6822.patch +CVE-2015-6823.patch +CVE-2015-6824.patch +CVE-2015-6825.patch +CVE-2015-6826.patch +CVE-2015-8216.patch +CVE-2015-8217.patch +CVE-2015-8363.patch +CVE-2015-8364.patch +CVE-2015-8661.patch +CVE-2015-8662.patch +CVE-2015-8663.patch +CVE-2016-10190-pre1-3668701f.patch +CVE-2016-10190-pre2-362c17e6.patch +CVE-2016-10190-pre3-strtoull.patch +CVE-2016-10190.patch +CVE-2016-10191.patch +CVE-2018-7557.patch +CVE-2018-6621.patch +CVE-2018-1999010.patch +CVE-2018-14394.patch +CVE-2017-9994.patch +CVE-2017-9993.patch +CVE-2017-17130.patch +CVE-2017-15672.patch +CVE-2017-14767.patch +CVE-2017-14055.patch +CVE-2017-14056.patch +CVE-2017-14170.patch +CVE-2017-14171.patch +avio_feof.patch +CVE-2017-14057.patch +CVE-2015-1207.patch +CVE-2017-14169.patch +CVE-2017-14223.patch +CVE-2017-7863.patch +CVE-2014-8542.patch +CVE-2017-7865.patch +CVE-2018-1999012.patch +CVE-2015-1872.patch +CVE-2018-6392-1.patch +CVE-2018-6392-2.patch +CVE-2017-14058.patch +CVE-2017-1000460.patch +CVE-2019-11338.patch +CVE-2018-15822.patch +CVE-2019-14442.patch +CVE-2018-5766.patch +CVE-2019-14372.patch +CVE-2017-9987-1.patch +CVE-2017-9987-2.patch +CVE-2018-11102-1.patch +CVE-2018-11102-2.patch +CVE-2019-17542.patch +CVE-2019-14443.patch +CVE-2018-19128.patch +CVE-2017-17127.patch +CVE-2017-18245.patch diff --git a/qt-faststart.1 b/qt-faststart.1 new file mode 100644 index 0000000..b78da3d --- /dev/null +++ b/qt-faststart.1 @@ -0,0 +1,36 @@ +.\" Hey, EMACS: -*- nroff -*- +.\" First parameter, NAME, should be all caps +.\" Second parameter, SECTION, should be 1-8, maybe w/ subsection +.\" other parameters are allowed: see man(7), man(1) +.TH QT-FASTSTART 1 "May 10, 2009" +.\" Please adjust this date whenever revising the manpage. +.\" +.\" Some roff macros, for reference: +.\" .nh disable hyphenation +.\" .hy enable hyphenation +.\" .ad l left justify +.\" .ad b justify to both left and right margins +.\" .nf disable filling +.\" .fi enable filling +.\" .br insert line break +.\" .sp insert n+1 empty lines +.\" for manpage-specific macros, see man(7) +.SH NAME +qt-faststart \- utility for Quicktime files +.SH SYNOPSIS +.B qt-faststart +.br +.SH DESCRIPTION +\fBqt-faststart\fP is a utility that rearranges a Quicktime file such that the +moov atom is in front of the data, thus facilitating network streaming. +.SH OPTIONS +Options processed by the executable: +.TP +\fB\\fR +The source Quicktime file. +.TP +\fB\\fR +The destination Quicktime file. +.SH AUTHOR +This manual page was written by Andres Mejia +for the Debian GNU/Linux system, but may be used by others. diff --git a/rebuild-scripts/README b/rebuild-scripts/README new file mode 100644 index 0000000..db98823 --- /dev/null +++ b/rebuild-scripts/README @@ -0,0 +1,35 @@ +The scripts in this folder may be helpful for doing mass rebuilds. + +How to use: + +1. Upload the new Libav upstream release to experimental, make sure your + mirror has it available. + +1. Copy this folder to a temporary directory with lots of + storage. (e.g., /srv/scratch/libav_rebuilds) + +2. Identify