From: Mike Gabriel Date: Mon, 21 Jan 2019 14:30:50 +0000 (+0000) Subject: libav (6:11.12-1~deb8u5) jessie-security; urgency=medium X-Git-Tag: archive/raspbian/6%11.12-1_deb8u5+rpi1^2~46 X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=a54c6e9e6ab32d81bf95624abe7e109ba9d8928e;p=libav.git libav (6:11.12-1~deb8u5) jessie-security; urgency=medium * Non-maintainer upload by the LTS team.. * CVE-2015-1207: avformat/mov: Fix integer overflow in mov_read_udta_string(). * CVE-2017-14169: In mxf_read_primer_pack() function, catch item_num being negative, to avoid bypassing the check for a large value. * CVE-2017-14223: avformat/asfdec: Fix DoS in asf_build_simple_index(). Fix missing EOF check in loop. * CVE-2017-7863: Bail out if trns was found before IHDR or IDAT in PNG data. * CVE-2014-8542: Add case for jv to avcodec_align_dimensions2(). * CVE-2017-7865: Add case for interplay_video to avcodec_align_dimensions2(). [dgit import unpatched libav 6:11.12-1~deb8u5] --- a54c6e9e6ab32d81bf95624abe7e109ba9d8928e diff --cc debian/NEWS index 0000000,0000000..e316ca0 new file mode 100644 --- /dev/null +++ b/debian/NEWS @@@ -1,0 -1,0 +1,15 @@@ ++libav (6:10.2-1) unstable; urgency=high ++ ++ * Disable avserver (Closes: #734335) ++ ++ It turns out that avserver is pretty much unmaintained these days and ++ contains obvious bugs. The next Libav upstream release has it already ++ removed, and further maintenance is currently rather unlikely. With ++ this in mind, the libav package proactively disables the avserver build ++ anticipating its removal upstream. ++ ++ If you are interested in having avserver back and functional, please ++ help upstream with reinstantiating it. ++ ++ -- Reinhard Tartler Fri, 27 Jun 2014 22:11:18 -0400 ++ diff --cc debian/README.Debian index 0000000,0000000..7501b68 new file mode 100644 --- /dev/null +++ b/debian/README.Debian @@@ -1,0 -1,0 +1,36 @@@ ++lintian override shlib-with-non-pic-codeshlib-with-non-pic-code ++================================================================== ++ ++The lintian overrides for the non-pic shared libs error messages is not ++really a matter of silencing lintian. The general idea is that the ++override would serve as an indication that we know about the error ++message and we're avoiding any bug reports or complaints by others about ++the errors. ++ ++We are aware that this override is too strict. It should only cover the ++i386 architecture, as we know that the upstream build system will ++produce PIC libraries where necessary. Only architectures like i386 will ++be built non-PIC, mainly for performance reasons. ++ ++ -- Reinhard Tartler , Sat, 28 Jun 2014 09:38:52 -0400 ++ ++Source package ++============== ++ ++Libav represents the successor of the former ffmpeg source package. It ++provides all libraries and provides an upgrade path for existing ++application packages. ++ ++ -- Reinhard Tartler Sat, 19 Mar 2011 08:13:46 +0100 ++ ++License of the Debian ffmpeg packages ++===================================== ++ ++The license for the whole work is the GPL, not the LGPL, because ++GPL-only parts of ffmpeg were activated -- namely libswscale, x11grab ++and other GPL licensed libraries. If you need LGPL versions of the ++libraries, please comment out the appropriate line in debian/confflags. ++ ++Because libavcodec-extra-* links against libraries that are licensed ++under Apache License 2.0, the resulting binaries are distributed under ++the GPL version 3 or later. diff --cc debian/README.source index 0000000,0000000..ba94624 new file mode 100644 --- /dev/null +++ b/debian/README.source @@@ -1,0 -1,0 +1,26 @@@ ++Circular Build-Depends and bootstrapping libav on new architectures ++=================================================================== ++ ++libav is involved in several circular build-dependencies that give porters a ++hard time (c.f. #671302) at bootstrapping, e.g.: ++ ++ libav -> frei0r -> opencv -> libav ++ libav -> opencv -> libav ++ libav -> x264 -> libav ++ libav -> x264 -> gpac -> libav ++ ++However, please note that all these libraries are strictly optional to libav ++and are only enabled at build time if available. For bootstrapping purposes ++it is thus perfectly sufficient to remove all *-dev packages from the ++Build-Depends field in debian/control and generate packages with a reduced ++feature set that are still usable to build other packages. ++ ++Using the nomenclature of the EmdebianSprint2011 [0,1] one would write e.g.: ++ ++ Build-Depends-Bootstrap1: ++ debhelper (>= 9) ++ ++[0] http://wiki.debian.org/DebianBootstrap/EmdebianSprint2011 ++[1] http://lists.debian.org/debian-devel-announce/2011/03/msg00000.html ++ ++ -- Fabian Greffrath Tue, 19 Jun 2012 16:06:05 +0200 diff --cc debian/changelog index 0000000,0000000..a307ff8 new file mode 100644 --- /dev/null +++ b/debian/changelog @@@ -1,0 -1,0 +1,3143 @@@ ++libav (6:11.12-1~deb8u5) jessie-security; urgency=medium ++ ++ * Non-maintainer upload by the LTS team.. ++ * CVE-2015-1207: avformat/mov: Fix integer overflow in ++ mov_read_udta_string(). ++ * CVE-2017-14169: In mxf_read_primer_pack() function, catch item_num ++ being negative, to avoid bypassing the check for a large value. ++ * CVE-2017-14223: avformat/asfdec: Fix DoS in asf_build_simple_index(). ++ Fix missing EOF check in loop. ++ * CVE-2017-7863: Bail out if trns was found before IHDR or IDAT in PNG data. ++ * CVE-2014-8542: Add case for jv to avcodec_align_dimensions2(). ++ * CVE-2017-7865: Add case for interplay_video to avcodec_align_dimensions2(). ++ ++ -- Mike Gabriel Mon, 21 Jan 2019 15:30:50 +0100 ++ ++libav (6:11.12-1~deb8u4) jessie-security; urgency=high ++ ++ * Non-maintainer upload by the LTS team. ++ * Fix the following security vulnerabilities: ++ * CVE-2017-14055: a DoS in mv_read_header() due to lack of an EOF (End of ++ File) check might cause huge CPU and memory consumption. ++ * CVE-2017-14056: a DoS in rl2_read_header() due to lack of an EOF (End of ++ File) check might cause huge CPU and memory consumption. ++ * CVE-2017-14057: a DoS in asf_read_marker() due to lack of an EOF (End of ++ File) check might cause huge CPU and memory consumption. ++ * CVE-2017-14170: a DoS in mxf_read_index_entry_array() due to lack of an EOF ++ (End of File) check might cause huge CPU consumption. ++ * CVE-2017-14171: a DoS in nsv_parse_NSVf_header() due to lack of an EOF (End ++ of File) check might cause huge CPU consumption. ++ * CVE-2017-14767: The sdp_parse_fmtp_config_h264 function in ++ libavformat/rtpdec_h264.c mishandles empty sprop-parameter-sets values, which ++ allows remote attackers to cause a denial of service (heap buffer overflow) ++ or possibly have unspecified other impact via a crafted sdp file. ++ * CVE-2017-15672: The read_header function in libavcodec/ffv1dec.c allows ++ remote attackers to have unspecified impact via a crafted MP4 file, which ++ triggers an out-of-bounds read. ++ * CVE-2017-17130: The ff_free_picture_tables function in ++ libavcodec/mpegpicture.c allows remote attackers to cause a denial of service ++ (heap-based buffer overflow and application crash) or possibly have ++ unspecified other impact via a crafted file, related to ++ vc1_decode_i_blocks_adv. ++ * CVE-2017-9993: Libav does not properly restrict HTTP Live Streaming ++ filename extensions and demuxer names, which allows attackers to read ++ arbitrary files via crafted playlist data. ++ * CVE-2017-9994: libavcodec/webp.c in Libav before does not ensure that ++ pix_fmt is set, which allows remote attackers to cause a denial of service ++ (heap-based buffer overflow and application crash) or possibly have ++ unspecified other impact via a crafted file, related to the ++ vp8_decode_mb_row_no_filter and pred8x8_128_dc_8_c functions. ++ * CVE-2018-14394: libavformat/movenc.c in Libav allows attackers to cause a ++ denial of service (application crash caused by a divide-by-zero error) with a ++ user crafted Waveform audio file. ++ * CVE-2018-1999010: Libav contains multiple out of array access ++ vulnerabilities in the mms protocol that can result in attackers accessing ++ out of bound data. ++ * CVE-2018-6621: The decode_frame function in libavcodec/utvideodec.c in ++ Libav allows remote attackers to cause a denial of service (out of array ++ read) via a crafted AVI file. ++ * CVE-2018-7557: The decode_init function in libavcodec/utvideodec.c in ++ Libav allows remote attackers to cause a denial of service (Out of array ++ read) via an AVI file with crafted dimensions within chroma subsampling ++ data. ++ ++ -- Markus Koschany Mon, 07 Jan 2019 19:45:12 +0100 ++ ++libav (6:11.12-1~deb8u3) jessie-security; urgency=medium ++ ++ * Non-maintainer upload by the Debian LTS Team. ++ * debian/patches: ++ + Rename CVE-2015-6822+6823+6824.patch to CVE-2015-6822.patch.. ++ * CVE-2015-6823: avcodec/alac: Clear pointers in allocate_buffers(). ++ * CVE-2015-6824: swscale/utils: Clear pix buffers. Fixes use of ++ uninitialized memory. ++ ++ -- Mike Gabriel Thu, 20 Dec 2018 22:56:40 +0100 ++ ++libav (6:11.12-1~deb8u2) jessie-security; urgency=medium ++ ++ * Non-maintainer upload by the Debian LTS Team. ++ * CVE-2014-9317: avcodec/pngdec: Check IHDR/IDAT order. Prevent remote ++ attackers from causing a denial of service (out-of-bounds heap access) ++ and possibly have other unspecified impact via an IDAT before an IHDR ++ in a PNG file. ++ * CVE-2015-6761: avcodec/vp8: Do not use num_coeff_partitions in ++ thread/buffer setup. The variable is not a constant and can lead to ++ race conditions. ++ * CVE-2015-6818: avcodec/pngdec: Only allow one IHDR chunk. Multiple IHDR ++ chunks are forbidden in PNG. Fixes inconsistency and out of array accesses. ++ * CVE-2015-6820: avcodec/aacsbr: check that the element type matches before ++ applying SBR. Fixes out of array access. ++ * CVE-2015-6821: avcodec/mpegvideo: Clear pointers in ff_mpv_common_init(). ++ This ensures that no stale pointers leak through on any path. ++ * CVE-2015-6822, CVE-2015-6823, CVE-2015-6824: avcodec/sanm: Reset sizes in ++ destroy_buffers(). ++ * CVE-2015-6825: avcodec/pthread_frame: clear priv_data, avoid stale pointer ++ in error case. ++ * CVE-2015-6826: avcodec/rv34: Clear pointers in ++ ff_rv34_decode_init_thread_copy(). Avoids leaving stale pointers. ++ * CVE-2015-8216: avcodec/mjpegdec: Check index in ljpeg_decode_yuv_scan() ++ before using it. Fixes out of array access. ++ * CVE-2015-8217: avcodec/hevc_ps: Check chroma_format_idc. Fixes out of ++ array access. ++ * CVE-2015-8363: avcodec/jpeg2000dec: Check for duplicate SIZ marker. ++ * CVE-2015-8364: avcodec/ivi: Check image dimensions. Fixes integer overflow. ++ * CVE-2015-8661: avcodec/h264_slice: Limit max_contexts when ++ slice_context_count is initialized. Fixes out of array access. ++ * CVE-2015-8662: avcodec/jpeg2000dwt: Check ndeclevels before calling ++ dwt_decode*(). Fixes out of array access. ++ * CVE-2015-8663: avcodec/utils: Clear dimensions in ff_get_buffer() on ++ failure. Fixes out of array access. ++ * CVE-2016-10190: http: make length/offset-related variables unsigned. ++ Required cherry-picking 3668701f and 362c17e6 from ffmpeg.git. ++ * CVE-2016-10191: avformat/rtmppkt: Check for packet size mismatches. ++ Fixes out of array access. ++ ++ -- Mike Gabriel Wed, 19 Dec 2018 14:31:49 +0100 ++ ++libav (6:11.12-1~deb8u1) jessie-security; urgency=medium ++ ++ * New upstream release. ++ - smacker: add sanity check for length in smacker_decode_tree() ++ (CVE-2017-16803) ++ ++ -- Sebastian Ramacher Sun, 18 Feb 2018 21:20:56 +0100 ++ ++libav (6:11.11-1~deb8u1) jessie-security; urgency=medium ++ ++ * Non-maintainer upload by the Security Team. ++ * New upstream release fixing multiple security issues. ++ - dfa: Disallow odd width/height and add proper bounds check for DDS1 chunks ++ (CVE-2017-9992) ++ - pictor: Correctly check frame dimensions (CVE-2017-7862) ++ - h264_cavlc: check the value of run_before ++ - dvbsubdec: improve error checking ++ - dvbsubdec: Fixed segfault when decoding subtitles ++ - rmdec: don't ignore the return value of av_get_packet() ++ - caf: add an Opus tag ++ - yadif: Account for the buffer alignment while processing the frame edges ++ - mov: log and return early on non-positive stsd entry counts ++ - arm: Fix SIGBUS on ARM when compiled with binutils 2.29 ++ - smacker: return meaningful error codes on failure ++ - smacker: fix integer overflow with pts_inc ++ - mm: Skip unexpected audio packets ++ - aacsbr: Turnoff in the event of over read. ++ - smacker: Check that the data size is a multiple of a sample vector ++ (CVE-2015-8365) ++ - build: Add an option for passing linker flags to the shared library build ++ - flv: Validate the packet size ++ - mjpeg: Report non-3 component rgb lossless as not supported ++ - vc1dec: raise an error if sprite picture data is missing ++ - doc: Drop the legacy symlink to README ++ ++ -- Hugo Lefeuvre Sat, 21 Oct 2017 15:08:38 +0200 ++ ++libav (6:11.9-1~deb8u1) jessie-security; urgency=medium ++ ++ * New upstream release. ++ - mpegvideo_parser: avoid signed overflow in bitrate calculation. ++ (CVE-2016-9821) ++ - mpeg12dec: avoid signed overflow in bitrate calculation. (CVE-2016-9822) ++ * debian/patches/mpegvideo_motion-Handle-edge-emulation-even-without-.patch: ++ Removed, included upstream. ++ ++ -- Sebastian Ramacher Sun, 23 Apr 2017 18:36:31 +0200 ++ ++libav (6:11.8-1~deb8u1) jessie-security; urgency=medium ++ ++ * New upstream release. ++ * debian/upstream-signing-key.pgp: Update upstream signing key. ++ * debian/patches/mpegvideo_motion-Handle-edge-emulation-even-without-.patch: ++ Fix NULL pointer dereference in put_no_rnd_pixels8_xy2_mmx. (CVE-2016-7424) ++ ++ -- Sebastian Ramacher Sat, 24 Sep 2016 15:23:39 +0200 ++ ++libav (6:11.7-1~deb8u1) jessie-security; urgency=medium ++ ++ * New upstream release fixing a security issue. ++ - mov: Check the entries value when parsing dref boxes (CVE-2016-3062) ++ * debian/patches/CVE-2016-2326.patch: Removed, included upstream. ++ ++ -- Sebastian Ramacher Sun, 12 Jun 2016 11:36:21 +0200 ++ ++libav (6:11.6-1~deb8u1) jessie-security; urgency=medium ++ ++ * New upstream release fixing multiple security issues. ++ - concat: disable by default (CVE-2016-1897, CVE-2016-1898) ++ - aac_parser: add required padding for GetBitContext buffer ++ - ac3_parser: add required padding for GetBitContext buffer ++ - imc: add required padding for GetBitContext buffer ++ - h263: Always check both dimensions ++ - opusdec: properly handle mismatching configurations in multichannel ++ streams ++ - mov: Correctly allocate ctts_data ++ - aac: Wait to know the channels before allocating frame ++ - rtpdec_asf: Check memory allocation and free memory on error ++ - jack: Check memory allocation ++ - mov: Check memory allocation ++ - mkv: Correctly report the latest packet had been flushed ++ - aic: Fix slice size computation for widths multiples of 32 macroblocks ++ - webp: Make sure enough bytes are available ++ - g726: Do not crash on user mistake ++ - bytestream2: set the reader to the end when reading more than available ++ - vp7: bound checking in vp7_decode_frame_header ++ - mux: Make sure that the data is actually written ++ - file: properly forward errors from file_read() and file_write() ++ - mmvideo: Make sure the rle does not write over the frame boundaries ++ - opus: Buffer the samples from the correct offset ++ - nut: Use the correct codec_tag when multiple are available ++ - truemotion2: Fix the buffer check ++ - mimic: Always return on failure ++ - msnwc_tcp: Correctly report failure ++ - rpza: Check the blocks left before processing one ++ - dvdsubdec: Validate the RLE offsets ++ - avi: Validate the stream-id for DV as well ++ - mov: Use the correct type for size ++ * debian/confflags: Force --disable-protocol=concat. ++ * debian/patches/CVE-2016-2326.patch: avformat/asfenc: Check pts. ++ (CVE-2016-2326) ++ ++ -- Sebastian Ramacher Wed, 02 Mar 2016 23:13:43 +0100 ++ ++libav (6:11.4-1~deb8u1) jessie-security; urgency=high ++ ++ [ Sebastian Ramacher ] ++ * New upstream release fixing multiple security issues. ++ - h264: Make sure reinit failures mark the context as not initialized ++ (CVE-2015-3417) ++ - msrle: Use FFABS to determine the frame size in msrle_decode_pal4 ++ (CVE-2015-3395) ++ - cavs: Remove an unneeded scratch buffer ++ - configure: Disable i686 for i586 and lower CPUs (debian/783082) ++ - mjpegenc: Fix JFIF header byte ordering (bug/808) ++ - nut: Make sure to clean up on read_header failure ++ - png: Set the color range as full range ++ - avi: Validate sample_size ++ - nut: Check chapter creation in decode_info_header ++ - alac: Reject rice_limit 0 if compression is used ++ - ape: Support _0000 files with nblock smaller than 64 ++ - mux: Do not leave stale side data pointers in ff_interleave_add_packet() ++ - avresample: Reallocate the internal buffer to the correct size (bug/825) ++ - mpegts: Update the PSI/SI table only if the version change ++ - rtsp: Make sure we don't write too many transport entries into a ++ fixed-size array ++ - rtpenc_jpeg: Handle case of picture dimensions not dividing by 8 ++ - mov: Fix little endian audio detection ++ - x86: Put COPY3_IF_LT under