all packages you need to rebuild either using grep-dctrl(1), + or by scraping the Debian release tracker at + https://release.debian.org/transitions/. List all packages in a file + "packages.txt" + +3. Review and adjust the dependencies and chroot names in + git_experimental_source + +4. Execute "./do_all_safe" + +Discussion: + +git_experimental_source will use the schroot chroot to download the +source package from debian/experimental in a subdirectory with the +package name. It also places a script called "build.sh" with an schroot +invocation that makes sure you have the libav packages from experimental +in your build.sh chroot avaialable. do_all_safe iterates over the +package list, download packages that have not been downloaded yet and +executes the generated $package/build.sh script. + +If a build breaks, the idea is to go into that directory, and work on a +patch to fix the problem. To start over, just delete the directory and +call do_all_safe again. + +August 2014, Reinhard Tartler \ No newline at end of file diff --git a/rebuild-scripts/do_all_safe b/rebuild-scripts/do_all_safe new file mode 100755 index 0000000..954533d --- /dev/null +++ b/rebuild-scripts/do_all_safe @@ -0,0 +1,28 @@ +#!/bin/sh + +#!/bin/sh +# +# Copyright 2014, Reinhard Tartler +# +# These helper script is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License as +# published by the Free Software Foundation; either version 2 of the +# License, or (at your option) any later version. +# +# This script is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# + +set -ex + +for package in `cat packages.txt`; do + if [ ! -d $package ]; then + echo "Rebuilding $package" + ./git_experimental_source $package + ./$package/build.sh || true + else + echo "Skipping $package" + fi +done diff --git a/rebuild-scripts/git_experimental_source b/rebuild-scripts/git_experimental_source new file mode 100755 index 0000000..8dc233c --- /dev/null +++ b/rebuild-scripts/git_experimental_source @@ -0,0 +1,51 @@ +#!/bin/sh +# +# Copyright 2014, Reinhard Tartler +# +# These helper script is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License as +# published by the Free Software Foundation; either version 2 of the +# License, or (at your option) any later version. +# +# This script is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# + +set -e + +packagename=$1 +basedir=$(readlink -f `dirname $0`) + +if [ -z "$packagename" ]; then + echo "usage $0 packagename" + exit 1 +fi + +rm -rf $basedir/$packagename +mkdir -p $basedir/$packagename + +cd $basedir/$packagename + +schroot -c experimental-amd64-sbuild -- apt-get source -d -t experimental $packagename +package=`ls *.dsc` + +cat < build.sh +#!