HAVE_6REGS (gentoo/541930) ++ - roqvideoenc: set enc->avctx in roq_encode_init ++ - mp3: Properly use AVCodecContext API ++ - libvpx: Fix mixed use of av_malloc() and av_reallocp() ++ - Revert "lavfi: always check av_expr_parse_and_eval() return value" ++ - alsdec: only adapt order for positive max_order ++ - alsdec: check sample pointer range in revert_channel_correlation ++ - aacpsy: correct calculation of minath in psy_3gpp_init ++ - alsdec: limit avctx->bits_per_raw_sample to 32 ++ - aasc: return correct buffer size from aasc_decode_frame ++ - matroskadec: fix crash when parsing invalid mkv ++ - avconv: do not overwrite the stream codec context for streamcopy ++ - webp: ensure that each transform is only used once ++ - h264_ps: properly check cropping parameters against overflow ++ - hevc: zero the correct variables on invalid crop parameters ++ - hevc: make the crop sizes unsigned ++ ++ [ Reinhard Tartler] ++ * drop 01-configure-disable-i686-for-i586 ++ ++ -- Sebastian Ramacher Mon, 01 Jun 2015 11:12:42 +0200 ++ ++libav (6:11.3-1+deb8u1) jessie; urgency=medium ++ ++ * Fix use of illegal instruction on i586. (Closes: #783082) ++ - debian/confflags: Pass correct value to --cpu. Thanks to Bernhard ++ Übelacker for the patch. ++ - debian/patches: ++ + 01-configure-disable-i686-for-i586.patch: Upstream patch to disable ++ i686 instructions on i586. ++ + 02-configure-disable-ebx-gcc-4.9.patch: Workaround build failure with ++ gcc 4.9 and newer by disabling the use of ebx in handwritten assembler ++ code. Thanks to Bernhard Übelacker for the initial patch. ++ ++ -- Sebastian Ramacher Tue, 05 May 2015 21:59:47 +0200 ++ ++libav (6:11.3-1) unstable; urgency=medium ++ ++ * New upstream release fixing multiple security issues. ++ - utvideodec: Handle slice_height being zero (CVE-2014-9604) ++ - adxdec: set avctx->channels in adx_read_header ++ - rmenc: limit packet size ++ - webp: validate the distance prefix code ++ - rv10: check size of s->mb_width * s->mb_height ++ - eamad: check for out of bounds read (CID/1257500) ++ - mdec: check for out of bounds read (CID/1257501) ++ - configure: Properly fail when libcdio/cdparanoia is not found ++ - tiff: Check that there is no aliasing in pixel format selection (CVE-2014-8544) ++ - aic: Fix decoding files with odd dimensions ++ - vorbis: Check the vlc value in setup_classifs ++ - arm: Suppress tags about used cpu arch and extensions ++ - prores: Extend the padding check to 16bit ++ - icecast: Do not use chunked post, allows feeding to icecast properly ++ - img2dec: correctly use the parsed value from -start_number ++ - h264_cabac: Break infinite loops ++ - hevc_deblock: Fix compilation with nasm (libav #795) ++ - h264: initialize H264Context.avctx in init_thread_copy ++ - h264: Do not share rbsp_buffer across threads ++ - h264: only ref cur_pic in update_thread_context if it is initialized ++ - matroskadec: Fix read-after-free in matroska_read_seek() (chromium #427266) ++ - log: Unbreak no-tty support on 256color terminals ++ ++ -- Sebastian Ramacher Fri, 13 Mar 2015 23:27:25 +0100 ++ ++libav (6:11.2-1) unstable; urgency=medium ++ ++ * New upstream release fixing multiple security issues. (Closes: #773626) ++ - h264: restore a block mistakenly removed in e10fd08a ++ - on2avc: check number of channels (CVE-2014-8549) ++ - smc: fix the bounds check (CVE-2014-8548) ++ - gifdec: refactor interleave end handling (CVE-2014-8547) ++ - mmvideo: check frame dimensions (CVE-2014-8543) ++ - jvdec: check frame dimensions (CVE-2014-8542) ++ - mjpegdec: check for pixel format changes (CVE-2014-8541) ++ - mov: avoid a memleak when multiple stss boxes are present ++ - vc1: Do not assume seek happens after decoding ++ - avconv: Use the mpeg12 private option scan_offset (Closes: #773055) ++ - xsub: Support DXSA subtitles ++ - mp3dec: fix reading the Xing tag ++ - matroskaenc: write correct Display{Width, Height} in stereo encoding ++ - configure: Fix enabling memalign_hack automatically ++ - mp3enc: fix a triggerable assert ++ - latm: Do not give a score for a single instance ++ - mp3: Tweak the probe scores ++ - matroskaenc: write correct Display{Width, Height} in stereo encoding ++ - coverity: Fix most of the reported warnings and issues ++ * debian/control: Add myself to Uploaders. ++ ++ -- Sebastian Ramacher Sat, 17 Jan 2015 20:56:19 +0100 ++ ++libav (6:11.1-1) unstable; urgency=medium ++ ++ * Team upload. ++ * Upload to unstable. ++ ++ -- Sebastian Ramacher Tue, 30 Dec 2014 17:08:42 +0100 ++ ++libav (6:11.1-1~exp1) experimental; urgency=medium ++ ++ [ upstream ] ++ * New release. ++ + Replace lena.pnm. ++ Closes: bug#771126. ++ + Treat all '*.pnm' files as non-text file. ++ + opusdec: Ensure all substreams have same number of coded samples. ++ + lavu: Fix memory leaks by using a mutex instead of atomics. ++ + lavu: Add wrappers for the pthreads mutex API. ++ + mp3enc: Fix a triggerable assert. ++ + resample: Avoid off-by-1 errors in PTS calcs. ++ + imc: Fix order of operations in coefficients read. ++ + hevc_mvs: Ensure to always initialize the temporal MV fully. ++ + hevc_mvs: Initialize the temporal MV in case of missing ref. ++ + h264: Reset ret to avoid propagating minor failures. ++ + hevc: Initialize mergecand_list to 0. ++ + mpeg12: Always invoke the get_format() callback. ++ + h264: Always invoke the get_format() callback. ++ + Update default FATE URL for release/11. ++ + apetag: Fix APE tag size check. ++ ++ [ Jonas Smedegaard ] ++ * Drop patches now included upstream. ++ ++ -- Jonas Smedegaard Tue, 02 Dec 2014 16:37:04 +0100 ++ ++libav (6:11-2) unstable; urgency=medium ++ ++ * add patches post v11 release, all of which will be included in the ++ next point release: ++ - 0001-apetag-Fix-APE-tag-size-check.patch ++ - 0002-Update-default-FATE-URL-for-release-11.patch ++ - 0003-h264-Always-invoke-the-get_format-callback.patch ++ - 0004-mpeg12-Always-invoke-the-get_format-callback.patch ++ - 0005-hevc-Initialize-mergecand_list-to-0.patch ++ - 0006-h264-reset-ret-to-avoid-propagating-minor-failures.patch ++ - 0007-hevc_mvs-initialize-the-temporal-MV-in-case-of-missi.patch ++ - 0008-hevc_mvs-make-sure-to-always-initialize-the-temporal.patch ++ - 0009-imc-fix-order-of-operations-in-coefficients-read.patch ++ - 0010-resample-Avoid-off-by-1-errors-in-PTS-calcs.patch ++ ++ -- Reinhard Tartler Sun, 19 Oct 2014 16:18:48 -0400 ++ ++libav (6:11-1) unstable; urgency=low ++ ++ * Upload final 11 release ++ - matroskadec: parse stereo mode on decoding (Closes: #757185) ++ ++ -- Reinhard Tartler Sat, 13 Sep 2014 15:36:38 -0400 ++ ++libav (6:11~beta1-3) unstable; urgency=low ++ ++ * Add post-release upstream patches ++ * Remove unapplied patches ++ * Remove /etc/avserver.conf (Closes: #760763) ++ ++ -- Reinhard Tartler Sat, 13 Sep 2014 07:58:42 -0400 ++ ++libav (6:11~beta1-2) unstable; urgency=medium ++ ++ [ Reinhard Tartler ] ++ * Make libavcodec-dev depend on libavresample-dev ++ ++ [ Rico Tzschichholz ] ++ * Some fixes and leftovers from soname bumps ++ ++ -- Reinhard Tartler Sat, 30 Aug 2014 11:02:45 -0400 ++ ++libav (6:11~beta1-1) experimental; urgency=low ++ ++ * New upstream Release v11~alpha2 ++ * build against libgnutls28-dev (Closes: #758447) ++ * Bump shlibs ++ ++ -- Reinhard Tartler Sun, 17 Aug 2014 22:33:40 -0400 ++ ++libav (6:11~alpha2-1) experimental; urgency=low ++ ++ * New upstream Release v11~alpha2 ++ - ffv1dec: check global parameters (CVE-2013-7020) ++ - mpegts: Check writing a PMTs (CVE-2014-2263) ++ - avcodec: Postpone FF_IDCT_XVIDMMX removal until the next version ++ bump (fixes gst-libav FTBFS) ++ * Bump shlibs ++ * Add helper scripts for doing mass rebuilds ++ ++ -- Reinhard Tartler Wed, 13 Aug 2014 22:11:14 -0400 ++ ++libav (6:11~alpha1-1) experimental; urgency=low ++ ++ * New upstream Release v11~alpha1 ++ - Fixes Unchecked conversion from double to enum (Closes: #749164) ++ * Add some post v11_alpha1 patches from upstream ++ * All SONAMEs bumped because of internal changes, but external API is ++ promised to have not changed ++ ++ -- Reinhard Tartler Sun, 10 Aug 2014 09:45:02 -0400 ++ ++libav (6:10.4-1) unstable; urgency=medium ++ ++ * New Upstream Release v10.3 ++ - mpegts: Do not try to write a PMT larger than SECTION_SIZE ++ (CVE-2014-2263) ++ - mpegts: Define the section length with a constant ++ - ffv1dec: check that global parameters do not change in version 0/1 ++ (CVE-2013-7020) ++ - h264: fix interpretation of interleaved stereo modes ++ - svq1: do not modify the input packet ++ - cdgraphics: do not return 0 from the decode function ++ - cdgraphics: switch to bytestream2 (CVE-2013-3674) ++ - jpeg2000: enable 4 component pixel formats ++ - stereo3d: add missing include guards ++ - huffyuvdec: check width size for yuv422p (CVE-2013-0848) ++ - mmvideo: check horizontal coordinate too (CVE-2013-3672) ++ - wmalosslessdec: fix mclms_coeffs* array size (CVE-2014-2098) ++ * build against libgnutls28-dev (Closes: #758447) ++ ++ -- Reinhard Tartler Sun, 17 Aug 2014 21:55:47 -0400 ++ ++libav (6:10.3-1) unstable; urgency=medium ++ ++ * New Upstream Release v10.3 ++ - huffyuv: Check and propagate function return values (CVE-2013-0868) ++ - h264: prevent theoretical infinite loop in SEI parsing (CVE-2011-3946) ++ - pgssubdec: Check RLE size before copying (CVE-2013-0852) ++ - video4linux2: Avoid a floating point exception ++ - vf_select: Drop a debug av_log with an unchecked double to enum conversion ++ - librtmp: Don't free the temp url at the end of rtmp_open ++ - arm: Avoid using the 'setend' instruction on ARMv7 and newer ++ - avplay: Handle pixel aspect ratio properly ++ - eamad: use the bytestream2 API instead of AV_RL (CVE-2013-0851) ++ - pg2meet: allow size changes within original sizes ++ - af_compand: make sure request_frame always outputs at least one frame ++ ++ -- Reinhard Tartler Sun, 03 Aug 2014 22:30:41 -0400 ++ ++libav (6:10.2-2) unstable; urgency=low ++ ++ [ Reinhard Tartler ] ++ * Fixed typo in debian/NEWS (Closes: #753453) ++ ++ [ Stefan Lippers-Hollmann ] ++ * libavcodec-extra: declare as Section: metapackages (Closes: #747921) ++ ++ -- Reinhard Tartler Sun, 20 Jul 2014 14:57:15 -0400 ++ ++libav (6:10.2-1) unstable; urgency=high ++ ++ * Bumping severity for critical LZO security issue. ++ * New Upstream Release v10.2 ++ - aarch64: Use the correct syntax for relocations (Closes: #751856, ++ - LP: #1323144) ++ - ppc: Fix compilation for ppc64le (ELFv2) (LP: #1263802) ++ - avconv: make -shortest work with streamcopy ++ - lzo: Handle integer overflow (Reported by Don A. Bailey) ++ - Check if an mp3 header is using a reserved sample rate. ++ - Check mp3 header before calling avpriv_mpegaudio_decode_header(). ++ - jpeg2000: fix dereferencing invalid pointers during cleanup ++ - avpacket: fix copying side data in av_packet_copy_props() ++ - oggenc: Set the right AVOption size for the pref_duration option ++ - adpcm: Avoid reading out of bounds in the IMA QT trellis encoder ++ - adpcm: Write the proper predictor in trellis mode in IMA QT ++ * No longer build avserver (Closes: #734335) ++ * Clarify licensing in debian/copyright (Closes: #698019) ++ ++ -- Reinhard Tartler Fri, 27 Jun 2014 22:23:32 -0400 ++ ++libav (6:10.1-1) unstable; urgency=low ++ ++ * New upstream release 10: ++ - pcm-dvd: Fix 20bit decoding (bug/592) ++ - avi: Improve non-interleaved detection (bug/666) ++ - arm: hpeldsp: fix put_pixels8_y2_{,no_rnd_}armv6 ++ - arm: hpeldsp: prevent overreads in armv6 asm (bug/646) ++ - avfilter: Add missing emms_c when needed ++ - rtmpproto: Check the buffer sizes when copying app/playpath strings ++ - swscale: Fix an undefined behaviour ++ - vp9: Read the frame size as unsigned ++ - dcadec: Use correct channel count in stereo downmix check ++ - dcadec: Do not decode the XCh extension when downmixing to stereo ++ - matroska: add the Opus mapping ++ - matroskadec: read the CodecDelay element ++ - rtmpproto: Make sure to pass on the error code if read_connect failed ++ - lavr: allocate the resampling buffer with a positive size ++ - mp3enc: Properly write bitrate value in XING header (Closes: #736088) ++ - golomb: Fix the implementation of get_se_golomb_long ++ * Drop debian/libav-tools.maintscript. ffserver is no longer found in ++ stable, and this seems to cause other problems today (Closes: #742676) ++ ++ -- Reinhard Tartler Sun, 11 May 2014 12:28:45 -0400 ++ ++libav (6:10-2) experimental; urgency=low ++ ++ * Recompile against libx264-142 and librtmp1 ++ * Bump standards version, no changes needed ++ * Drop Andres Meija from uploaders. Thanks Andres for your contributions ++ to the libav package! (Closes: #743526). ++ ++ -- Reinhard Tartler Sat, 12 Apr 2014 08:44:31 -0400 ++ ++libav (6:10-1) experimental; urgency=low ++ ++ * New upstream release 10. Full changelog avaialble at: ++ http://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v10 ++ ++ -- Reinhard Tartler Sun, 23 Mar 2014 14:23:55 -0400 ++ ++libav (6:10~beta2-2) experimental; urgency=low ++ ++ * Drop unnecessary packages: libavformat-extra-, libavutil-extra, ++ libavfilter-extra and libavdevice-extra. ++ * Incorporate post-beta2 patches, including the icy header detection ++ patches (Closes: #740421) ++ * Add a note about 'ffmpeg' in libav-tools's package description ++ (Closes: #729469) ++ ++ -- Reinhard Tartler Sat, 15 Mar 2014 14:46:20 +0000 ++ ++libav (6:10~beta2-1) experimental; urgency=low ++ ++ * New Upstream release 10_beta2. This upstream git snapshot has too many ++ changes to list here, cf. to the upstream Changelog: ++ http://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v10_beta2 ++ ++ -- Reinhard Tartler Sat, 15 Mar 2014 00:34:08 +0000 ++ ++libav (6:10~beta1-2) experimental; urgency=low ++ ++ * New Upstream release 10_beta1. This upstream git snapshot has too many ++ changes to list here, cf. to the upstream Changelog: ++ http://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v10_beta1 ++ - works with H.264 that has different bit depth between chroma and luma, ++ Closes: #738599 ++ * Bump shlibs ++ ++ -- Reinhard Tartler Mon, 17 Feb 2014 22:07:03 +0000 ++ ++libav (6:10~alpha2-1) experimental; urgency=low ++ ++ * New Upstream release 10_alpha2. This upstream git snapshot has too many ++ changes to list here, cf. to the upstream Changelog: ++ http://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v10_alpha2 ++ ++ -- Reinhard Tartler Sat, 18 Jan 2014 15:46:55 +0000 ++ ++libav (6:10~alpha1-1) experimental; urgency=low ++ ++ * New Upstream release 10_alpha1. This upstream git snapshot has too many ++ changes to list here, cf. to the upstream Changelog: ++ http://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v10_alpha1 ++ - Opus in Ogg demuxing Closes: #733884, #720563, LP: #1265196 ++ - avprobe output is now standard INI or JSON. Closes: #715467 ++ - Properly working defaults in libx264 wrapper, Closes: #687048 ++ - avconv -t option can now be used for inputs, to limit the duration of ++ data read from an input file, Closes: #722003 ++ ++ -- Reinhard Tartler Wed, 18 Dec 2013 15:16:03 +0000 ++ ++libav (6:9.13-1) unstable; urgency=medium ++ ++ * New upstream release 9.13: ++ - swscale: Fix an undefined behaviour ++ - matroska: add the Opus mapping ++ - mp3enc: Properly write bitrate value in XING header (Closes: #736088) ++ - origin/pu/9 oggdec: add support for Opus in Ogg demuxing ++ (Fixes: libav/603, Closes: #720563) ++ - apedec: do not buffer decoded samples over AVPackets (Closes: #744901) ++ - isom: lpcm in mov default to big endian ++ - movdec: handle 0x7fff langcode as macintosh per the specs ++ - h264: reset next_output_pic earlier in start_frame() ++ (Fixes: libav/672, Closes: #741240, LP: #1288206) ++ - rtmpproto: Make sure to pass on the error code if read_connect failed ++ - lavr: allocate the resampling buffer with a positive size ++ - tiffdec: use bytestream2 to simplify overread/overwrite protection ++ - resample: fix avresample_get_delay() return value ++ - avi: Improve non-interleaved detection (Fixes: libav/666) ++ - af_channelmap: fix ONE_STR mapping mode ++ - movenc: allow override of "writing application" tag ++ - matroskaenc: allow override of "writing application" tag ++ - avfilter: Add missing emms_c when needed ++ - build: Use pkg-config for openjpeg (Fixes: libav/387) ++ - mpeg12: check scantable indices in all decode_block functions ++ - sgidec: fix buffer size check in expand_rle_row() ++ - adx: check that the offset is not negative ++ - mpegvideo: set reference/pict_type on generated reference frames ++ - h264: Fix various crashes found in samples pointed by Mateusz ++ "j00ru" Jurczyk and Gynvael Coldwind - Thanks! ++ * Rebuild is reported to fix vaapi, Closes: #745655 ++ * Fix invocation of dpkg-maintscript helper, LP: #1315672 ++ * cleanup leftovers of the former libav-source package ++ * Simplify listing packages with dh_listpackage ++ * Drop transitional arch:all -extra- packages ++ * Bump standards version to 3.9.5, no changes needed ++ ++ -- Reinhard Tartler Sun, 04 May 2014 16:11:03 -0400 ++ ++libav (6:9.11-4) unstable; urgency=medium ++ ++ * Imported Upstream version 9.11 ++ - bumped severity because of many security relevant changes ++ - update freetype header detection ++ ++ -- Reinhard