/bin/sh + +cd $PWD +sbuild -A -dexperimental --build-dep-resolver=aptitude \ + --make-binNMU="rebuild against libav11" --binNMU=+42 \ + --add-depends "libavformat-dev (>> 6:11~~)" \ + --add-depends "libavcodec-dev (>> 6:11~~)" \ + --add-depends "libavfilter-dev (>> 6:11~~)" \ + --add-depends "libavresample-dev (>> 6:11~~)" \ + --add-depends "libavdevice-dev (>> 6:11~~)" \ + --add-depends "libswscale-dev (>> 6:11~~)" \ + --add-depends "libavutil-dev (>> 6:11~~)" \ + "\$@" \ + $package +EOF + +chmod +x build.sh diff --git a/rules b/rules new file mode 100755 index 0000000..72227f5 --- /dev/null +++ b/rules @@ -0,0 +1,207 @@ +#!/usr/bin/make -f + +EPOCH=6: +DEB_SOURCE := $(shell dpkg-parsechangelog | sed -n 's/^Source: //p') +DEB_VERSION := $(shell dpkg-parsechangelog | sed -n 's/^Version: //p') +UPSTREAM_VERSION := $(shell echo $(DEB_VERSION) | sed -r 's/[^:]+://; s/-[^-]+$$//') +SHLIBS_VERSION := $(EPOCH)11~beta1 + +# The libavcodec-extra package is necessary because it links against +# libraries that are GPLv3 licensed. Make sure that you do not link +# GPLv2 only applications against the libavcodec-extra flavor! +# +# Because of the lack of archive skew problems, only libavcodec produces +# an -extra variant. + +VENDOR := Debian +# these package do not build -extra variants +LIB_PKGS := $(shell sed -nr 's/^Package:[[:space:]]*(lib(avutil|avdevice|avformat|avfilter|avresample|swscale)[0-9]+)[[:space:]]*$$/\1/p' debian/control) +# these packages do build -extra variants +LIB_PKGS2 := $(shell sed -nr 's/^Package:[[:space:]]*(libavcodec[0-9]+)[[:space:]]*$$/\1/p' debian/control) +# these packages are the -extra- variants +LIB_EXTRA_PKGS := $(shell sed -nr 's/^Package:[[:space:]]*(libavcodec-extra-[0-9]+)[[:space:]]*$$/\1/p' debian/control) + + +# these are the -dev packages +DEV_PKGS := $(shell echo $(LIB_PKGS) $(LIB_PKGS2) | sed 's/[0-9]\+\>/-dev/g') + +# Support multiple makes at once +ifneq (,$(filter parallel=%,$(DEB_BUILD_OPTIONS))) +NUMJOBS = -j$(patsubst parallel=%,%,$(filter parallel=%,$(DEB_BUILD_OPTIONS))) +else +# on i386 and amd64, we query the system unless overriden by DEB_BUILD_OPTIONS +ifeq ($(DEB_HOST_ARCH),i386) +NUMJOBS := -j$(shell getconf _NPROCESSORS_ONLN 2>/dev/null || echo 1) +else ifeq ($(DEB_HOST_ARCH),amd64) +NUMJOBS := -j$(shell getconf _NPROCESSORS_ONLN 2>/dev/null || echo 1) +endif +endif + +include debian/confflags +OPT_FLAVORS := $(filter-out static shared, $(FLAVORS)) + +info: + @echo Packages that do not build -extra variants: $(LIB_PKGS) + @echo Packages that do build -extra variatnts: $(LIB_PKGS2) + @echo Packages that are the -extra- variants: $(LIB_EXTRA_PKGS) + +$(info FLAVORS = $(FLAVORS)) +$(info DEB_BUILD_OPTIONS = $(DEB_BUILD_OPTIONS)) +$(info CFLAGS = $(CFLAGS)) +$(info CPPFLAGS = $(CPPFLAGS)) +$(info LDFLAGS = $(LDFLAGS)) + +define dh_install_file_opt_flavor + grep @DEB_HOST_MULTIARCH_OPT@ < $(1).in | \ + sed 's:@DEB_HOST_MULTIARCH_OPT@:$(DEB_HOST_MULTIARCH)/$($(2)_shlibdir):g' >> $(1) + +endef + +DH_INSTALL_FILES := $(foreach pkg, $(LIB_PKGS) $(LIB_PKGS2) $(LIB_EXTRA_PKGS) $(DEV_PKGS), debian/$(pkg).install) +$(DH_INSTALL_FILES): + sed 's/@DEB_HOST_MULTIARCH\(_OPT\)\?