Tartler Sat, 15 Mar 2014 02:05:34 +0000 ++ ++libav (6:9.11-3) unstable; urgency=low ++ ++ * Add upstream patch to enable PIC on s390(x), Closes: #726733 ++ ++ -- Reinhard Tartler Wed, 05 Mar 2014 02:49:52 +0000 ++ ++libav (6:9.11-2) unstable; urgency=low ++ ++ * Avoid the use of pipes to not cover segfaulting libavcodecs (cf. #726733) ++ * refactor call_and_install_avconv_dump functionality ++ * Rebuild against libfreetype 2.5.1 (closes: #731307) ++ * i386 shared builds must be optimized for 586, (closes: 728928, #688384) ++ ++ -- Reinhard Tartler Sat, 22 Feb 2014 14:34:54 +0000 ++ ++libav (6:9.11-1) unstable; urgency=low ++ ++ * Imported Upstream version 9.11 ++ - drop patch mathematics-remove-asserts-from-av_rescale_rnd.patch, ++ merged upstream ++ - mathematics: remove asserts from av_rescale_rnd, (Closes: #718805) ++ * Support Opus in Ogg containers (Closes: #733884, 720563) ++ * Refactor conffile moving ++ * No longer build-depend on libtiff4-dev. Closes: #736020 ++ * Disable opencv filter because of #737584 ++ * Check upstream OpenPGP signatures (Closes: #723692) ++ ++ -- Reinhard Tartler Wed, 05 Feb 2014 00:24:42 +0000 ++ ++libav (6:9.10-3) unstable; urgency=low ++ ++ * Add upstream patch: mathematics: remove asserts from av_rescale_rnd ++ Closes: #718805 ++ * Remove the makeinfo patch, it just disables generation of the html ++ equivalents of the manpages ++ * No longer build-depend on libtiff4-dev. Closes: #736020 ++ ++ -- Reinhard Tartler Wed, 22 Jan 2014 08:13:40 -0500 ++ ++libav (6:9.10-2) unstable; urgency=low ++ ++ [ Fabian Greffrath ] ++ * Fix upstream changelog link in previous changelog entry. ++ * Transition from the "texi2html" utility to the "makeinfo" utility from the ++ texinfo package, fixes build-depends-on-obsolete-package lintian error and ++ addresses . ++ * debhelper (>= 9) is now available in stable and old-bpo. ++ * Use "set -e" in the body of the libav-tools maintainer scripts. ++ * Fix vcs-field-not-canonical lintian warning. ++ * Set executable permissions for qt-faststart, fixes unstripped-binary-or-object ++ lintian warning. ++ * Fix some spelling errors detected by lintian. ++ ++ [ Reinhard Tartler ] ++ * compile against libtiff5-dev ++ * Drop some special code paths for building the ubuntu flavor ++ (no longer necessary over there) ++ ++ -- Reinhard Tartler Sun, 03 Nov 2013 08:35:04 -0500 ++ ++libav (6:9.10-1) unstable; urgency=medium ++ ++ * New upstream release 9.10 ++ * Too many security related upstream changes to list here, please cf. to ++ upstream changelog: ++ http://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v9.10 ++ * Urgency set to medium because new upstream release fixes many security ++ issues. ++ * Do not accidentally overwrite installed binaries from different flavors. ++ Thanks to Fabian Greffrath for the patch (Closes: #725956) ++ ++ -- Reinhard Tartler Thu, 10 Oct 2013 10:53:54 -0400 ++ ++libav (6:9.9-1) experimental; urgency=low ++ ++ * New upstream release 9.9 ++ * Too many security related upstream changes to list here, please cf. to ++ upstream changelog. Closes: #717009 ++ ++ -- Reinhard Tartler Mon, 07 Oct 2013 18:07:14 -0400 ++ ++libav (6:9.8-2) unstable; urgency=low ++ ++ * Upload to unstable ++ * Weaken dependencies on libx264, opencv and frei0r for now to allow ++ compilation. This dependency will be tightened as soon as the ++ libraries have been updated in unstable. ++ ++ -- Reinhard Tartler Tue, 13 Aug 2013 15:10:05 +0200 ++ ++libav (6:9.8-1) experimental; urgency=low ++ ++ * New upstream release 9.8, Closes: #716734, #716735 ++ * Upstream Changes: ++ - kmvc: Clip pixel position to valid range ++ - kmvc: Use fixed sized arrays in the context ++ - indeo: Reject negative array indexes ++ - indeo: Check for reference when inheriting motion vectors ++ - indeo: Properly forward the error codes ++ - mjpeg: Check the unescaped size for overflows ++ - wmapro: Error out on impossible scale factor offsets ++ - wmapro: Check the min_samples_per_subframe ++ - wmapro: Return early on unsupported condition ++ - wmapro: Check num_vec_coeffs against the actual available buffer ++ - wmapro: Make sure there is room to store the current packet ++ - lavc: Move put_bits_left in put_bits.h ++ - 4xm: Do not overread the source buffer in decode_p_block ++ - 4xm: Check bitstream_size boundary before using it ++ ++ -- Reinhard Tartler Sat, 13 Jul 2013 08:26:24 +0200 ++ ++libav (6:9.7-1) experimental; urgency=low ++ ++ * New upstream release 9.7, Most of the following fixes resulted from ++ test samples that the Google Security Team has kindly made available: ++ ++ - 4xm: fix several programming errors to avoid crashes, etc. ++ - apetag: use int64_t for filesize ++ - jpegls: Fix invalid writes to memory ++ - ljpeg: use the correct number of components in YUV ++ - mjpeg: Validate sampling factors ++ - mjpegdec: properly report unsupported disabled features ++ - mjpegdec: validate parameters in mjpeg_decode_scan_progressive_ac ++ - mpegvideo: allocate sufficiently large scratch buffer for interlaced vid ++ - pixdesc: mark gray8 as pseudopal ++ - smacker: fix several programming errors to avoid crashes, etc. ++ - tiff: do not overread the source buffer ++ - vmd: drop incomplete chunks and spurious samples ++ - vmdav: convert to bytestream2 to avoid invalid reads and writes ++ - wavpack: check packet size early ++ - wavpack: use bytestream2 in wavpack_decode_block ++ - wavpack: validate samples size parsed in wavpack_decode_block ++ ++ -- Reinhard Tartler Sun, 30 Jun 2013 17:21:27 +0200 ++ ++libav (6:9.6-2) experimental; urgency=low ++ ++ * Tighten build dependency on libx264, Closes: #709817 ++ * Introduce the libavcodec-extra meta-package ++ * No longer check for --enable-dirac switch ++ * Bump standards version ++ * Cleanup some obsolete Package relationship fields ++ * Drop obsolete DM-Upload field ++ * libavcodec-extra: add misc:Depends substvar ++ * Factor out binary-indep builds ++ * Install tool HTML documentation into libav-tools package ++ ++ -- Reinhard Tartler Wed, 29 May 2013 22:07:02 +0200 ++ ++libav (6:9.6-1) experimental; urgency=low ++ ++ * New Upstream release 9.6 ++ - wav: Always seek to an even offset, Bug #500, LP: #1174737 ++ - various security relevant patches ++ ++ -- Reinhard Tartler Mon, 20 May 2013 10:54:36 +0200 ++ ++libav (6:9.5-1) experimental; urgency=low ++ ++ * New Upstream version 9.5: ++ - Most of the following fixes resulted from test samples that ++ the Google Security Team has kindly made available ++ ++ -- Reinhard Tartler Thu, 25 Apr 2013 22:32:11 +0200 ++ ++libav (6:9.4-1) experimental; urgency=low ++ ++ * Imported Upstream version 9.4 ++ - h264: check for luma and chroma bit dept being equal (CVE-2013-2277) ++ - iff: validate CMAP palette size (CVE-2013-2495) ++ - Thus, closes: #703200 ++ * debian/watch: download xz files and tigthen checks ++ ++ -- Reinhard Tartler Sun, 24 Mar 2013 07:30:01 +0100 ++ ++libav (6:9.3-1) experimental; urgency=low ++ ++ [ Jonas Smedegaard ] ++ * Stop using CDBS. ++ ++ [ Reinhard Tartler ] ++ * Imported Upstream version 9.2 (never uploaded, though) ++ * Imported Upstream version 9.3: ++ - Fixes CVE-2013-0894 ++ * drop 02-fix-build-on-non-armv5te.patch, merged upstream ++ ++ -- Reinhard Tartler Sat, 02 Mar 2013 14:34:27 +0100 ++ ++libav (6:9.1-3) experimental; urgency=low ++ ++ * Build-depend on libopus-dev. ++ * Stop needlessly build-depending on libcv-dev. ++ * Tighten build-dependencies on frei0r-plugins-dev, libopencv-dev and ++ libx264-dev, to use experimental packages. ++ * Have libav-tools and libavfilter3 suggest frei0r-plugins. ++ * Add upstream patch 02 to fix build on armel without armv5te support. ++ ++ -- Jonas Smedegaard Sun, 20 Jan 2013 15:54:42 +0100 ++ ++libav (6:9.1-2) experimental; urgency=low ++ ++ [ Jonas Smedegaard ] ++ * Document all licensing of binary packages in README.Debian (not ++ partly as comment in copyright file), to avoid confusing source ++ issued licenses with binary resolved licensing. ++ ++ [ Reinhard Tartler ] ++ * Bump shlibs to 6:9.1-1 ++ * Fix internal shlibs ++ ++ -- Reinhard Tartler Sat, 19 Jan 2013 10:06:15 +0100 ++ ++libav (6:9.1-1) experimental; urgency=low ++ ++ [ Jonas Smedegaard ] ++ * Rewrite copyright file using copyright format 1.0. ++ Closes: bug#694657. Thanks to Francesco Poli. ++ * Include CDBS utils.mk, to track future copyright/licensing changes. ++ Build-depend on cdbs. Update README.source. ++ ++ [ Reinhard Tartler ] ++ * Imported Upstream version 9 ++ - New releases fixes (among others) CVE-2012-2882 CVE-2012-5359 ++ CVE-2012-5360 CVE-2012-5361, Closes: #694483 ++ * drop debian/recordshow.sh ++ * ignore shlib-with-non-pic-code also for libavcodec-extra-54 ++ * make libavcodec54/libavcodec-extra-54 properly conflict/replace each other ++ ++ -- Reinhard Tartler Mon, 07 Jan 2013 22:42:25 +0100 ++ ++libav (6:9~beta3-1) experimental; urgency=low ++ ++ * New upstream version. ++ ++ -- Reinhard Tartler Fri, 21 Dec 2012 15:32:13 +0100 ++ ++libav (6:9~beta2-4) experimental; urgency=low ++ ++ * Fix compilation on the buildds ++ ++ -- Reinhard Tartler Fri, 16 Nov 2012 07:56:59 +0100 ++ ++libav (6:9~beta2-3) experimental; urgency=low ++ ++ * Include all post 9beta2 patches ++ - Fixes linking with libavfilter/libavutil, Closes: #693040 ++ * libavresample1: Unbreak partial updates by adding Replaces ++ relationship with libavresample0, Closes: #693327 ++ * Fix installation of doxygen HTML pages. ++ * add lintian override for libavcodec-extra-54 ++ ++ -- Reinhard Tartler Thu, 15 Nov 2012 21:29:50 +0100 ++ ++libav (6:9~beta2-2) experimental; urgency=low ++ ++ * add post 9 beta2 patches ++ * import bits from ubuntu to minimize the diff ++ * Remove stale Conflicts/Replaces on libavutil51, fixes instability ++ issues with libavutil51. ++ ++ -- Reinhard Tartler Sun, 11 Nov 2012 17:21:15 +0100 ++ ++libav (6:9~beta2-1) experimental; urgency=low ++ ++ * new upstream release: libav 9 beta2 ++ * Imported Upstream version 9~beta2 ++ * SONAME bump: libavutil51->libavutil52, (Closes: #691088) ++ * bump shlibs file ++ * fix package names to follow correct soname of libavresample1 ++ ++ -- Reinhard Tartler Tue, 23 Oct 2012 18:49:26 +0200 ++ ++libav (6:9~beta1-1) experimental; urgency=low ++ ++ [ Fabian Greffrath ] ++ * Imported Upstream version 6:0.8.99-3213-gd16860a ++ ++ [ Andres Mejia ] ++ * Update libav-doc doc base. (Closes: #674139) ++ ++ [ Fabian Greffrath ] ++ * Use the cond_enable() macro for all additional features in ++ debian/confflags. ++ * Tidy up and sort configuration flags. ++ * Add a debian/README.source file that describes how to rebuild libav with a ++ reduced feature set in order to avoid circular build-dependencies for ++ bootstrapping. ++ * Restrict Build-Depends to "yasm [any-amd64 any-i386]" and explicitely ++ disable it if not found. ++ ++ [ Reinhard Tartler ] ++ * add dependency on libavcodec54 to libav-dbg ++ * add Pre-Depend on dpkg to libav-tools to ensure smooth updates ++ * libav-tools.install: make files to install more explicit ++ ++ [ Loïc Minier ] ++ * Install the shared flavor last ++ * control/Uploaders: update my email address ++ ++ [ Reinhard Tartler ] ++ * Declare a 'Breaks' relationship against mplayer, Closes: #671934 ++ * Bug fix: "Multi-Arch: foreign libraries", thanks to Stepan Golosunov. ++ * Remove Multi-arch header from the empty, transitional -extra- packages ++ ++ [ Fabian Greffrath ] ++ * Mention qt-faststart in the long description (Closes: #681491.) ++ * Install all debug symbols into libav-dbg (Closes: #680602). ++ * Do not run doxygen if it is not installed. ++ * Fix up debian/changelog and get dependencies right accordingly. ++ ++ [ Reinhard Tartler ] ++ * Make libav-extra-dbg arch:all ++ * Fix generation of shlibs file (Closes: #679542) ++ ++ [ Fabian Greffrath ] ++ * Also make libav-regular-dbg 'arch: all' for consistency with the other debug packages. ++ * Fix generation of shlibs file not only for libavcodec*, but for all the other library packages as well. ++ * Use xz compression for binary packages, thanks Ansgar Burchardt (Closes: #683895). ++ ++ [ Reinhard Tartler ] ++ * Drop the package libav-regular-dbg ++ ++ [ Fabian Greffrath ] ++ * Clarify relations between libavcodec54 and libavcodec-extra-54 in debian/control. ++ ++ [ Reinhard Tartler ] ++ * New Upstream version: 9 beta1 ++ * remove compatibility links for ff* tools. ++ * New release fixes all known CVE entries so far (Closes: #688847) ++ * libav-dbg: avoid dependency on 'ffmpeg' package ++ * remove package libav-extra-dbg ++ * allow co-installation of libav-dbg with libavcodec-extra-54 ++ * temporarily disable libopus support until #690563 is fixed ++ ++ -- Reinhard Tartler Tue, 16 Oct 2012 18:38:46 +0200 ++ ++libav (6:0.8.99-1537-gacb2c79-2) experimental; urgency=low ++ ++ [ Rico Tzschichholz ] ++ * Fix lintian-overrides after soname bump ++ * Fix some conflicts/replaces ++ * Bump shlibs version ++ ++ [ Reinhard Tartler ] ++ * Update changelog ++ ++ -- Reinhard Tartler Tue, 15 May 2012 09:21:24 +0200 ++ ++libav (6:0.8.99-1537-gacb2c79-1) experimental; urgency=low ++ ++ * New upstream snapshot ++ - Drop patches applied upstream ++ - Longer build libpostproc, dropped upstream ++ - follow soname bump of libavcodec and libavformat 53->54 ++ - New library: libswresample ++ * no longer build and use dirac, removed upstream in favor of libschroedinger ++ * remove deprecated ffmpeg package ++ * bump shlibs version ++ ++ -- Reinhard Tartler Sat, 12 May 2012 22:02:03 +0200 ++ ++libav (6:0.8.8-1) unstable; urgency=low ++ ++ * Imported Upstream version 0.8.7, new releases fixes a number of ++ security relevant patches. ++ * backport patch from upstream to make samplefmt auto-aling buffers ++ (Closes: #713856) ++ ++ -- Reinhard Tartler Fri, 12 Jul 2013 22:00:28 +0200 ++ ++libav (6:0.8.7-1) unstable; urgency=medium ++ ++ * Imported Upstream version 0.8.7, new releases fixes: ++ - wav: Always seek to an even offset, Bug #500, LP: #1174737 ++ - A number of further security relevant patches. ++ ++ -- Reinhard Tartler Mon, 20 May 2013 11:04:00 +0200 ++ ++libav (6:0.8.6-1) unstable; urgency=low ++ ++ * Imported Upstream version 0.8.6, new releases fixes: ++ - h264: check for luma and chroma bit depth being equal (CVE-2013-2277) ++ - iff: validate CMAP palette size (CVE-2013-2495) ++ - msrledec: convert to bytestream2 API and add proper bounds checking (CVE-2013-2496) ++ - vorbisdec: Error on bark_map_size equal to 0 (CVE-2013-0894) ++ - Thus, closes: #703200 ++ ++ -- Reinhard Tartler Sun, 24 Mar 2013 07:35:51 +0100 ++ ++libav (6:0.8.5-1) unstable; urgency=low ++ ++ * New upstream security/bugfix release. New releases fixes ++ (bug numbers reference http://bugzilla.libav.org, Closes: #694483) ++ - Indeo 4 (CVE-2012-2791) ++ - VP5/VP6 (CVE-2012-2783) ++ - Indeo 3 (CVE-2012-2804) ++ - MPEG-1/2 (CVE-2012-2803) ++ - MP3 (CVE-2012-2797) ++ - AAC (CVE-2012-5144) ++ - AC-3 (CVE-2012-2802) ++ - AVS (CVE-2012-2801) ++ - DFA (CVE-2012-2798) ++ - ID3v2 (Bug 395) ++ - Serious Memory leaks on broken Ogg files ++ * drop recordshow script. This clearly undermaintained script has ++ unclear copyright status and is unlikely to work properly anyway. ++ ++ -- Reinhard Tartler Sun, 13 Jan 2013 11:56:59 +0100 ++ ++libav (6:0.8.4-1) unstable; urgency=low ++ ++ * New upstream security/bugfix release. New release fixes: ++ (bug numbers reference http://bugzilla.libav.org, Closes: #688847) ++ - h264 (Bug 118), vc1dec (CVE-2012-2796), sipr, bmpdec (bug 367), alsdec ++ (CVE-2012-2775), rv34/rv40 (CVE-2012-2772), indeo3/indeo4 ++ (CVE-2012-2776, CVE-2012-2779, CVE-2012-2787, CVE-2012-2794, ++ CVE-2012-2800), vorbisenc, vorbisdec (Bug 277), snow, ac3dec ++ (CVE-2012-2802), avsdec (CVE-2012-2801), dfa (CVE-2012-2786, ++ CVE-2012-2798), lagrith (CVE-2012-2793), wmaprodec (CVE-2012-2789 & ++ Bug 327), avidec (CVE-2012-2788, CVE-2012-2790), cavsdec ++ (CVE-2012-2777, CVE-2012-2784), wav (Bug 379), yuff4mpeg (Bug 373), ++ mpegaudio, tiffenc, smacker (Bug 265). ++ - smaller bug fixes in avconv (Bug 352) ++ - fix lt() and lte() in function evaluator ++ - fix segfault in avformat_open_input() ++ - fix segfault in golomb decoder (bug 310) ++ - fix segfault (double free) in libavfilter ++ - convert dfa decoder to bytestream2 API to protect from overreads ++ - bugfix in vf_pad/scale filter (Bug 203 & 245) ++ - lavc: remove stats_out and stats_in from the options table. ++ (Bug 380, Closes: #690726) ++ * Drop patches applied upstream. ++ ++ -- Reinhard Tartler Mon, 22 Oct 2012 20:57:08 +0200 ++ ++libav (6:0.8.3-7) unstable; urgency=low ++ ++ [ Fabian Greffrath ] ++ * Fix generation of shlibs file not only for libavcodec*, but for all the ++ other library packages as well. Really closes: #679542 ++ * Use xz compression for binary packages, thanks Ansgar Burchardt ++ (Closes: #683895). ++ ++ [ Reinhard Tartler ] ++ * use EPOCH macro in SHLIBS_VERSION ++ * Drop the package 'libav-regular-dbg'. It was not included in squeeze. ++ ++ -- Reinhard Tartler Sat, 25 Aug 2012 11:08:48 +0200 ++ ++libav (6:0.8.3-6) unstable; urgency=low ++ ++ * Clarify the changes in the 6:0.8.3-5 upload, as discussed in bug ++ #683247. ++ * Make ffmpeg-dbg 'arch: all' for consistency with the libav-extra-dbg ++ package. ++ * Fix generation of shlibs file. (Closes: #679542) ++ Wrong make variables where used for the shlibs generation. ++ ++ -- Reinhard Tartler Sat, 04 Aug 2012 09:03:54 +0200 ++ ++libav (6:0.8.3-5) unstable; urgency=low ++ ++ [ Reinhard Tartler ] ++ * Bug fix: "Multi-Arch: foreign libraries", thanks to Stepan Golosunov. ++ Make the transitional libavfoo-extra-NN packages 'arch: all' and ++ remove the 'Multi-Arch: foreign' fields to avoid that the dependency ++ can be satisfied by packages of other architectures, which would break ++ applications. Closes: #680613 ++ * Make libav-extra-dbg 'arch: all'. As empty, transitional package ++ without strict dependencies, we can safely ship it as arch:all ++ package. ++ ++ [ Fabian Greffrath ] ++ * Mention qt-faststart in the long description (Closes: #681491). ++ * Install all debug symbols into libav-dbg (Closes: #680602). ++ * Do not run doxygen if it is not installed. This does not change anything ++ for regular builds, but helps with bootstrapping the package to new ++ architectures that may not have doxygen available yet. ++ * Fix up debian/changelog and tighten dependencies. ++ * Do not declare "ffmpeg" as virtual package (provided by libav-tools). ++ Instead, we provide it as transitional package for libav-tools. Note ++ the next upstream version will no longer provide neither an 'ffmpeg' ++ package, nor a /usr/bin/ffmpeg binary. This means that front-end ++ applications in Debian that previously used this binary needs to be ++ ported to /usr/bin/avconv for jessie. ++ ++ -- Reinhard Tartler Sun, 15 Jul 2012 23:13:42 +0200 ++ ++libav (6:0.8.3-4) unstable; urgency=low ++ ++ * Declare a 'Breaks' relationship against mplayer, Closes: #671934 ++ ++ -- Reinhard Tartler Tue, 26 Jun 2012 08:46:42 +0200 ++ ++libav (6:0.8.3-3) unstable; urgency=low ++ ++ * Install the shared flavor last; the binaries from the optimized flavor(s) ++ would overwrite the ones from the shared baseline flavor causing SIGILL; ++ closes: #657885. ++ * control/Uploaders: update my email address ++ ++ -- Loïc Minier Mon, 25 Jun 2012 21:21:24 +0200 ++ ++libav (6:0.8.3-2) unstable; urgency=low ++ ++ [ Fabian Greffrath ] ++ * Clarify relations between libavcodec53 and libavcodec-extra-53 ++ in debian/control. ++ * Use the cond_enable() macro for all additional features in debian/confflags. ++ * Tidy up and sort configuration flags. ++ * Add a debian/README.source file that describes how to rebuild libav ++ with a reduced feature set in order to avoid circular build-dependencies ++ for bootstrapping. ++ * Restrict Build-Depends to "yasm [any-amd64 any-i386]" ++ and explicitly disable it if not found. ++ ++ [ Reinhard Tartler ] ++ * add patch from upstream to fix playback of Canon AVHCD movies. ++ (Fixes: LP: #937561) ++ * fix location in ffmpeg.NEWS file ++ * add dependency on libavcodec53 to libav-dbg ++ * add Pre-Depend on dpkg to libav-tools to ensure smooth updates ++ * {ffmpeg,libav-tools}.install: make files to install more explicit ++ ++ -- Reinhard Tartler Mon, 25 Jun 2012 19:06:49 +0200 ++ ++libav (6:0.8.3-1) unstable; urgency=medium ++ ++ [ Andres Mejia ] ++ * Update libav-doc doc base. (Closes: #674139) ++ ++ [ Reinhard Tartler ] ++ * New upstream release 0.8.3: ++ - Several bugs and crashes have been fixed in the following codecs: PNG, ++ Electronic Arts TQI, H.264 (CVE-2012-0851) and H.263 (CVE-2011-3937) ++ * Raising severity because of security issues. ++ ++ -- Reinhard Tartler Sat, 09 Jun 2012 13:25:31 +0200 ++ ++libav (6:0.8.2-2) unstable; urgency=low ++ ++ * Revert "temporarily disable opencv to work around dependency troubles" ++ * Simplify internal dependencies (Closes: #672791) ++ ++ -- Reinhard Tartler Mon, 14 May 2012 21:37:59 +0200 ++ ++libav (6:0.8.2-1) unstable; urgency=medium ++ ++ * New upstream release: ++ - Several bugs and crashes have been fixed in the following codecs: AAC, ++ APE, H.263, H.264, Indeo 4, Mimic, MJPEG, Motion Pixels Video, RAW, ++ TTA, VC1, VQA, WMA Voice, vqavideo (CVE-2012-0947). ++ - Several bugs and crashes have been fixed in the following formats: ++ ASF, ID3v2, MOV, xWMA ++ - This release additionally updates the following codecs to the ++ bytestream2 API, and therefore benefit from additional overflow ++ checks: truemotion2, utvideo, vqavideo ++ * drop 02-fix-avpreset-extension.patch, applied upstream ++ * Revert "Revert "temporarily disable opencv to work around dependency ++ troubles"" (Closes: #671302) ++ * Bumped urgency because of security issue. ++ ++ -- Reinhard Tartler Sat, 05 May 2012 11:08:44 +0200 ++ ++libav (6:0.8.1-7) unstable; urgency=low ++ ++ * Fix build for hurd. Thanks to Samuel Thibault for patch. (Closes: #613034) ++ (Closes: #671038) ++ * Properly migrate /etc/ffserver.conf to /etc/avserver.conf. ++ (Closes: #660786) ++ * Renable opencv support. ++ ++ -- Andres Mejia Tue, 01 May 2012 21:33:13 -0400 ++ ++libav (6:0.8.1-6) unstable; urgency=low ++ ++ * Fix epoch in strict internal dependencies. Closes: #670861 ++ * Temporarily disable opencv to work around dependency trouble ++ ++ -- Reinhard Tartler Mon, 30 Apr 2012 08:14:20 +0200 ++ ++libav (6:0.8.1-5) unstable; urgency=low ++ ++ [ Andres Mejia ] ++ * Fix issue with file not being multiarch compatible. (Closes: #669988) ++ ++ [ Reinhard Tartler ] ++ * Bump epoch to fix messed upload to unstable (Closes: #670762) ++ ++ -- Reinhard Tartler Sun, 29 Apr 2012 10:30:26 +0200 ++ ++libav (5:0.8.1-4) unstable; urgency=low ++ ++ * Use a Provides field to provide transitional packages instead of Conflicts. ++ (Closes: #666401) ++ * Have both libavcodec and libavcodec-extra package conflict with each other. ++ ++ -- Andres Mejia Fri, 30 Mar 2012 10:15:50 -0400 ++ ++libav (5:0.8.1-3) unstable; urgency=low ++ ++ * Separate the ffmpeg program into the transitional package. ++ * Change ffmpeg warning so that it's clearer the program is ++ deprecated (LP: #939863) ++ ++ -- Andres Mejia Thu, 29 Mar 2012 13:13:01 -0400 ++ ++libav (5:0.8.1-2) experimental; urgency=low ++ ++ [ Andres Mejia ] ++ * Merge libav-extra packages to libav. (Closes: #658084) ++ * Provide only libavcodec-extra package, the other packages are unnecessary. ++ * Remove libav-source package. No longer necessary. ++ * Remove dependencies and suggests of FAAD, no longer needed. ++ * Set Enhances field and update package description for libavcodec-extra ++ package. (Closes: #653451) ++ * Fix issue with installation of debug symbols. (Closes: #642798) ++ ++ [ Fabian Greffrath ] ++ * Mention license impact in libavcodec-extra-53's package description. ++ ++ -- Andres Mejia Wed, 21 Mar 2012 15:52:58 -0400 ++ ++libav (4:0.8.1-1) unstable; urgency=medium ++ ++ [ Reinhard Tartler ] ++ * Bump shlibs (Closes: #662793) ++ * force upgrades of older libavcodec-extra-53 packages ++ * drop all post-0.8 patches, applied upstream ++ * bump standards version, no changes needed ++ * Imported Upstream version 0.8.1 ++ * Bumped urgency to medium because of included security fixes: ++ CVE-2012-0848, CVE-2012-0853, CVE-2012-0858, CVE-2011-3929, ++ CVE-2011-3936, CVE-2011-3937, CVE-2011-3940, CVE-2011-3945, ++ CVE-2011-3947, CVE-2011-3951, CVE-2011-3952 ++ ++ [ Andres Mejia ] ++ * Enable frei0r support. ++ * Enable tls support through gnutls. ++ * Enable libcdio support. ++ * Enable opencv support. ++ * Enable pulse support. ++ * Enable vaapi for all architectures. ++ ++ -- Reinhard Tartler Mon, 19 Mar 2012 08:39:18 +0100 ++ ++libav (4:0.8-2) unstable; urgency=low ++ ++ [ Reinhard Tartler ] ++ * confflags: use --enable-pic instead of manually messing with cflags ++ * Import post 0.8 patches ++ * Bugfix: expects wrong preset file extension (Closes: #660978) ++ Thanks to Laurento for spotting this. ++ ++ [ Alessio Treglia ] ++ * Fix maintainer's name. ++ ++ [ Fabian Greffrath ] ++ * Enable hardened build flags through dpkg-buildflags (Closes: #658929). ++ * Fix format string vulnerability detected by -Wformat-security. ++ * Filter out system-wide setting of -Bsymbolic-functions to avoid FTBFS. ++ * Set CPPFLAGS separately. ++ ++ -- Reinhard Tartler Mon, 05 Mar 2012 19:47:54 +0100 ++ ++libav (4:0.8-1) unstable; urgency=medium ++ ++ [ Fabian Greffrath ] ++ * Remove the last remainders of explicit quilt usage in ++ pre-3.0 source formats. ++ * Urgency bumped to medium because of RC bugs and unfixed security ++ issues in testing. ++ * Imported Upstream version 0.8 ++ - Bug fix: "Segfaults when using vaapi", thanks to Andrey Rahmatullin ++ (Closes: #656572). That crash is most likely caused by auto-enabling ++ multi-threading. This behavior got reverted just before this release. ++ * Drop post-0.8b2 patches ++ * Bump shlibs for addition of new audio encoding API ++ * Extend package descriptions to include a note what libav actually is ++ * debian/watch: fix mangling of '_' characters. ++ * drop unused lintian override in debian/control ++ * provide compatibility links for ffserver, ffplay and ffprobe ++ (Closes: #655683) ++ ++ -- Reinhard Tartler Sun, 22 Jan 2012 21:24:22 +0100 ++ ++libav (4:0.8~beta2-3) unstable; urgency=low ++ ++ [ Fabian Greffrath ] ++ * Fix debian/*.install file generation on archs (e.g. armel) that build ++ more than only one optimized shared library (Closes: #656184). ++ ++ [ Reinhard Tartler ] ++ * add additional post-0.8b2 patches ++ ++ -- Reinhard Tartler Tue, 17 Jan 2012 22:31:32 +0100 ++ ++libav (4:0.8~beta2-2) unstable; urgency=low ++ ++ [ Fabian Greffrath ] ++ * Properly set the library paths for multiarch and shared libs in ++ debian/*.install instead of using brace expansion and asterisks. ++ ++ [ Reinhard Tartler ] ++ * Fix upgrade path from earlier versions of the 'ffmpeg' package ++ (Closes: #655917) ++ * Sync post v0.8b2 commits ++ * extend package description to include a note what libav actuall is ++ * place transitional packages in oldlibs/extra section to assist package ++ managers ++ * drop unused lintian override in debian/control ++ ++ -- Reinhard Tartler Sun, 15 Jan 2012 16:19:41 +0100 ++ ++libav (4:0.8~beta2-1) unstable; urgency=low ++ ++ * New Upstream version 0.8~beta2: ++ - Confirm that this release does not inhibit the following security issues: ++ - DoS in MKV demuxer, ++ - CVE-2011-3893, Closes: #654572 ++ - Double free vuln in the Theora decoder, ++ - CVE-2011-3892, Closes: #654571 ++ - heap-based buffer overflow in vorbis decoder: ++ - CVE-2011-3895, Closes: #654573 ++ - Closes: #654534 ++ - Bug fix: "libswscale crashes when upscaling pictures using ++ hyscale_fast2, MMX variant on amd64 with gcc-4.6 and later", ++ thanks to Harald Dunkel (Closes: #647824). ++ - Clarify that libavutil/avutil.h doesn't include mathematics.h any more in ++ APIchanges documentation. Thanks: Jonathan Nieder , ++ Closes: #654303 ++ * Disable configuration mismatch warnings (Closes: #619530) ++ * Rename package libav to libav-tools (Closes: #654984) ++ * Refresh patches ++ ++ -- Reinhard Tartler Wed, 11 Jan 2012 16:45:28 +0100 ++ ++libav (4:0.8~beta1-2) experimental; urgency=low ++ ++ * fix build failures by dropping unnecessary configure flags ++ ++ -- Reinhard Tartler Sun, 01 Jan 2012 08:48:06 +0100 ++ ++libav (4:0.8~beta1-1) experimental; urgency=low ++ ++ * New upstream release. ++ - too many changes to list, please refer to upstream's Changelog file ++ for details ++ ++ -- Reinhard Tartler Fri, 30 Dec 2011 23:45:34 +0100 ++ ++libav (4:0.7.3-2) unstable; urgency=low ++ ++ * forcefully disable v4l on kfreebsd, fixes an FTBFS on kFreeBSD ++ ++ -- Reinhard Tartler Mon, 26 Dec 2011 10:50:36 +0100 ++ ++libav (4:0.7.3-1) unstable; urgency=high ++ ++ * New upstream version. Includes fixes for: ++ - VP3 decoder (CVE-2011-4352) ++ - svq1 decoder (CVE-2011-4579) ++ - DoS in the VP5/VP6 decoders (CVE-2011-4353) ++ - QDM2 decoder (CVE-2011-4351) ++ - Sierra VMD decoder (CVE-2011-4364) ++ * Bumped urgency. ++ * Enable drawtext filter (Closes: #647132) ++ * Imported Upstream version 0.7.3 ++ * Bump shlibs for backported avcodec_open2() API ++ ++ -- Reinhard Tartler Sun, 25 Dec 2011 22:04:54 +0100 ++ ++libav (4:0.7.2-1) unstable; urgency=low ++ ++ * New upstream release: 0.7.2 ++ - Security focused release ++ - Includes Matroska reallocation checks, Closes: #643859 ++ * Drop all post 0.7.1 patches, included upstream. ++ ++ -- Reinhard Tartler Fri, 30 Sep 2011 21:01:25 +0200 ++ ++libav (4:0.7.1-7) unstable; urgency=medium ++ ++ * Add 63 (!) additional post 0.7.1 patches ++ - all scheduled for next upstream point release ++ - Fix missing CAVS boundary checks, Closes: #641478, Fixes: CVE-2011-3362 ++ * Medium urgency for fixing a security issue ++ * Drop debian/patches/03-fix-movrel.patch, better patch upstream ++ * prefer libtiff4 over libtiff5 for now ++ ++ -- Reinhard Tartler Mon, 26 Sep 2011 22:24:47 +0200 ++ ++libav (4:0.7.1-6) unstable; urgency=low ++ ++ * Convert package to include multiarch support. ++ ++ -- Andres Mejia Fri, 23 Sep 2011 22:03:39 -0400 ++ ++libav (4:0.7.1-5) unstable; urgency=low ++ ++ * sync patches with upstream release branch ++ * Fix segmentation fault on ppc32, Closes: #639948 ++ ++ -- Reinhard Tartler Mon, 05 Sep 2011 07:25:06 +0200 ++ ++libav (4:0.7.1-4) unstable; urgency=low ++ ++ * upload to unstable ++ ++ -- Reinhard Tartler Thu, 01 Sep 2011 22:45:43 +0200 ++ ++libav (4:0.7.1-3) experimental; urgency=low ++ ++ * add post 0.7.1 patches ++ * make MAP_ANONYMOUS available on Linux and the Hurd, Closes: #637516 ++ * libpostproc: filter name needs to be double 0 terminated ++ * relax dependencies in the shlibs file to accomodate ++ the new versioning scheme in libav-extra. Fixes LP: #818619 ++ * libswscale-dev: fix alternate on libswscale-extra-2, Fixes LP: #829857 ++ ++ -- Reinhard Tartler Thu, 25 Aug 2011 22:45:47 +0200 ++ ++libav (4:0.7.1-2) experimental; urgency=low ++ ++ * Build against libx264. Closes: #418228, #440681 ++ * Build against libmp3lame, Closes: #587904 ++ * Build against xvidcore to enable xvid encoding ++ * use yasm on every architecture. Should allow building on the Hurd ++ ++ -- Reinhard Tartler Tue, 26 Jul 2011 21:58:18 +0200 ++ ++libav (4:0.7.1-1) experimental; urgency=low ++ ++ [ Andres Mejia ] ++ * Update to my @debian.org email. ++ ++ [ Reinhard Tartler ] ++ * Pass --arch to configure ++ * no longer generate 'snapshot_version' ++ * disable jackd output support on the hurd ++ * Use proper architecture wildcards for Linux-only dependencies, ++ Closes: #634460 ++ * Drop "backported patches" ++ * Imported Upstream version 0.7.1 ++ * Fix installation of codecs.txt and formats.txt ++ ++ -- Reinhard Tartler Thu, 21 Jul 2011 12:18:48 +0200 ++ ++libav (4:0.7-2) experimental; urgency=low ++ ++ [ Arnout Engelen ] ++ * libavformat-dev depends on libavutil-dev ++ ++ [ Reinhard Tartler ] ++ * Add backported patches for 0.7.1 ++ ++ -- Reinhard Tartler Sat, 16 Jul 2011 14:38:21 +0200 ++ ++libav (4:0.7-1) experimental; urgency=low ++ ++ * New upstream release. ++ * Fixes several potential security issues, Closes: #628448 ++ * Much imporved libavfilter, Closes: #594108 ++ * Fixes some overlapping memcpys my using memmove instead, Closes: #627818 ++ * Bump libswscale SONAME ++ * Bump shlibs ++ * Bump Standards version to 3.9.2 ++ ++ -- Reinhard Tartler Tue, 21 Jun 2011 07:49:59 +0200 ++ ++libav (4:0.7~rc1-1) experimental; urgency=low ++ ++ * New upstream version ++ * Bug fix: "Please add ffmpeg-mt for multithreading support", branch has ++ been finally merged now upstream properly (Closes: #575600). ++ * remove 02-Fix-kfreeBSD-FTBFS.patch, applied upstream ++ ++ -- Reinhard Tartler Tue, 14 Jun 2011 22:03:36 +0200 ++ ++libav (4:0.7~beta2-2) experimental; urgency=low ++ ++ * refresh patches ++ * rename Tweak-doxygen-config patch ++ * add patch from upstream to fix build failure on kFreeBSD ++ * ignore quilt .pc status directory ++ ++ -- Reinhard Tartler Sun, 15 May 2011 10:49:54 +0200 ++ ++libav (4:0.7~beta2-1) experimental; urgency=low ++ ++ [ Jonathan Nieder ] ++ * only install doc/APIChanges in *-dev and libav-doc packages ++ * move note on source package lineage to README.Debian ++ * install NEWS.Debian in libavcodec-dev ++ * use dpkg source format 3.0 (quilt) ++ * allow "debian/rules clean" as unprivileged user ++ ++ [ Reinhard Tartler ] ++ * New upstream release ++ ++ -- Reinhard Tartler Fri, 13 May 2011 12:31:33 +0200 ++ ++libav (4:0.7~b1-2) experimental; urgency=low ++ ++ * don't try to install non-existing documentation, fixes FTBFS on powerpc ++ * add NEWS.Debian file ++ * install doc/APIChanges and refer to them in NEWS.Debian (Closes: #623682) ++ * readd deprecated avcodec_thread_init in libavformat ++ ++ -- Reinhard Tartler Sun, 01 May 2011 18:58:40 +0200 ++ ++libav (4:0.7~b1-1) experimental; urgency=low ++ ++ * New upstream version ++ * bump SONAME and SHLIBS ++ * configure flags --disable-stripping was removed upstream ++ * the MAINTAINERS file was removed upstream ++ * remove patch disable-configuration-warning.patch ++ * drop avfilter confflags, it is enable by default in 0.7 ++ * libfaad wrapper has been removed upstream ++ * also update the *contents* of the lintian overrides ++ ++ -- Reinhard Tartler Tue, 19 Apr 2011 15:04:55 +0200 ++ ++libav (4:0.6.2-1) unstable; urgency=medium ++ ++ [ Reinhard Tartler ] ++ * Imported