@/$(DEB_HOST_MULTIARCH)/g' $@.in > $@ + $(foreach opt_flavor,$(OPT_FLAVORS),$(call dh_install_file_opt_flavor,$@,$(opt_flavor))) + +configure-%: configure-stamp-% +configure-stamp-%: configure + dh_testdir + mkdir -p debian-$* + cd debian-$* && CFLAGS="$(CFLAGS)" CPPFLAGS="$(CPPFLAGS)" LDFLAGS="$(LDFLAGS)" $(CURDIR)/configure \ + $($*_build_confflags) $(extra_$*_build_confflags) + touch $@ +configure-extra-stamp-%: + dh_testdir + mkdir -p debian-extra-$* + cd debian-extra-$* && CFLAGS="$(CFLAGS)" CPPFLAGS="$(CPPFLAGS)" LDFLAGS="$(LDFLAGS)" $(CURDIR)/configure \ + $($*_build_confflags) $(v3_confflags) $(extra_$*_build_confflags) + touch $@ + +build-%: build-stamp-% +build-stamp-%: configure-stamp-% + dh_testdir + $(MAKE) -C debian-$* $(NUMJOBS) V=1 + touch $@ +build-extra-stamp-%: configure-extra-stamp-% + dh_testdir + $(MAKE) -C debian-extra-$* $(NUMJOBS) V=1 + touch $@ + +debian-shared/tools/qt-faststart: build-stamp-shared + $(MAKE) -C debian-shared tools/qt-faststart V=1 + +build: build-stamp build-extra +build-stamp: $(addprefix build-stamp-, $(FLAVORS)) debian-shared/tools/qt-faststart + touch $@ +build-extra: $(addprefix build-extra-stamp-, $(filter-out static,$(FLAVORS))) + touch $@ + +clean: + dh_testdir + rm -f build-stamp build-extra $(addprefix build-stamp-, $(FLAVORS)) \ + $(addprefix build-extra-stamp-, $(FLAVORS)) \ + $(addprefix configure-stamp-, $(FLAVORS)) \ + $(addprefix configure-extra-stamp-, $(FLAVORS)) \ + build-doxy-stamp + rm -rf libav/ # created by the libav-extra variant + rm -rf $(addprefix debian-, $(FLAVORS)) \ + $(addprefix debian-extra-, $(FLAVORS)) doxy + dh_clean $(DH_INSTALL_FILES) $(wildcard formats*.txt) $(wildcard codecs*.txt) + +# The trailing newline is important! +define install_flavor + $(MAKE) -C debian-$(1) install DESTDIR=$(CURDIR)/debian/tmp \ + mandir=$(CURDIR)/debian/tmp/usr/share/man + +endef + +# The trailing newline is important! +define install_flavor_extra + $(MAKE) -C debian-extra-$(1) install DESTDIR=$(CURDIR)/debian/tmp/extra \ + mandir=$(CURDIR)/debian/tmp/usr/share/man + +endef + +# usage $(call call_and_install_avconv_dump,$package,$parameter), paramter like "codecs" or "formats" +define call_and_install_avconv_dump + mkdir -p debian/$(1)/usr/share/doc/$(1) + env LD_LIBRARY_PATH="$(CURDIR)/debian/$(1)/usr/lib/$(DEB_HOST_MULTIARCH):$(CURDIR)/debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH):$(LD_LIBRARY_PATH)" \ + debian/tmp/usr/bin/avconv -$(2) > debian/$(1)/usr/share/doc/$(1)/$(2)-$(DEB_HOST_ARCH).txt + cat debian/$(1)/usr/share/doc/$(1)/$(2)-$(DEB_HOST_ARCH).txt + +endef + +# installs arch-dependent files only +install: build $(DH_INSTALL_FILES) + dh_testdir + dh_testroot + dh_prep -a + $(foreach flavor,$(FLAVORS),$(call install_flavor,$(flavor))) + mkdir -p debian/tmp/etc + install -m 755 -D debian-shared/tools/qt-faststart debian/tmp/usr/bin/qt-faststart + dh_install $(addprefix -N,$(LIB_EXTRA_PKGS)) \ + --fail-missing --sourcedir=debian/tmp + dh_installdocs -a doc/APIchanges + install -m 644 -D debian-shared/doc/*.html doc/t2h.init debian/libav-tools/usr/share/doc/libav-tools + dh_installexamples -a + dh_installchangelogs -a Changelog + $(foreach flavor,$(filter-out