Upstream version 0.6.2 ++ - include security fixes (Closes: #611495) ++ * rename source package to libav ++ * Switch to libav packages ++ * copy in changelog entries from the 0.5 packaging branch (Closes: #616190) ++ * update version numbering ++ * make buildlogs verbose ++ * Introduce 'libav-source', which contains the patched sources of libav ++ * rename source package to libav ++ ++ [ Fabian Greffrath ] ++ * Fix cp of doxy documentation fails with "Argument list too long" (Closes: #618679) ++ ++ -- Reinhard Tartler Sat, 19 Mar 2011 08:13:46 +0100 ++ ++ffmpeg (4:0.6.1-5) unstable; urgency=low ++ ++ * don't enable vaapi support on the hurd, Closes: #613034 ++ * minor updates to libswscale0's package description ++ * Force upgrade of mplayer pre-rc4 for upgrades of libswscale, ++ Closes: #612292 ++ ++ -- Reinhard Tartler Sun, 13 Feb 2011 09:25:42 +0100 ++ ++ffmpeg (4:0.6.1-4) unstable; urgency=low ++ ++ * no change rebuild to fix broken last upload. ++ ++ -- Reinhard Tartler Sun, 06 Feb 2011 09:20:39 +0100 ++ ++ffmpeg (4:0.6.1-3) unstable; urgency=low ++ ++ * add libxfixes-dev to build depends ++ * minor packaging cleanups ++ * revised package description ++ * detect libopenjpeg and dirac at build-time ++ * remove note about packages being "Debian-specific" ++ * simplify lintian-overrides ++ * Sanitize LDFLAGS variable; it seems that dpkg-buildflags injects ++ -Wl,-Bsymbolic-functions to LDFLAGS, which breaks the build on amd64 ++ ++ -- Reinhard Tartler Sun, 30 Jan 2011 09:22:11 +0100 ++ ++ffmpeg (4:0.6.1-2) experimental; urgency=low ++ ++ [ Jonas Smedegaard ] ++ * Relax mplayer Breaks to permit backports and other early releases. ++ ++ [ Reinhard Tartler ] ++ * Bump Standards-Version, no changes needed. ++ ++ [ Matthias Klose ] ++ * Configure with --enable-pic on powerpc. LP: #654666. ++ ++ -- Reinhard Tartler Fri, 19 Nov 2010 10:50:51 +0100 ++ ++ffmpeg (4:0.6.1-1) experimental; urgency=low ++ ++ * Imported Upstream version 0.6.1 ++ * prepare new upload ++ * remove patches merged upstream ++ * add gitignore file ++ ++ -- Reinhard Tartler Mon, 01 Nov 2010 09:18:08 +0100 ++ ++ffmpeg (4:0.6-2) experimental; urgency=low ++ ++ [ Fabian Greffrath ] ++ * Enable RTMP[E] support via librtmp. ++ * Disable aac encoder, see README.Debian. ++ * Fix obsolete-relation-form for the internal dependencies. ++ * Merge debian/README.Source into debian/README.source and add section ++ headers. ++ * Remove obsoleted support for the non-free libamr-nb/wb. ++ ++ [ Reinhard Tartler ] ++ * enable runtime-cpudetect ++ * conditionally build against opencore-amr if installed in the build ++ environment ++ * update upstream url in debian/copyright ++ * fix usage documentation in debian/get-orig-source.sh ++ * update dep3 headers for debian/patches/900_doxyfile ++ * add proper replaces for moving presets back to ffmpeg ++ * make debian/patches gbp-pq friendly ++ * Add VP80 fourcc to libavformat/riff.c ++ * Backport-AAC-HE-v2 ++ * bump Standards-Version, no changes needed ++ ++ -- Reinhard Tartler Tue, 29 Jun 2010 09:07:56 +0200 ++ ++ffmpeg (4:0.6-1) experimental; urgency=low ++ ++ * new upstream release ++ - adds VP8 support via libvpx, Closes: #582274 ++ * depend on libavfilter-extra-1 instead of -0, Closes: #583728 ++ * add conflicts to the ffprobe package, it has been merged upstream now ++ ++ -- Reinhard Tartler Wed, 16 Jun 2010 09:25:28 +0200 ++ ++ffmpeg (4:0.6~svn20100505-1) experimental; urgency=low ++ ++ * update to new upstream. Closes: #569727 ++ - fixes various segfaults and other minor feature improvements ++ Closes: #374931, #522449, #501891, #559712, #420231, #369127, #538082, ++ #298095, #294422, #561553, #525385, #495274, #420230 ++ LP: #305286, #457106, #529200, #301723, #305315, #336479, #420230, ++ #412063, #428912, #432181, #440591, #453732, #453732, #453732, ++ #514259, #515243, #521472, #530186, #530186, #197842, #483317, ++ #483317, #539407, #280098, #331255, #566107, #569823, #570305, ++ #573190 ++ * Fixup lintian overrides for new upstream snapshot ++ * Bump Standards-Version to 3.8.4 ++ * Many upstream changes, see upstream Changelog for details ++ ++ -- Reinhard Tartler Sun, 24 Jan 2010 21:24:56 +0100 ++ ++ffmpeg (4:0.5.2-6) unstable; urgency=high ++ ++ * Fix several security issues in flicvideo.c. ++ Fixes: CVE-2010-3429, Closes: #598590 ++ * Raising severity to high because of security issue. ++ ++ -- Reinhard Tartler Sun, 03 Oct 2010 16:59:39 +0200 ++ ++ffmpeg (4:0.5.2-5) unstable; urgency=low ++ ++ [ Dominic Evans ] ++ * add libxfixes-dev to build-depends to unbreak x11grab input, ++ Closes: #596342, LP: #631103 ++ ++ [ Reinhard Tartler ] ++ * fix x11grab example in e.g. the manpage so that they actually work ++ ++ -- Reinhard Tartler Mon, 13 Sep 2010 15:29:49 +0200 ++ ++ffmpeg (4:0.5.2-4) unstable; urgency=low ++ ++ [ Loïc Minier ] ++ * Fix typo: use -march=armv7-a instead of -marmv7-a ++ ++ -- Reinhard Tartler Tue, 31 Aug 2010 15:31:05 +0200 ++ ++ffmpeg (4:0.5.2-3) unstable; urgency=low ++ ++ [ Reinhard Tartler ] ++ * Move breaks declaration from libavformat to libavcodec to help the ++ apt solver, Closes: #591881 ++ ++ [ Loïc Minier ] ++ debian/confflags: detect whether the toolchain supports ARMv7 ("dmb") ++ by default as the NEON pass needs at least ARMv6t2; if it's not enabled by ++ default, pass -marmv7-a in extra-cflags for the NEON pass since NEON ++ implies ARMv7; closes: #594417. ++ ++ -- Reinhard Tartler Fri, 27 Aug 2010 01:24:10 +0200 ++ ++ffmpeg (4:0.5.2-2) unstable; urgency=low ++ ++ * Enable some encoders: ++ - h263, h263p, mpeg2video, mpeg4, msmpeg4v1, msmpeg4v2, msmpeg4v3 ++ Closes: #418231, #433287, #440216, #587898, #525349 ++ * Bump Standards Version, no changes needed ++ ++ -- Reinhard Tartler Thu, 05 Aug 2010 11:59:26 -0400 ++ ++ffmpeg (4:0.5.2-1) unstable; urgency=low ++ ++ [ Andres Mejia ] ++ * Fix dependency problem for ffmpeg so it can use extra ffmpeg libs. ++ ++ [ Reinhard Tartler ] ++ * move presets back to 'ffmpeg' package. Closes: #581748 ++ ++ [ Fabian Greffrath ] ++ * Imported Upstream version 0.5.2 ++ * Remove ffmpeg-debian_hurd.patch, applied upstream. ++ * Remove fix-ftbfs-altivec.patch, applied upstream. ++ ++ -- Reinhard Tartler Tue, 25 May 2010 23:01:08 +0200 ++ ++ffmpeg (4:0.5.1-3) unstable; urgency=low ++ ++ * fix ftbfs on powerpc ++ ++ -- Reinhard Tartler Fri, 12 Mar 2010 21:43:55 +0100 ++ ++ffmpeg (4:0.5.1-2) unstable; urgency=low ++ ++ * reintroduce gnu/hurd patch ++ * Fix compilation on powerpc with --disable-altivec ++ ++ -- Reinhard Tartler Wed, 10 Mar 2010 21:19:40 +0100 ++ ++ffmpeg (4:0.5.1-1) unstable; urgency=low ++ ++ * new upstream release: ++ - clarifies documentation on metadata, Closes: #570050, LP: #501729 ++ - further security backports, Closes: #570713 ++ * adapt to new versioning scheme ++ * use '<<' instead of '<' relationship for internal shlib file ++ * merge changes from ubuntu packaging ++ * drop wmapro backport again as discussed with upstream. The unrelated ++ changes seem too risky for a stable release. ++ ++ -- Reinhard Tartler Wed, 03 Mar 2010 22:28:24 +0100 ++ ++ffmpeg (4:0.5+svn20090706-6) unstable; urgency=low ++ ++ [ Fabian Greffrath ] ++ * debian/patches/901-fix-misc-typos.patch: New patch taken from ++ upstream GIT (slightly modified) to fix some spelling errors. ++ * Document our calling of debhelper programs in an odd order in ++ debian/rules. ++ ++ [ Reinhard Tartler ] ++ * document some unattributed patches ++ * enable cpu autodetection in libswscale, Closes: #567725, LP: #386397 ++ ++ [ Christopher Martin ] ++ * backport wmapro codec from ffmpeg trunk ++ ++ -- Reinhard Tartler Sun, 31 Jan 2010 16:53:47 +0100 ++ ++ffmpeg (4:0.5+svn20090706-5) unstable; urgency=medium ++ ++ * Upload to unstable ++ * Urgency medium because of fixed RC bugs (security issues) ++ ++ -- Reinhard Tartler Fri, 22 Jan 2010 16:04:39 +0000 ++ ++ffmpeg (4:0.5+svn20090706-4) experimental; urgency=low ++ ++ [ Loïc Minier ] ++ * Use default toolchain setup on ARM flavors for noopt and only add FPU ++ CFLAGS in the VFP and NEON flavors; this is ok since internally, cpu will ++ be set to "generic" but -march=generic or -mcpu=generic will NOT be added ++ to the build flags. ++ * Build all armel flavours with -marm since ffmpeg has a lot of hand crafted ++ assembly which doesn't build in the new lucid default mode (Thumb 2); ++ LP: #488267 ++ * Build all armel flavours with -fPIC -DPIC instead of just the neon flavour ++ as the new flags/toolchain require this in Ubuntu lucid. ++ * Build some assembly test code -- just like configure -- to decide whether ++ the *default* toolchain uses vfp or neon to decided whether to build the ++ vfp and neon flavors. ++ * Drop --disable/--enable opt flags such as --disable-neon or ++ --enable-armvfp on ARM since the upstream configure script will do the ++ right thing when the proper flags are set. ++ ++ [ Reinhard Tartler ] ++ * build with PIC on powerpc (Closes: #561956) ++ ++ -- Reinhard Tartler Fri, 15 Jan 2010 21:46:49 +0100 ++ ++ffmpeg (4:0.5+svn20090706-3) experimental; urgency=low ++ ++ [ Loïc Minier ] ++ * Disable more autodetecter ARM arch features ++ * Enable neon flavour ++ * Update NEON confflags to assume v7 and VFP ++ * Add backported NEON patches from ffmpeg trunk ++ * Pass proper --cpu and --extra-flags on armel ++ * Pass -fPIC -DPIC to neon pass ++ ++ [ Fabian Greffrath ] ++ * Initialize the FLAVORS variable to static instead of appending to ++ it. Also, we do not support the internalencoders variable anymore. ++ ++ [ Andres Mejia ] ++ * Remove unused patches from packaging. ++ * Update Vcs-* entries to new location. ++ * Bump Standards-Version to 3.8.3. ++ ++ [ Reinhard Tartler ] ++ * change shlibs file to make applications depend on the -extra- packages ++ * loosen dependencies further, so that the -dev packages remain ++ installable even if ffmpeg-extra is 'out-of-date' ++ * add patch for issue1245: Make arguments of av_set_pts_info() unsigned. ++ * Support constant-quant encoding for libtheora, LP: #356322 ++ * increase swscale compile time width (VOF/VOFW), LP: #443264 ++ * Backports of various security patches, Closes: #550442, including: ++ - backport fixes for vorbis_dec ++ - backport oggparsevorbis fix ++ - backport vp3 fixes ++ - backport ffv1 fix ++ - libavcodec/mpegaudiodec.c backports ++ - h264 security backports ++ - backported libavformat/mov.c security fixes ++ - backported libavformat/oggdec.c security fixes ++ - backport svn r18016 aka 'MOV-Support-stz2-Compact-Sample-Size-Box' ++ to fix FTBFS ++ * enable symbol versioning ++ * bump shlibs version ++ * add README.source describing how this source package manages patches ++ * make sure the ${misc:Depends} substvar is used for each binary package ++ ++ -- Reinhard Tartler Wed, 06 Jan 2010 16:27:40 +0100 ++ ++ffmpeg (4:0.5+svn20090706-2) unstable; urgency=low ++ ++ [ Fabian Greffrath ] ++ * Enable support for libdirac, now that it has entered Debian. ++ ++ [ Andres Mejia ] ++ * Fix ordering of FLAVORS that are installed. (Closes: #543595) ++ ++ [ Reinhard Tartler ] ++ * prepare new upload ++ * simply debian/confflags by removing the case of renaming the source ++ package ++ ++ -- Reinhard Tartler Wed, 26 Aug 2009 09:12:49 +0200 ++ ++ffmpeg (4:0.5+svn20090706-1) unstable; urgency=low ++ ++ * preparing new upstream version, 0.5 release branch, rev 19352 ++ - this version is capable of compiling swscale in LGPL mode ++ * rename source package back ++ - The replacement package with the 'missing bits' will be called ++ 'ffmpeg-extra' ++ - simplify README.upstream-upgrade ++ - rename the source package from 'ffmpeg-debian' -> 'ffmpeg' ++ * fix aac playback regression, thanks to Matthew Wakeling for reporting ++ (Closes: #540729) ++ * fix seeking in DIF (DV) movies ++ Thanks to Dan Dennedy for identifying the patch! (Closes: #540424) ++ * debian/rules: ++ - merge cond_enable_nf macro from master.extra branch ++ - don't disable ffserver in various optimized variants ++ - don't disable building of statically linked helper binaries ++ - simply by removing the case of renaming the source package ++ - change the shlibs file: s/-unstripped-/-extra-/ ++ ++ -- Reinhard Tartler Thu, 13 Aug 2009 12:48:27 +0200 ++ ++ffmpeg-debian (4:0.5+svn20090609-2) unstable; urgency=low ++ ++ [ Fabian Greffrath ] ++ * Remove .install files for unstripped packages that we do not build ++ from this branch anyway. ++ * Remove debian/fixup-config.sh which was only a hack needed to repair ++ the crippled config.h ++ * Finally remove strip.sh. ++ ++ [ Andres Mejia ] ++ * Add vdpau support by including vdpau headers in deb packaging. ++ (Closes: #511544) ++ * Don't disable encoders if internalencoders is set in ++ DEB_BUILD_OPTIONS. ++ * Enable yasm for i386 and amd64. ++ ++ [ Reinhard Tartler ] ++ * clarifications suggested by upstream in README.Source ++ * refresh patches ++ ++ [ Fabian Greffrath ] ++ * Document the copyright notice and license for the VDPAU headers in ++ debian/copyright. ++ * Remove parallel make support from debian/confflags, it's overridden ++ in debian/rules anyway. ++ * Quote opts in debian/watch. ++ * Bump debhelper compat to 7. ++ * Clean up clean target in debian/rules in favour of debian/clean. ++ * Replace "dh_clean -k" by dh_prep. ++ ++ [ Reinhard Tartler ] ++ * remove duplicated libxvmc-dev build dependency ++ * sort build dependencies alphabetically ++ * remove section numbering from README.Debian ++ * add note about the lintian override ++ ++ -- Reinhard Tartler Thu, 13 Aug 2009 12:46:46 +0200 ++ ++ffmpeg-debian (4:0.5+svn20090609-1) unstable; urgency=low ++ ++ [ Andres Mejia ] ++ * Add myself to Uploaders list. ++ * Reorder when dh_strip is done so qt-faststart is also ++ stripped. ++ * Update to control files. ++ * Add new confflags for new build dependencies. ++ * Use .docs files to add ffmpeg and ffmpeg-doc documentation. ++ * Use .docs files for installing documentation. ++ * Add comment to 900_doxyfile patch. ++ * Add man page for qt-faststart. ++ * Bump version in changelog to prepare new release ++ * Fix FTBFS for ffmpeg source package with -dev packages (Closes: #527761) ++ * Use dh_lintian to install lintian overrides ++ * Update comment on fpic-* patches ++ * Build-Depend on debhelper (>= 6.0.7~) for dh_lintian. ++ * Add lintian overrides for remaining fpic lintian errors. ++ * Shorten comment on lintian-overrides. ++ * Allow passing in extra confflags, removes the need for fix-fpic ++ DEB_BUILD_OPTIONS. ++ * Fix FTBFS on kfreebsd. (Closes: #528591) ++ * Include patches to allow us to use opencore-amr libraries. ++ ++ [ Reinhard Tartler ] ++ * remove debian/control.* mechanism ++ * improve patch description for debian/patches/100_kfreebsd ++ ++ [ Andres Mejia ] ++ * Add lintian overrides for ffmpeg-debian source warnings. ++ * Only use .svnrevision if it's readable. ++ * Update source lintian-overrides for modifications to debian/rules. ++ * Add fix for FTBFS for GNU Hurd OS. Thanks Marc Dequènes. ++ (Closes: #530436) ++ ++ [ Felipe Sateler ] ++ * Don't add -unstripped to the unstripped variant version number ++ in debian/README.upstream-upgrade. ++ * In the same file, pass explicit version to git-import-orig ++ ++ [ Fabian Greffrath ] ++ * Cleaned up debian/watch file. ++ * Add notes why we no longer strip the orig.tar.gz. ++ ++ [ Andres Mejia ] ++ * Fix watch file to ignore daily snapshots. ++ * Make get-orig-source.sh executable. ++ ++ [ Reinhard Tartler ] ++ * add patch for qtrle encoding (Closes: #530016) ++ * Enable xvmc support by adding libxvmc-dev to build dependencies ++ * really add libopenjpeg-dev to build depends, actually enabling ++ the openjpeg decoder. ++ * reorganise README.Debian for the new plan [tm] ++ * no longer strip the source on upstream upgrades ++ * Imported Upstream version 0.5+svn20090609 ++ * adjust notes in README.upstream-upgrade for the now unstripped ++ debian source package ++ * remove hack to build with stripped sources ++ * bump standards version, no changes needed ++ ++ -- Reinhard Tartler Sun, 05 Jul 2009 22:52:43 +0200 ++ ++ffmpeg-debian (4:0.5+svn20090420-2) unstable; urgency=low ++ ++ * debian/control: fix dependencies for libavutil-dev and libavfilter-dev ++ so that they can be used with the unstripped variants properly. ++ * debian/rules: set nooptflags only for relevant architectures. ++ * explicitly disable 'dangerous' encoders on the --configure line. ++ * fix SHLIBS_VERSION in debian/rules (Closes: #527350). ++ ++ -- Reinhard Tartler Mon, 04 May 2009 07:41:19 +0200 ++ ++ffmpeg-debian (4:0.5+svn20090420-1) unstable; urgency=low ++ ++ [ Fabian Greffrath ] ++ * Merge the contents of patents.txt into README.Debian and change some ++ paragraphs to (hopefully) add some more clarity on the removed encoders ++ and the package naming scheme. Based on suggestions by Xavier Douville ++ , thank you very much for the review. (Closes: #519025) ++ * Reorder some confflags to account for GPL licensed libraries. ++ * Remove patents.txt ++ * Explicitely mention that no decoders are disabled in our packages. ++ ++ [ Loïc Minier ] ++ * Disable more autodetecter ARM arch features ++ * Add neon and vfp flavors to armel disabled for now ++ * vfp CFLAGS: add "-mfpu=vfp -mfloat-abi=softfp" ++ ++ [ Reinhard Tartler ] ++ * New Upstream Version (svn revision 18630) ++ * bump epoch as 0.5 was released. Future version will use '+' to indicate ++ that the package is based on a release branch and '~' to indicate that ++ the package is based on the 'trunk' branch. ++ * update from the upstream release branch to generate a new upstream ++ tarball. ++ * add a git-buildpackage config file at debian/gbp.conf ++ * beautify identification string ++ * debian/rules: bump epoch to '4' ++ * update section names in control file ++ * update upstream svn server url ++ * fixup get-orig-source rules in debian/rules ++ * create right filenames for the orig.tar.gz files ++ * update README.upstream-upgrate for new versioning scheme ++ * remove debian/005_release_branch_changes.diff ++ * remove reference to 020_visibility_patch ++ * install the upstream license file and release notes ++ * allow -dev packages be installed with the unstripped variants ++ Closes: #526007, LP: #312898 ++ * be more careful with svn:externals in debian/get-orig-source.sh. ++ (Closes: #525348) ++ ++ -- Reinhard Tartler Sat, 02 May 2009 09:09:54 +0200 ++ ++ffmpeg-debian (3:0.svn20090303-1) unstable; urgency=low ++ ++ * New Upstream Version (svn revision 17737 libswscale revision 28799) ++ - Electronic Arts TQI decoder ++ - OpenJPEG based JPEG 2000 decoder ++ - NC (NC4600) camera file demuxer ++ - Gopher client support ++ - MXF D-10 muxer ++ - generic metadata API ++ * debian/get-orig-source.sh: Track the version 0.5 release branch. The ++ version number does not really reflect this, but this package is ++ actually very close to the 0.5 release branch. ++ * various cleanups to improve get-orig-source.sh ++ * Remove liba52 from the suggests field in debian/control.ffmpeg, as ++ ffmpeg does no longer use it since upload 0.svn20080206-10. ++ * Fix the Vcs-Git urls to the correct locations. ++ * The libavformat52 now links against libavcodec52, which breaks ++ applications that *ALSO* link against libavcodec51. Adding a ++ Breaks: libavcodec51 should prevent this and (hopefully) Closes: #516885. ++ * improve parallel builds on SMP/multicores by supporting the parallel ++ flag in DEB_BUILD_OPTIONS, and default to the number of available CPUs ++ on i386 and amd64. ++ * Drop unapplied patches from debian/patches. ++ * bump shlibs version. ++ ++ -- Reinhard Tartler Tue, 03 Mar 2009 21:01:25 +0100 ++ ++ffmpeg-debian (3:0.svn20090204-3) unstable; urgency=low ++ ++ [ Fabian Greffrath ] ++ * remove libasound2-dev from build-depends on non-Linux archs ++ ++ [ Reinhard Tartler ] ++ * fix postinst generation by calling dh_installdeb after dh_makeshlibs ++ * upload to unstable ++ ++ -- Reinhard Tartler Sun, 22 Feb 2009 09:32:49 +0100 ++ ++ffmpeg-debian (3:0.svn20090204-2) experimental; urgency=low ++ ++ * add libxvmc-dev to build-depends in the 'ffmpeg' variant ++ * add libasound2-dev to build-depends. This means that ffplay is now able to ++ actually play using alsa directly instead only via libsdl ++ * add epochs for the "internal" shlibs dependencies ++ ++ -- Reinhard Tartler Thu, 05 Feb 2009 20:30:05 +0100 ++ ++ffmpeg-debian (3:0.svn20090204-1) experimental; urgency=low ++ ++ [ Reinhard Tartler ] ++ * New Upstream Version (svn revision 16978 libswscale revision 28461) ++ ++ Upstream Changes: ++ - R3D REDCODE demuxer ++ - ALSA support for playback and record ++ ++ * strighten internal dependencies by using a shlibs.local file ++ Closes: #512844, #512466 ++ * New upstream version reintroduces a compatibility symbol ff_gcd ++ Closes: #512946 ++ * Bump shlibs because of changes of the Metadata API in libavformat. ++ Actually no other package should use them yet, but let's better play safe ++ here... ++ * no longer install dsputil.h. It exposes lots of function that are private ++ to ffmpeg and may change on any new upstream revision. Please get in touch ++ with the ffmpeg maintainers if you maintain packages that rely on that ++ ffmpeg internal headers like this. ++ * simplify debian/confflags by doing autodetection of headers: ++ - xvid.h ++ - lame/lame.h ++ - faac.h ++ - x264.h ++ - vdpau/vdpau.h ++ Also remove the setting externalcodecs from DEB_BUILD_OPTIONS. The codecs ++ will be enabled as soon as the headers are installed on the filesystem, ++ so there is no need in enabling that separately. ++ * install ffpresets in /usr/share/ffmpeg/. Currently only presets for ++ x264 are avaiable, so a libx264 enabled libavcodec (like ++ libavcodec-unstripped-52) is needed to actually use them. ++ ++ [ Fabian Greffrath ] ++ * Enabled Speex decoding via libspeex. ++ * Use an alternative approach to achieve strict internal dependencies ++ by calling dh_makeshlibs twice in debian/rules instead of a ++ debian/shlibs.local file. ++ ++ -- Reinhard Tartler Sun, 01 Feb 2009 19:54:27 +0100 ++ ++ffmpeg-debian (3:0.svn20090119-1) experimental; urgency=low ++ ++ * New Upstream Version (svn revision 16681 libswscale revision 28341) ++ * update Vcs-Git tags. Packaging has now moved to git ++ * updates to packaging that faciliate building the unstripped and ubuntu ++ variants of this package ++ * enable xvmc support ++ ++ Upstream Changes: ++ - SVQ3 watermark decoding support ++ - hybrid WavPack support ++ ++ -- Reinhard Tartler Tue, 20 Jan 2009 00:55:26 +0100 ++ ++ffmpeg-debian (3:0.svn20090110-1) experimental; urgency=low ++ ++ * new upstream svn snapshot (svn revision 16508, libswscale revision 28286) ++ ++ Upstream Changes: ++ - RV30 and RV40 decoder ++ - QCELP / PureVoice decoder ++ ++ * removed patch 050_fix_pkgconfig_files.patch. Merged upstream ++ * disabled patch 020_visibility_patch. It needs to be adapted to the new ++ upstream changes. Hopefully it will get merged into ffmpeg properly. ++ * install formats.txt in the libavcodec52 package to document what ++ formats this version of ffmpeg has enabled. ++ ++ -- Reinhard Tartler Sun, 11 Jan 2009 20:55:48 +0100 ++ ++ffmpeg-debian (3:0.svn20081115-1) experimental; urgency=low ++ ++ * new upstream svn snapshot (svn revision 15824, libswscale revision 27910) ++ * bump standards version to version 3.8.0, no changes needed ++ * Adjust pkg-files to no longer put unnecessary dependencies in the generated ++ .pc files. Closes: #504220 ++ ++ -- Reinhard Tartler Mon, 10 Nov 2008 21:37:16 +0100 ++ ++ffmpeg-debian (3:0.svn20081108-1) experimental; urgency=low ++ ++ * upstream svn snapshot (svn revision 15786, libswscale revision 27900). ++ * apply visibility patch from ffmpeg-devel mailing list. This reduces the ++ number of symbols that are exposed to other applications. Please file ++ bugs if applications fail to link against ffmpeg because of that. ++ * remove 001_fixup_version.diff patch and use upstream --extra-version ++ configure flag instead. ++ * now really remove 015_img_convert.patch from source package. ++ ++ -- Reinhard Tartler Sat, 08 Nov 2008 16:38:23 +0100 ++ ++ffmpeg-debian (3:0.svn20080925-1) experimental; urgency=low ++ ++ [ Loic Minier ] ++ * Tweak sed versions regexps to deal with epochs and upstream revisions with ++ dashes and be generally stricter. ++ * Large cleanup to rules logic: drop some cruft, rewrite some small chunks ++ in a slightly more readable manner, whitespaces, .PHONY fixes, ++ internalencoders handling, shlibs logic... ++ * Rename SRC_VERSION to UPSTREAM_VERSION in rules. ++ * Use DEB_SOURCE from the Source: field of dpkg-parsechangelog's output ++ instead of hardcoding the name of the source. ++ ++ [ Reinhard Tartler ] ++ * new svn snapshot (svn revision 15404, libswscale revision 27636). ++ * SONAME change: libavcodec51 -> libavcodec52 ++ * drop old scaler (imgres/imgconvert). Upstream is about to remove it ++ completely. ++ - reporter claims that a newer snapshot fixes a crash in the dca decoder. ++ Thanks to "Alexander E. Patrakov" (Closes: #496612) ++ * reenable h261 encoder (Closes: #459073) ++ ++ [ Fabian Greffrath ] ++ * debian/{ffmpeg,lib*-dev}.install: ++ + Simplified, e.g. install the whole /usr/include/ sub-directory for each ++ particular library instead of single header files one by one. ++ * debian/control, debian/confflags: ++ + Enabled Dirac support via libschroedinger. (Closes: #499785) ++ * debian/changelog: ++ + Added an epoch needed for Ubuntu. ++ * debian/control: ++ + Removed Conflicts and Replaces against packages that either aren't even ++ in Debian 4.0 "Etch" anymore or that use the deprecated naming scheme ++ from . ++ + Since ffmpeg-config has been removed from our packages, all inter-package ++ Conflicts and Replaces may be removed, too. ++ + Removed Build-Conflicts against libdc1394-13-dev, because ++ libdc1394-22-dev already does this for us. ++ + Updated inter-package dependencies and demoted Depends on external ++ library packages to Suggests, since we shouldn't encourage package ++ maintainers to link statically against libav*. ++ * debian/confflags, debian/control, debian/rules, debian/libavfilter*: ++ + Built libavfilter and disabled vhook in turn (Closes: #499787). ++ ++ [ Loic Minier ] ++ * Remove debug echo which broke shlibs, sorry. ++ * Fix Vcs-* control fields; thanks Gerfried Fuchs. ++ * Mention upstream SVN in debian/copyright; thanks Gerfried Fuchs; ++ closes: #499914. ++ ++ -- Reinhard Tartler Sat, 06 Sep 2008 20:07:01 +0200 ++ ++ffmpeg-debian (0.svn20080206-12) unstable; urgency=low ++ ++ * enable vhook in all flavors. (Closes: #490272, LP: #260296) ++ * make ffmpeg output a proper version number. (Closes: #496133, #483923) ++ ++ -- Reinhard Tartler Sat, 23 Aug 2008 10:49:10 +0200 ++ ++ffmpeg-debian (0.svn20080206-11) unstable; urgency=low ++ ++ [ Reinhard Tartler ] ++ * new patch: patches/010_fix_ftbfs_hppa.diff: On hppa shared objects ++ do required object files to be build "-fPIC -DPIC". Patch taken ++ from upstream svn. ++ * bugfix: libraries linked with libX11 on GNU/kFreeBSD. Thanks to ++ Aurelien Jarno for the patch. (Closes: #487252) ++ ++ [ Fabian Greffrath ] ++ * debian/confflags, debian/control: ++ + Build-Depend on libdc1394-22-dev explicitely and add ++ Build-Conflicts on libdc1394-13-dev (Closes: #490319). ++ ++ -- Reinhard Tartler Wed, 16 Jul 2008 10:41:49 +0200 ++ ++ffmpeg-debian (0.svn20080206-10) unstable; urgency=high ++ ++ * enable mmx and sse3 in builds. These CPU features are autodetected ++ at runtime on amd64 and i386 using the 'cpuid' instrcution. ++ (Closes: #489732) ++ * disable support for liba52-dev. ffmpeg has its own implementation. ++ * don't add -fPIC -DPIC forcefully to ./configure. upstream claim that ++ the configure script gets this right on all architectures itself. ++ * Add patch 020_bug489965_bufferoverflow_str_demuxer.diff. Fixes a ++ buffer overflow in the STR demuxer. Thanks to Moritz Muehlenhoff for ++ reporting the issue. (Closes: #489965) ++ * Raising severity to high because of security issue. ++ * rework the shlibs file. Make applications linking against libraries ++ produced by this source package generate an alternate dependency on ++ the 'unstripped' variants of this package. They actually do not exist ++ yet at this point, but this way reverse dependencies are enabled to ++ use them when they eventually appear. ++ ++ -- Reinhard Tartler Wed, 09 Jul 2008 14:04:06 +0200 ++ ++ffmpeg-debian (0.svn20080206-9) unstable; urgency=low ++ ++ [ Reinhard Tartler ] ++ * cleanup 010_proper_rpath.diff: remove spurious linker search paths. ++ * debian/strip.sh: no need to remove the glue code for x264 and xvid. ++ However, since that code is not built in debian anyway, the orig.tar.gz ++ was not rebuilt with this change. ++ * provide mmx-enabled shared objects on amd64. AFAIK all amd64 machines ++ do support MMX. ++ * Provide optimized versions of the libraries along the unoptimized ++ ones. They are installed in machines and architecture specific ++ directories. Optimized for further target will be added per request, ++ please file bugs to request them. ++ * rename the source package (again), this time on upstream's request. ++ The former name was considered insulting by upstream, because it ++ somewhat indicated the original source was somehow 'non-free', which is ++ not the case. The new name now represents that we modified the package ++ so that it becomes acceptable for debian. ++ * Cleanups in debian/rules file. ++ * Add verbose explanations about the renaming in README.Debian. ++ ++ [ Fabian Greffrath ] ++ * debian/control: ++ + Added Conflicts and Replaces against obsolete library packages from ++ wearing the 'cvs' suffix in their names ++ (Closes: #484585, #484586, #484587, #484776, #484778). ++ + Added doxygen to Build-Depends. ++ + Introduced new package 'ffmpeg-doc' that contains html doxygen ++ documentation of the ffmpeg API (Closes: #438369). ++ + Changed Build-Depends from libdc1394-13-dev to libdc1394-22-dev, ++ which is supported upstream since r11501. ++ * debian/ffmpeg-doc.install: ++ + Added. ++ * debian/rules: ++ + Build and install html doxygen documentation. ++ + Avoid dependency of build-stamp rule on phony targets. ++ * debian/libavutil-dev.install, debian/rules, ++ debian/patches/010_ffmpeg-config.diff: ++ + Removed ffmpeg-config, use pkg-config instead (maintainers of affected ++ packages have been informed, see #487917 to #487922). ++ ++ [ Darren Salt ] ++ * Added patch 900_doxyfile: tell doxyfile to ignore debian* directories. ++ * debian/rules: ++ - Reworked building so that separate source & build directories are ++ used. This makes cleanup simpler and speeds up maintenance by avoiding ++ complete rebuilds when using "debuild binary". ++ - Removed some file installation 'cp' commands, made unnecessary due to ++ the build reworking. ++ - Unpatching is now done *after* cleaning. ++ ++ -- Reinhard Tartler Mon, 30 Jun 2008 15:27:50 +0200 ++ ++ffmpeg-free (0.svn20080206-8) unstable; urgency=low ++ ++ [ Fabian Greffrath ] ++ ++ * debian/control: ++ + Added Conflicts and Replaces on libavutil-dev (<< 0.svn20080206-7) ++ to libavcodec-dev (Closes: #483548). ++ ++ [ Reinhard Tartler ] ++ ++ * remove patches from the debian package as disussed with upstream: ++ - 005_runtime_cpudetect.diff: it is supposed to fix runtime cpu detection ++ on i386. The code (and the define) has undergone large refactoring wrt. ++ the define RUNTIME_CPUDETECT. It is very likely to have undisired ++ side-effects with this version of ffmpeg. It therefore seem more safe ++ to me to actually remove this patch for now, and reinvestigate the ++ problems that occur, if they do. (Related to: #482717) ++ - 005_m68k_workaround.diff: works around bugs in gcc for m68k. ++ - 006_mips_pthreads.diff: was an workaround for (now fixed) #428741. ++ - 020_fix_sws_scale_crash: patch has been rejected upstream: ++ http://lists.mplayerhq.hu/pipermail/ffmpeg-devel/2008-May/047846.html ++ - 054_h264_mmx_chroma_mc_crash.diff. According to upstream, this has ++ been fixed in a different way and is not reproducible. Verified that ++ the file referenced in bug #404176 does not crash anymore even ++ without this patch. ++ * new patch: 015_reenable-img_convert.diff. Unlike previous version of this ++ patch, this uses a more lightweight approach. With building imgresample, a ++ few symbol clashes occur with libswscale. We therefore strip off symbols ++ that are already provided by libswscale. (Closes: #483960). ++ * remove 011_link_plugins.diff. It is completely unnecessary now. ++ * refactor quilt usage: use /usr/share/quilt/quilt.make. ++ * support building in paralell. make snippet taken from the qemu package. ++ * cleanups in debian/rules. ++ * Move ffmpeg-config back to libavutil. This way we can avoid a circular ++ dependency between libavutil-dev and libavcodec-dev. (Closes: #484132). ++ libavcodec uses libavutil internally, so this dependency cannot be avoided. ++ * disable altivec, at least for now. (Closes: #482717) ++ * always compile with --disable-strip. We strip the binaries afterwards using ++ dh_strip anyways. ++ * Remove depdency substitutions ${shlibs:Depends} and ${misc:Depends} from the ++ -dev packages. ++ ++ -- Reinhard Tartler Wed, 04 Jun 2008 00:04:08 +0200 ++ ++ffmpeg-free (0.svn20080206-7) unstable; urgency=low ++ ++ * debian/control: ++ + Removed unnecessary Conflicts and Replaces from libswscale0 ++ (Closes: #481908), thanks Guillem Jover. ++ + Made libavutil-dev depend on libavcodec-dev. ++ * debian/libavcodec.install, debian/libavutil.install: ++ + Moved ffmpeg-config (script and manpage) from libavutil-dev to ++ libavcodec-dev (really Closes: #482213, #482214). ++ ++ -- Fabian Greffrath Tue, 28 May 2008 16:02:03 +0200 ++ ++ffmpeg-free (0.svn20080206-6) unstable; urgency=low ++ ++ * Bug fix: "libavg: FTBFS: ld: cannot find -ldts", thanks to Lucas ++ Nussbaum (Closes: #482213, 482214). Fixed by removing -ldts from ++ ffmpeg-config. ++ ++ -- Reinhard Tartler Tue, 27 May 2008 12:45:10 +0200 ++ ++ffmpeg-free (0.svn20080206-5) unstable; urgency=low ++ ++ [ Fabian Greffrath ] ++ * debian/control: ++ + Fixed dependency typo, libswscale0 conflicts with libswsacle1d but not ++ libswscale1d (Closes: #481908). ++ ++ [ Reinhard Tartler ] ++ * disable 015_build_imgresample.diff. Please port all applications ++ needing the symbols sws_{scale,getContext}, ++ sws_{getCachedContext,freeContext} to