static,$(FLAVORS)),$(call install_flavor_extra,$(flavor))) + dh_install $(addprefix -p,$(LIB_EXTRA_PKGS)) --fail-missing \ + --sourcedir=debian/tmp/extra + $(call call_and_install_avconv_dump,libavformat56,formats) + $(call call_and_install_avconv_dump,libavcodec56,codecs) + $(call call_and_install_avconv_dump,libavcodec-extra-56,codecs) + +binary-indep: + dh_testdir + dh_testroot + dh_prep -i + doxygen doc/Doxyfile + mkdir -p debian/libav-doc/usr/share/doc/libav-doc + mv -v doc/doxy/html debian/libav-doc/usr/share/doc/libav-doc + dh_installdocs -i + dh_installchangelogs -i + dh_compress -i + dh_fixperms -i + dh_installdeb -i + dh_gencontrol -i + dh_md5sums -i + dh_builddeb -i -- -Zxz + +binary-arch: build install + dh_testdir + dh_testroot + dh_installman -plibav-tools debian/qt-faststart.1 + dh_strip -a --dbg-package=libav-dbg + dh_lintian -a + dh_link -a + dh_compress -a + dh_fixperms -a + + # operate on non -extra package producing packages + for pkg in $(LIB_PKGS); do \ + dh_makeshlibs -p"$$pkg" -V"$$pkg (>= $(SHLIBS_VERSION))"; \ + done + # operate e.g. the -extra- packages, produce shlibs that have alternative dependencies + for pkg in $(LIB_EXTRA_PKGS); do \ + npkg=$$(echo "$$pkg" | sed -r 's/-extra-//'); \ + dh_makeshlibs -p"$$pkg" -V"$$npkg (>= $(SHLIBS_VERSION)) | $$pkg (>= $(EPOCH)$(UPSTREAM_VERSION))"; \ + done + # operate on packages with -extra- variants such as libavcodec54 - produce shlibs that have alternative dependencies + for pkg in $(LIB_PKGS2); do \ + upkg=$$(echo "$$pkg" | sed -r 's/([0-9]+)$$/-extra-\1/'); \ + dh_makeshlibs -p"$$pkg" -V"$$pkg (>= $(SHLIBS_VERSION)) | $$upkg (>= $(EPOCH)$(UPSTREAM_VERSION))"; \ + done + dh_shlibdeps + dh_installdeb -a + dh_gencontrol -a + dh_md5sums -a + dh_builddeb -a -- -Zxz + +binary: binary-indep binary-arch + +.PHONY: build $(addprefix build-, $(FLAVORS)) \ + clean \ + $(addprefix configure-, $(FLAVORS)) \ + binary binary-indep binary-arch \ + install install-common install-extra \ + get-orig-source diff --git a/source/format b/source/format new file mode 100644 index 0000000..163aaf8 --- /dev/null +++ b/source/format @@ -0,0 +1 @@ +3.0 (quilt) diff --git a/source/include-binaries b/source/include-binaries new file mode 100644 index 0000000..95a390b --- /dev/null +++ b/source/include-binaries @@ -0,0 +1 @@ +debian/upstream-signing-key.pgp diff --git a/source/lintian-overrides b/source/lintian-overrides new file mode 100644 index 0000000..91f4401 --- /dev/null +++ b/source/lintian-overrides @@ -0,0 +1,2 @@ +# ffmpeg-dbg is an empty, transitional package +libav source: dbg-package-missing-depends ffmpeg-dbg diff --git a/upstream-signing-key.pgp b/upstream-signing-key.pgp new file mode 100644 index 0000000..82ee026 Binary files /dev/null and b/upstream-signing-key.pgp differ diff --git a/watch b/watch new file mode 100644 index 0000000..0e3dce5 --- /dev/null +++ b/watch @@ -0,0 +1,3 @@ +version=3 +opts="uversionmangle=s/_/~/i,pgpsigurlmangle=s/$/.asc/" \ +http://libav.org/releases/libav-([\d\.]+)\.tar\.xz