use libswscale instead. ++ * downgrade debhelper depencency to level 5. We don't use any of the ++ level 6 features, and level 5 faciliates backporting to earlier ++ releases massively. ++ * remove unapplied patches from source to reduce the size of the ++ .diff.gz. The old patches can be retrieved from branches in our svn. ++ ++ -- Reinhard Tartler Thu, 22 May 2008 09:26:06 +0200 ++ ++ffmpeg-free (0.svn20080206-4) unstable; urgency=low ++ ++ * debian/rules: ++ + Moved confflags, that result in GPL versions of the libraries, into a ++ dedicated variable gpl_confflags. Add this to the common confflags. ++ + Moved --prefix=/usr to the common confflags. ++ + Added some comments and whitespace (nothing special). ++ + Renamed the "risky" keyword to "internalencoders". Set this in ++ DEB_BUILD_OPTIONS in order to create and build from an unstripped tarball ++ in the get-orig-source and build rules (Closes: #478010). ++ + Introduced the "externalcodecs" keyword. Set this in DEB_BUILD_OPTIONS to ++ enable support for additional codecs via external libraries. ++ + Commented out the amr?b codecs among the external codecs, because the ++ resulting packages will be unredistributable. ++ ++ -- Fabian Greffrath Tue, 29 Apr 2008 09:07:11 +0100 ++ ++ffmpeg-free (0.svn20080206-3) experimental; urgency=low ++ ++ * install qt-faststart. Thanks Stefan Hermann for the patch from ubuntu. ++ (Closes: #470484) ++ * Reenable 020_fix_libswscale_pic_code, fixes FTBFS on amd64. ++ * Reenable altivec, fixes FTBFS on powerpc. ++ * Add some notes about the removed mpeg encoders (Closes: #440702) ++ ++ -- Reinhard Tartler Fri, 18 Apr 2008 23:02:24 +0200 ++ ++ffmpeg-free (0.svn20080206-2) experimental; urgency=low ++ ++ [ Reinhard Tartler ] ++ * patches/020_fix_sws_scale_crash: if sws_scale is given an invalid context ++ (e.g. a null pointer), the function will crash because of a null pointer ++ dereference. Add a check for that here. ++ * add Conflicts/Replaces for libswscale1d. ++ * Due to the fact that we no longer build the shared version of ffmpeg with ++ mmx optimisations, the following patches have been dropped: ++ - 020_mmx_optims.diff ++ - 020_mmx_pic_code.diff ++ - 020_disable_snow_mmx_in_pic.diff ++ - 020_fix_libswscale_pic_code ++ ++ [ Fabian Greffrath ] ++ * debian/control: ++ + Added libx11-dev and libxext-dev to Build-Depends. ++ * debian/rules: ++ + Build with --enable-x11grab (Closes: #441983). ++ + Build ffmpeg and shared libraries with --extra-cflags="-fPIC -DPIC" ++ (feeling confident that this closes: #472613) and "drop the surgery ++ regarding Makefile.pic and config.mak.pic". ++ + In this context, cleaned up build rule: Run '$(MAKE)' and '$(MAKE) clean' ++ from the top source directory instead of diving into the library ++ directories; force move during backup and recovery of the static ++ libraries; let the build rule itself depend on config-extra-includes.h ++ (instead of build-stamp) to avoid being run again from the binary rule; ++ some more minor changes of cosmetic type. ++ + Renamed config-extra-includes rule to config-extra-includes.h to ++ reflect the file name of the created file (also changed to override it ++ instead of appending) and to avoid the rule to be run twice. ++ + Disabled all architecture-specific optimizations for the time being. ++ ++ -- Fabian Greffrath Fri, 1 Apr 2008 17:22:00 +0100 ++ ++ffmpeg-free (0.svn20080206-1) experimental; urgency=low ++ ++ [ Reinhard Tartler ] ++ * new upstream release (Closes: #471136) ++ * refreshed patches ++ * libogg was dropped upstream ++ * no longer install integer.h, as it is not part of the public API (see ++ upstream r11642). ++ * no longer install rtp.h, as it is not part of the public API (see ++ upstream r11505). ++ * install crc.h and sha1.h to libavutil-dev, since it is part of the ++ public API now. ++ * introduce new package: libavdevice52 and libavdevice-dev. ++ * Implemented debian/get-orig-source.sh and adjusted the get-orig-source ++ target in debian/rules to use that. ++ * fix invocation of the testsuite. ++ * bump standards version to 3.7.3 (no changes needed). ++ * add script recordshow.sh (Closes: 461434). Thanks to ++ Daniel Dickinson ++ * Introdcue binary package ffmpeg-dbg, which contains debugging symbols ++ of the shared library packages. ++ ++ [ Fabian Greffrath ] ++ * debian/changelog: ++ + Source is exported from SVN, not CVS. Reflect this in the versioning ++ scheme (Closes: #468319). ++ * debian/control: ++ + Changed Build-Depends to liba52-0.7.4-dev | liba52-dev. ++ + Improved descriptions and dependencies for libavdevice packages. ++ * debian/control, debian/compat: ++ + Bumped debhelper Build-Depends to (>= 6.0.0). ++ * debian/control, debian/*.install: ++ + Adopted shared library package names to upstream SONAMEs. ++ * debian/README.Debian: ++ + Updated, since AAC decoding (through FAAD) is now enabled. ++ + Updated URL for unofficial ffmpeg packages. ++ * debian/rules: ++ + Reordered confflags to optionally build LGPL versions of the libraries. ++ + Removed trailing whitespace. ++ + Removed unused strip rule. ++ + Added libxvidcore4-dev to weak-build-deps and fixed confflags ++ in DEB_BUILD_OPTIONS=risky accordingly. ++ + Added a get-orig-source rule to reproduce the source tarball. Produce an ++ unstripped tarball if DEB_BUILD_OPTIONS=risky. ++ + Do not run debian/fixup-config.sh if DEB_BUILD_OPTIONS=risky. ++ * debian/patches/011_link_plugins.diff: ++ + Updated to link all plugins against libavutil since they all use symbols ++ from this library. Resolves "symbols found in none of the libraries" ++ warnings from dpkg-shlibdeps. ++ ++ -- Reinhard Tartler Thu, 20 Mar 2008 17:57:21 +0100 ++ ++ffmpeg-free (0.cvs20071007-4) experimental; urgency=low ++ ++ [ Fabian Greffrath ] ++ * debian/control: ++ + Wrapped Uploaders, Build-Depends and Depends, ++ Conflicts and Replaces fields. ++ + Added libfaad-dev to Build-Depends. ++ + Added Homepage field. ++ + Added ${misc:Depends} to all Depends. ++ * debian/rules: ++ + Enabled faad support via libfaad ++ (Closes: #400094, #418230, #447089, #448068, #449387). ++ + Added libmp3lame-dev to weak-build-deps in DEB_BUILD_OPTIONS=risky. ++ + Added support for amrnb, amrwb and x264 (Closes: #432170) in ++ DEB_BUILD_OPTIONS=risky. ++ ++ [ Reinhard Tartler ] ++ * added Fabian Greffrath to Uploaders ++ ++ -- Reinhard Tartler Thu, 20 Mar 2008 15:55:11 +0100 ++ ++ffmpeg-free (0.cvs20071007-3) experimental; urgency=low ++ ++ * disable armv6 code generation. Thanks to Joey Hess for the patch ++ (Closes: #438923). ++ ++ -- Reinhard Tartler Sun, 13 Jan 2008 23:28:25 +0100 ++ ++ffmpeg-free (0.cvs20071007-2) experimental; urgency=low ++ ++ * restore soname on libavutil. got dropped on previous upload. ++ * Bug fix: "needs libavutil-dev headers but doesn't depend on it", ++ thanks to rmh@aybabtu.com (Closes: #434494). This was actually already ++ fixed in a previous upload. ++ * build dependencies in debian/control are now multiline. ++ * Drop the XS- from the Vcs-Browser and Vcs-Svn field. ++ ++ -- Reinhard Tartler Sun, 16 Dec 2007 21:36:49 +0100 ++ ++ffmpeg-free (0.cvs20071007-1) experimental; urgency=low ++ ++ * new upstream snapshot, using the same day as the mplayer release ++ * Refreshing patches: ++ -005_altivec_flags.diff: dropped, merged upstream ++ -005_m68k_workaround.diff: refreshed ++ -005_runtime_cpudetect.diff: refreshed ++ -006_mips_pthreads.diff: refreshed ++ -010_proper_rpath.diff: refreshed ++ -010_shared_library_versioning.diff: refreshed ++ -011_link_plugins.diff: refreshed (moved to top level makefile) ++ -015_build_imgresample.diff: refreshed ++ -020_disable_snow_mmx_in_pic.diff: refreshed ++ -020_fix_libswscale_pic_code.diff: refreshed ++ -020_mmx_optims.diff: refreshed ++ -020_mmx_pic_code.diff: refreshed ++ -040_early_altivec_detection.diff: disabled, doesn't apply anymore ++ -040_only_use_maltivec_when_needed.diff disabled, (causes ftbfs, needs revising) ++ -040_only_use_maltivec_when_needed.diff: refresh ++ -051_mjpeg_gray_support.diff, removed applied upstream ++ -053_rm_demux_crash.diff removed, applied upstream. ++ -060_fix_avi_skip.diff removed, does not apply anymore ++ * remove --enable-libdts. ffmpeg now has an internal dts decoder since ++ r9051 (2007-05-17). It seems that at least some packages link to libdts and ++ rely on the transitive dependency via ffmpeg. Please add explicit dependencies ++ on libdts instead! ++ * Don't ignore errors in upstream Makefile. Bug found via lintian. ++ ++ -- Reinhard Tartler Wed, 05 Dec 2007 17:33:34 +0100 ++ ++ffmpeg-free (0.cvs20070307-7) UNRELEASED; urgency=low ++ ++ * debian/patches/051_mjpeg_gray_support.diff: ++ + Support grayscale MJPEG streams as sent by Axis cameras. ++ ++ -- Sam Hocevar (Debian packages) Tue, 31 Jul 2007 18:55:31 +0200 ++ ++ffmpeg-free (0.cvs20070307-6) unstable; urgency=low ++ ++ * Rename the source package. We are (again) no longer shipping the ++ 'real' upstream source of ffmpeg. ++ * Add debian/strip.sh to strip ffmpeg upstream source disabling mpeg ++ based encoders as discussed with ftp-master at debconf7 ++ * update XS-Vcs tags in debian/control. ++ * make ffmpeg binNMU-able by using ${binary:Version} rather than ++ ${Source-Version} ++ ++ -- Reinhard Tartler Sat, 23 Jun 2007 15:11:21 +0100 ++ ++ffmpeg (0.cvs20070307-5) unstable; urgency=low ++ ++ * upload to unstable ++ * remove x264 support, as it has been removed from unstable ++ ++ -- Reinhard Tartler Wed, 30 May 2007 15:19:20 +0200 ++ ++ffmpeg (0.cvs20070307-4) experimental; urgency=low ++ ++ * added myself to uploaders ++ ++ * 020_fix_libswscale_pic_code: ++ + added, avoid some MMX code to avoid PIC code ++ ++ [ Sam Hocevar ] ++ ++ * fixed path in library installation. ++ ++ -- Reinhard Tartler Wed, 11 Apr 2007 23:17:47 +0200 ++ ++ffmpeg (0.cvs20070307-3) experimental; urgency=low ++ ++ * debian/patches/015_build_imgresample.diff: ++ + Build imgresample functions even with swscaler activated, or legacy ++ applications will stop working. ++ ++ * debian/patches/053_rm_demux_crash.diff: ++ + New patch: fix a double free with corrupted rm files (Closes: #379922). ++ ++ * debian/patches/054_h264_mmx_chroma_mc_crash.diff: ++ + New patch: workaround for a buffer overflow in the MMX H264 chroma ++ motion compensation until upstream fixes it properly (Closes: #404176). ++ ++ * debian/patches/300_c++_compliant_headers.diff: ++ + Define INT64_C() when the system headers don't provide it, for instance ++ when building C++ code. ++ ++ * debian/control: ++ + Set pkg-multimedia-maintainers as main maintainer. ++ + Updated VCS fields. ++ * debian/rules: ++ + Huge cleanup. ++ ++ -- Sam Hocevar (Debian packages) Wed, 14 Mar 2007 19:40:42 +0100 ++ ++ffmpeg (0.cvs20070307-2) experimental; urgency=low ++ ++ * debian/rules: ++ + Activate x264 support now that it is in unstable. ++ * debian/control: ++ + Build-depend on libx264-dev. ++ ++ -- Sam Hocevar (Debian packages) Mon, 12 Mar 2007 21:10:45 +0100 ++ ++ffmpeg (0.cvs20070307-1) experimental; urgency=low ++ ++ [ Sam Hocevar ] ++ ++ * New upstream snapshot (Closes: #403330, #404788). ++ * This snapshot fixes numerous file parsing crashes (Closes: #404176, ++ Closes: #407003, #396282, #365006, #403398). ++ ++ * debian/patches/010_proper_rpath.diff: ++ + New patch. Link objects with the libraries that we generate, not the ++ ones installed on the system. ++ ++ * debian/patches/010_shared_library_versioning.diff: ++ + Strip unneeded prefix from .pc files (Closes: #404758). ++ ++ * debian/patches/011_link_plugins.diff: ++ + New patch. Link vhook plugins with the appropriate libraries. ++ ++ * debian/patches/013_strip_unneeded_linker_flags.diff: ++ + Remove unneeded -l flags from .pc files (Closes: #373986). ++ ++ * debian/patches/020_mmx_optims.diff: ++ * debian/patches/020_disable_snow_mmx_in_pic.diff: ++ + Sync patches. ++ ++ * debian/patches/020_really_use_liba52.diff: ++ * debian/patches/050_h264-misc-security-fixes.diff: ++ * debian/patches/051_asf-misc-security-fixes.diff: ++ + Drop patches, applied upstream or no longer relevant. ++ ++ * debian/patches/040_only_use_maltivec_when_needed.diff: ++ + Upgraded patch to cover libswscale. ++ ++ * debian/libavcodec-dev.install: ++ + Ship lzo.h and random.h. ++ ++ * debian/rules: ++ + Fix syntax for a few --enable flags. ++ + Only ship ffmpeg_powerpc_performance_evaluation_howto.txt.gz on ++ powerpc machines (Closes: #385079). ++ + Readded --enable-libtheora, it's here again. ++ + Activate --enable-swscaler (Closes: #399141, #398442). ++ ++ [ Reinhard Tartler ] ++ ++ * debian/rules: ++ + Ignore libswscale.pc and rgb2rgb.h. ++ ++ * debian/libavcodec-dev.install: ++ + Ship fifo.h and opt.h. ++ ++ * debian/patches/005_altivec_flags.diff: ++ * debian/patches/005_m68k_workaround.diff: ++ * debian/patches/005_runtime_cpudetect.diff: ++ * debian/patches/006_mips_pthreads.diff: ++ * debian/patches/020_really_use_liba52.diff: ++ + Sync patches. ++ ++ * debian/patches/007_disable_ffmpeg_option.diff: ++ * debian/patches/030_arm_cpu_detect.diff: ++ * debian/patches/030_arm_workaround.diff: ++ + Drop patches, applied upstream or no longer relevant. ++ ++ -- Sam Hocevar (Debian packages) Fri, 9 Mar 2007 15:13:16 +0100 ++ ++ffmpeg (0.cvs20060823-7) unstable; urgency=high ++ ++ * debian/patches/040_only_use_maltivec_when_needed.diff: ++ + Fix a static function prototype that prevented programs using libpostproc ++ from working on PowerPC (Closes: #412214). ++ ++ * debian/control: ++ + Added Xs-Vcs-Browser and XS-Vcs-Svn fields. ++ ++ -- Sam Hocevar (Debian packages) Thu, 8 Mar 2007 17:51:37 +0100 ++ ++ffmpeg (0.cvs20060823-6) unstable; urgency=high ++ ++ * Upload to unstable. ++ ++ -- Loic Minier Thu, 1 Feb 2007 21:36:47 +0100 ++ ++ffmpeg (0.cvs20060823-5) testing-proposed-updates; urgency=high ++ ++ [ Loïc Minier ] ++ * Add myself to Uploaders. ++ * Exclude firewire libs from ffmpeg-config under kFreeBSD; based on a patch ++ by Petr Salinger; closes: #399701. ++ * Fix handling of debug in DEB_BUILD_OPTIONS; thanks Andreas Henriksson; ++ closes: #406474. ++ * SECURITY: New patch, 050_h264-misc-security-fixes, to properly check the ++ sps and pps ids before use and to check more bitstram values and fix ++ potential security holes; from upstream SVN r7585, r7586, and r7591. ++ * SECURITY: New patch, 051_asf-misc-security-fixes, to properly check ++ packet sizes, chunk sizes, and fragment positions; from upstream SVN r7640 ++ and r7650. ++ ++ [ Sam Hocevar ] ++ * debian/copyright: ++ + Fix typo and clarify licensing terms (Closes: #398235). ++ * debian/README.Debian: ++ + Removed mention of ffmpeg-config now that we ship .pc files. ++ * debian/patches/020_mmx_optims.diff: ++ + New patch, fix FTBFS with DEB_BUILD_OPTIONS=debug. ++ * debian/patches/040_early_altivec_detection.diff: ++ + New patch, detect AltiVec earlier on and only once so that we don't ++ risk using signal handlers in a multithreaded environment or when ++ the caller already installed a SIGILL handler. ++ * debian/patches/040_only_use_maltivec_when_needed.diff: ++ + New patch, only use -maltivec with files that use AltiVec intrinsics, ++ and make sure no codepath leads to these files on a non-AltiVec ++ machine (Closes: #405926). ++ * debian/patches/060_fix_avi_skip.diff: ++ + New patch, courtesy of Ben Hutchings: do not attempt to skip the ODML ++ if the current seek offset is already beyond it (Closes: #383734). ++ ++ -- Sam Hocevar (Debian packages) Mon, 29 Jan 2007 16:58:44 +0100 ++ ++ffmpeg (0.cvs20060823-4) unstable; urgency=high ++ ++ * Maintainer upload. ++ * Acknowledging NMU (Closes: #386458). ++ ++ * High urgency because of FTBFS fix. ++ ++ * debian/patches/030_arm_workaround.diff: ++ + New patch courtesy of Aurélien Jarno: disable the broken ARM assembly ++ code in libavcodec/mpegaudiodec.c. ++ ++ * debian/patches/030_arm_cpu_detect.diff: ++ + New patch courtesy of Aurélien Jarno: correctly detect the newer ARM ++ CPUs. ++ ++ -- Sam Hocevar (Debian packages) Sun, 24 Sep 2006 23:38:29 +0200 ++ ++ffmpeg (0.cvs20060823-3.1) unstable; urgency=medium ++ ++ * Non-maintainer upload. ++ * Fix variable substitution trick in debian/rules (Closes: #386458). ++ ++ -- Luk Claes Fri, 15 Sep 2006 21:29:07 +0200 ++ ++ffmpeg (0.cvs20060823-3) unstable; urgency=low ++ ++ * debian/rules: ++ + Take local packages into account when computing shlibs dependencies, so ++ that ffplay/ffserver depend on the proper libraries (Closes: #386029). ++ ++ -- Sam Hocevar (Debian packages) Tue, 5 Sep 2006 17:44:00 +0200 ++ ++ffmpeg (0.cvs20060823-2) unstable; urgency=low ++ ++ * debian/patches/020_really_use_liba52.diff: ++ + New patch: link with the shared liba52 instead of the built-in one. ++ ++ * debian/patches/006_mips_pthreads.diff: ++ + New patch: link libraries with -lpthreads on Linux MIPS because of a ++ known ld bug. ++ ++ * debian/patches/007_disable_ffmpeg_option.diff: ++ + New patch: add a --disable-ffmpeg option. ++ ++ -- Sam Hocevar (Debian packages) Wed, 30 Aug 2006 18:36:52 +0200 ++ ++ffmpeg (0.cvs20060823-1) unstable; urgency=low ++ ++ * New SVN snapshot (Closes: #368904). ++ * debian/control: ++ + Set policy to 3.7.2. ++ + Do not build 1394 support on GNU/kFreeBSD or Hurd. Patch courtesy of ++ Petr Salinger (Closes: #372290). ++ * debian/rules: ++ + Minor cleanup. ++ + Removed --enable-theora, upstream dropped that option. ++ ++ * debian/patches/020_mmx_intrinsics.diff: ++ + Disabled intrinsics workaround because it is no longer necessary and it ++ causes trouble with some codecs such as H264 (Closes: #373765). ++ ++ -- Sam Hocevar (Debian packages) Wed, 23 Aug 2006 12:09:58 +0200 ++ ++ffmpeg (0.cvs20060329-4) unstable; urgency=low ++ ++ * debian/control: ++ + Make each -dev package depend on the corresponding shared library ++ package (Closes: #361348). ++ + Moved libavutil files from libavformat-dev to libavcodec-dev which is ++ the real common dependency (Closes: #361269). ++ ++ -- Sam Hocevar (Debian packages) Sun, 9 Apr 2006 15:23:37 +0200 ++ ++ffmpeg (0.cvs20060329-3) unstable; urgency=low ++ ++ * debian/rules: that build system is hopeless. We now run configure and ++ make twice, backup static libraries inbetween, then update timestamps ++ to fool make. That should fix the FTBFS (Closes: #361215). ++ ++ -- Sam Hocevar (Debian packages) Fri, 7 Apr 2006 11:33:15 +0200 ++ ++ffmpeg (0.cvs20060329-2) unstable; urgency=low ++ ++ * debian/rules: fixed Makefile.pic generation. ++ ++ -- Sam Hocevar (Debian packages) Thu, 6 Apr 2006 16:37:05 +0200 ++ ++ffmpeg (0.cvs20060329-1) unstable; urgency=low ++ ++ * New CVS snapshot. ++ * Upstream fixed a double free in img.c (Closes: #351455). ++ * Upstream fixed the libvorbisenc dependency in libavcodec.pc ++ (Closes: #357352). ++ ++ * debian/rules: ++ + Activated threading support (Closes: #335677). ++ + Manually reinstall dsputil.h. ++ ++ * debian/README.Debian: ++ + Removed mention of --plugin-libs. ++ + Added a note about the unofficial packages (Closes: #306752). ++ ++ * 020_disable_snow_mmx_in_pic.diff: (new patch) disable MMX acceleration in ++ the Snow encoder in PIC mode. ++ ++ -- Sam Hocevar (Debian packages) Thu, 30 Mar 2006 10:41:17 +0200 ++ ++ffmpeg (0.cvs20060306-3) unstable; urgency=low ++ ++ * Switched patch system to quilt. ++ * debian/control: ++ + Build-depend on quilt. ++ ++ * 005_altivec_flags.diff: (new patch from old diff.gz) proper gcc flags to ++ only generate AltiVec code when explicitely asked. ++ ++ * 005_m68k_workaround.diff: (new patch from old diff.gz) use -O2 instead of ++ -O3 on m68k. ++ ++ * 005_runtime_cpudetect.diff: (new patch from old diff.gz) fix runtime CPU ++ detection on m68k and x86. ++ ++ * 010_ffmpeg-config.diff: (new patch from old diff.gz) the ffmpeg-config ++ script and associated manpage (legacy). ++ ++ * 010_shared_library_versioning.diff: (new patch from old diff.gz) use a ++ Debian-specific scheme for shared library versioning to avoid spreading ++ libraries incompatible with every other version. ++ ++ * 020_mmx_intrinsics.diff: (new patch from old diff.gz) use MMX intrinsics ++ in dsputil_mmx.c because gcc is unable to compute some register constraints ++ in PIC mode. ++ ++ * 020_mmx_pic_code.diff: (new patch from old diff.gz) ported some MMX code ++ to be PIC. ++ ++ -- Sam Hocevar (Debian packages) Wed, 29 Mar 2006 18:53:35 +0200 ++ ++ffmpeg (0.cvs20060306-2) unstable; urgency=low ++ ++ * ffmpeg-config.in: removed references to _pic libraries. ++ ++ -- Sam Hocevar (Debian packages) Fri, 17 Mar 2006 20:08:29 +0100 ++ ++ffmpeg (0.cvs20060306-1) unstable; urgency=low ++ ++ * New CVS snapshot. ++ * Upstream now properly installs dsputil.h (Closes: #354391). ++ * debian/control: ++ + Distribute shared versions of the libraries with a Debian-specific ++ soname. ++ * debian/rules: ++ + Removed all custom PIC rules. ++ + Moved ffmpeg-config to libavformat-dev instead of libavcodec-dev so that ++ it is present by default (Closes: #350750). ++ + Include apiexample.c in libavcodec-dev (Closes: #350027). ++ ++ -- Sam Hocevar (Debian packages) Mon, 6 Mar 2006 11:05:26 +0100 ++ ++ffmpeg (0.cvs20050918-6) unstable; urgency=low ++ ++ * Developer upload. ++ * Acknowledge NMU. Thanks to Samuel Mimram (Closes: #342207). ++ * configure: ++ + Set RUNTIME_CPUDETECT (except on m68k where it ICEs and on x86 where it ++ fails to build some asm constructs) (Closes: #337846). ++ * debian/rules: ++ + Make the build process aware of DEB_BUILD_OPTIONS, thanks to Timo ++ Lindfors (Closes: #338895). ++ ++ -- Sam Hocevar (Debian packages) Sat, 21 Jan 2006 16:51:26 +0100 ++ ++ffmpeg (0.cvs20050918-5.1) unstable; urgency=low ++ ++ * NMU. ++ * Fix exploitable heap overflow in libavcodec's handling of images with ++ PIX_FMT_PAL8 pixel formats (CVE-2005-4048), closes: #342207. ++ ++ -- Samuel Mimram Sun, 15 Jan 2006 14:44:36 +0100 ++ ++ffmpeg (0.cvs20050918-5) unstable; urgency=low ++ ++ * ffmpeg-config.1: fixed the examples and added a note that static libraries ++ should be put after the objects that refer to them (Closes: #339803). ++ ++ -- Sam Hocevar (Debian packages) Fri, 18 Nov 2005 23:58:16 +0100 ++ ++ffmpeg (0.cvs20050918-4) unstable; urgency=low ++ ++ * configure: ++ + Tell the configure script about m68k, ia64 and others. ++ ++ -- Sam Hocevar (Debian packages) Thu, 22 Sep 2005 14:43:59 +0200 ++ ++ffmpeg (0.cvs20050918-3) unstable; urgency=low ++ ++ * configure: ++ + Use -O2 instead of -O3 on m68k to avoid ICEs. ++ ++ -- Sam Hocevar (Debian packages) Tue, 20 Sep 2005 17:33:14 +0200 ++ ++ffmpeg (0.cvs20050918-2) unstable; urgency=low ++ ++ * libavcodec/i386/dsputil_mmx.c: ++ + Reworked the MMX intrinsics. ++ * tests/libav.regression.ref: ++ + Minor cosmetic fix to use double-digit numbers in test sequences. ++ * debian/control: ++ + PowerPC no longer needs to use gcc-3.4, since 4.x is the default. ++ * libavcodec/Makefile: ++ + Removed special compilation case for HPPA now that we use 4.x. ++ ++ -- Sam Hocevar (Debian packages) Sun, 18 Sep 2005 17:43:48 +0200 ++ ++ffmpeg (0.cvs20050918-1) unstable; urgency=low ++ ++ * New CVS snapshot. ++ * Upstream applied most Debian patches. ++ * configure: ++ + Do not use -mabi=altivec (-maltivec is enough for our AltiVec code) so ++ that our code still runs on a G3 computer (Closes: #319151). ++ * debian/rules: ++ + When not cross-compiling, run the regression tests (Closes: #292102). ++ * debian/changelog: ++ + Updated the FSF address. ++ * ffmpeg-config.in: ++ + Fixed avcodec linkage (Closes: #328505). ++ * libavcodec/i386/mpegvideo_mmx_template.c: ++ + Applied patch from Tobias Grimm to fix the PIC MMX code for MPEG ++ encoding (Closes: #318493). ++ * libavcodec/i386/dsputil_mmx.c: ++ + Applied patch from Joshua Kwan to fix the AMD64 build (Closes: #324026). ++ + Reworked that patch so that it still compiles on x86. ++ ++ -- Sam Hocevar (Debian packages) Fri, 16 Sep 2005 13:03:47 +0200 ++ ++ffmpeg (0.cvs20050811-2) unstable; urgency=low ++ ++ * ffmpeg-config.in: added a missing -lgsm. ++ ++ -- Sam Hocevar (Debian packages) Mon, 22 Aug 2005 19:51:53 +0200 ++ ++ffmpeg (0.cvs20050811-1) unstable; urgency=low ++ ++ * New CVS snapshot. ++ * Upstream fixed an integer overflow in the MPEG encoder (Closes: #320150). ++ * debian/rules: ++ + Activated libgsm support. ++ + Fixed theora support. ++ + Switched installation method to dh_install. ++ * Applied patch from Christian Aichinger and others to fix the clobbering ++ of the %ebx register during build (Closes: #319563). ++ ++ -- Sam Hocevar (Debian packages) Thu, 11 Aug 2005 14:22:03 +0200 ++ ++ffmpeg (0.cvs20050626-2) unstable; urgency=low ++ ++ * ffmpeg-config.in: fixed the theora link that caused FTBFS. ++ ++ -- Sam Hocevar (Debian packages) Fri, 1 Jul 2005 17:20:59 +0200 ++ ++ffmpeg (0.cvs20050626-1) unstable; urgency=low ++ ++ * New CVS snapshot. ++ * debian/control: ++ + Set policy to 3.6.2.1. ++ * debian/rules: ++ + Fixed Vorbis support (Closes: #306023). ++ + Patch by Jonas Smedegaard : conditionally enable these ++ unofficial libraries if DEB_BUILD_OPTIONS includes "risky": ++ o Mpeg2 layer 3 / MP3 (liblame-dev). ++ o FAAD (libfaad2-dev). ++ o FAAC (libfaac-dev). ++ o XviD (libxvidcore-dev). ++ + Activated theora support. ++ + Activated IEEE 1394 support (Closes: #296737). ++ ++ -- Sam Hocevar (Debian packages) Sun, 26 Jun 2005 15:46:54 +0200 ++ ++ffmpeg (0.cvs20050313-2) unstable; urgency=low ++ ++ * libavcodec/libpostproc/postprocess_template.c ++ libavcodec/i386/mpegvideo_mmx_template.c: fixed my PIC MMX code (Closes: #299700). ++ * debian/rules: use gcc-3.4 on PowerPC (Closes: #300686). ++ ++ -- Sam Hocevar (Debian packages) Mon, 21 Mar 2005 23:38:46 +0100 ++ ++ffmpeg (0.cvs20050313-1) unstable; urgency=low ++ ++ * New CVS snapshot. ++ * configure: fixed the builtin vector test (Closes: #293284), thanks ++ to Jacob L. Anawalt. ++ * libavcodec/libpostproc/postprocess_template.c ++ libavcodec/i386/mpegvideo_mmx_template.c: fixed MMX code so that it can ++ be compiled in PIC mode, and reactivated MMX (Closes: #290447, #290358). ++ ++ -- Sam Hocevar (Debian packages) Sat, 12 Mar 2005 18:34:29 +0100 ++ ++ffmpeg (0.cvs20050121-1) unstable; urgency=low ++ ++ * New CVS snapshot. ++ * This snapshot fixes integer overflows that may lead to arbitrary code ++ execution (Closes: #291566). ++ ++ -- Sam Hocevar (Debian packages) Fri, 21 Jan 2005 17:41:47 +0100 ++ ++ffmpeg (0.cvs20050108-1) unstable; urgency=low ++ ++ * Re-done tarball snapshot so that it does not contain binaries. ++ * ffmpeg-config.in: ++ + Added missing -lvorbisenc (Closes: #289030). ++ * debian/rules: ++ + Install missing headers that are not in the install rule: bwswap.h, ++ dsputil.h, os_support.h (Closes: #289033). ++ ++ -- Sam Hocevar (Debian packages) Sat, 8 Jan 2005 11:30:58 +0100 ++ ++ffmpeg (0.cvs20050106-1) unstable; urgency=low ++ ++ * New upstream snapshot. ++ * The extern/static declaration conflict was fixed upstream (Closes: #288906). ++ ++ -- Sam Hocevar (Debian packages) Thu, 6 Jan 2005 15:44:49 +0100 ++ ++ffmpeg (0.cvs20040716-2) unstable; urgency=low ++ ++ * debian/rules: ++ + Include missing rtp.h / rtsp.h in libavformat-dev. ++ * ffmpeg-config.in: ++ + Added -lz to the libavcodec linking flags. ++ + Added -ldts / -ldts_pic, -la52, -lvorbis to the libavcodec linking flags. ++ ++ -- Sam Hocevar (Debian packages) Tue, 17 Aug 2004 13:27:41 +0200 ++ ++ffmpeg (0.cvs20040716-1) unstable; urgency=low ++ ++ * Initial release (Closes: #199266). ++ ++ -- Sam Hocevar (Debian packages) Fri, 16 Jul 2004 12:47:27 +0200 diff --cc debian/clean index 0000000,0000000..0c9cff8 new file mode 100644 --- /dev/null +++ b/debian/clean @@@ -1,0 -1,0 +1,4 @@@ ++config-extra-includes.h ++EXTRA ++codecs.txt ++formats.txt diff --cc debian/compat index 0000000,0000000..ec63514 new file mode 100644 --- /dev/null +++ b/debian/compat @@@ -1,0 -1,0 +1,1 @@@ ++9 diff --cc debian/confflags index 0000000,0000000..385956c new file mode 100644 --- /dev/null +++ b/debian/confflags @@@ -1,0 -1,0 +1,238 @@@ ++# -*- mode: makefile -*- ++# vim:syntax=make ++ ++export DEB_HOST_MULTIARCH ?= $(shell dpkg-architecture -qDEB_HOST_MULTIARCH) ++export DEB_BUILD_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE) ++export DEB_HOST_ARCH ?= $(shell dpkg-architecture -qDEB_HOST_ARCH) ++export DEB_HOST_ARCH_CPU ?= $(shell dpkg-architecture -qDEB_HOST_ARCH_CPU) ++export DEB_HOST_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_HOST_GNU_TYPE) ++ ++SVNREVISION=$(shell cat .svnrevision 2>/dev/null || echo "UNKNOWN") ++ ++CROSS := ++ifneq ($(DEB_BUILD_GNU_TYPE),$(DEB_HOST_GNU_TYPE)) ++ CROSS := $(DEB_HOST_GNU_TYPE)- ++endif ++ ++# list of flavors we want to build ++FLAVORS := ++ ++# this outputs 0 or 1 depending on whether a macro appears in the *default* cpp ++# -dM -P output; this is used to test the toolchain *default* configuration ++check_cpp = $(shell $(CROSS)cpp -dM -P /dev/null | grep -q '^\#define $(1)' && echo 1 || echo 0) ++ ++# this outputs 0 or 1 depending on whether a piece of assembly can be compiled ++# with the *default* gcc flags; this is used to test the toolchain *default* ++# configuration ++check_asm = $(shell echo 'void foo(void) { __asm__ volatile("$(1)"); }' | $(CROSS)gcc -x c -c - -o /dev/null 2>/dev/null && echo 1 || echo 0) ++ ++# the other flavors always build dynamic versions ++# Also, disable architecture-specific optimizations for default shared build ++ifeq ($(DEB_HOST_ARCH_CPU),arm) ++ # whether the toolchain *default* configuration includes vfp ++ vfp_asm := fadds s0, s0, s0 ++ has_vfp := $(call check_asm, $(vfp_asm)) ++ # whether the toolchain *default* configuration includes neon ++ neon_asm := vadd.i16 q0, q0, q0 ++ has_neon := $(call check_asm, $(neon_asm)) ++ # whether the toolchain *default* configuration enables ARMv7 ++ v7_asm := dmb ++ has_v7 := $(call check_asm, $(v7_asm)) ++ # whether the toolchain *default* configuration uses -mfloat-abi=soft ++ has_soft := $(call check_cpp,__SOFTFP__ 1) ++ ++ # only build a VFP flavour if the toolchain doesn't enable VFP by default ++ ifneq ($(has_vfp),1) ++ FLAVORS += vfp ++ endif ++ # only build a NEON flavour if the toolchain doesn't enable NEON by default ++ ifneq ($(has_neon),1) ++ FLAVORS += neon ++ endif ++ # calling-conventions for VFP and NEON flavours: if the toolchain uses ++ # -mfloat-abi=soft, we want to use softfp, otherwise we want to use the ++ # toolchain default (either softfp or hardfp) ++ ifeq ($(has_soft),1) ++ float_abi := -mfloat-abi=softfp ++ else ++ float_abi := ++ endif ++else ifeq ($(DEB_HOST_ARCH),i386) ++ FLAVORS += cmov ++else ifeq ($(DEB_HOST_ARCH),powerpc) ++ FLAVORS += altivec ++ nooptflags += --disable-altivec ++else ifeq ($(DEB_HOST_ARCH),sparc) ++ FLAVORS += vis ++ nooptflags += --disable-vis ++endif ++ ++# build a static version on every architecture in the 'debian' Libav package ++FLAVORS += static ++ ++# shared is generic, i.e. without arch specific opcodes ++# /!\ order matters, you want to list the shared flavor *last* so that the ++# binaries from this flavor overwrite the ones from the optional optimized ++# flavor(s) and from the static flavor ++FLAVORS += shared ++ ++$(info Building FLAVORS=$(FLAVORS)) ++ ++# Conditionally enable certain features depending on ++# the corresponding header file being installed or not ++define cond_enable ++ $(shell test -r $(1) && echo --enable-$(2) ) ++endef ++ ++# variant that also requires --enable-version3 ++define cond_enable_v3 ++ $(shell test -r $(1) && echo --enable-$(2) --enable-version3 ) ++endef ++ ++# variant that also requires --enable-nonfree ++define cond_enable_nf ++ $(shell test -r $(1) && echo --enable-$(2) --enable-nonfree ) ++endef ++ ++# Common configuration flags ++confflags += --arch='$(DEB_HOST_ARCH_CPU)' ++confflags += --enable-pthreads ++confflags += --enable-runtime-cpudetect ++confflags += --extra-version='$(DEB_VERSION)' ++confflags += --libdir=/usr/lib/$(DEB_HOST_MULTIARCH) ++confflags += --prefix=/usr ++confflags += $(shell test -x /usr/bin/yasm || echo --disable-yasm ) ++confflags += --disable-avserver ++# CVE-2016-1897 and CVE-2016-1898 ++confflags += --disable-protocol=concat ++ ++ifeq ($(DEB_HOST_ARCH),armel) ++# this is required on Ubuntu lucid as it defaults to thumb2 and Libav has ++# plenty of incompatible assembly; not sure how to detect that properly ++confflags += --enable-pic ++endif ++ ++ifeq ($(DEB_HOST_ARCH),powerpc) ++confflags += --enable-pic ++endif ++ ++# Additional features ++confflags += $(call cond_enable,/usr/include/bzlib.h,bzlib) ++confflags += $(call cond_enable,/usr/include/dc1394/dc1394.h,libdc1394) ++confflags += $(call cond_enable,/usr/include/freetype2/ft2build.h,libfreetype) ++confflags += $(call cond_enable,/usr/include/frei0r.h,frei0r) ++confflags += $(call cond_enable,/usr/include/gnutls/gnutls.h,gnutls) ++confflags += $(call cond_enable,/usr/include/gsm/gsm.h,libgsm) ++confflags += $(call cond_enable,/usr/include/lame/lame.h,libmp3lame) ++confflags += $(call cond_enable,/usr/include/librtmp/http.h,librtmp) ++confflags += $(call cond_enable,/usr/include/opencv/cv.hpp,libopencv) ++confflags += $(call cond_enable,/usr/include/openjpeg.h,libopenjpeg) ++confflags += $(call cond_enable,/usr/include/opus/opus.h,libopus) ++confflags += $(call cond_enable,/usr/include/pulse/simple.h,libpulse) ++confflags += $(call cond_enable,/usr/include/schroedinger-1.0/schroedinger/schro.h,libschroedinger) ++confflags += $(call cond_enable,/usr/include/speex/speex.h,libspeex) ++confflags += $(call cond_enable,/usr/include/theora/theoraenc.h,libtheora) ++confflags += $(call cond_enable,/usr/include/va/va.h,vaapi) ++confflags += $(call cond_enable,/usr/include/vdpau/vdpau.h,vdpau) ++confflags += $(call cond_enable,/usr/include/vorbis/vorbisenc.h,libvorbis) ++confflags += $(call cond_enable,/usr/include/vpx/vpx_encoder.h,libvpx) ++confflags += $(call cond_enable,/usr/include/zlib.h,zlib) ++ ++# Configuration flags causing the libs to be GPL tainted ++gpl_confflags += --enable-gpl ++gpl_confflags += --enable-swscale ++gpl_confflags += $(call cond_enable,/usr/include/cdio/paranoia.h,libcdio) ++gpl_confflags += $(call cond_enable,/usr/include/X11/extensions/XShm.h,x11grab) ++gpl_confflags += $(call cond_enable,/usr/include/x264.h,libx264) ++gpl_confflags += $(call cond_enable,/usr/include/xvid.h,libxvid) ++# comment out following line for LGPL versions of the libraries ++confflags += $(gpl_confflags) ++ ++# Features that require (L)GPL v3 ++v3_confflags += $(call cond_enable_v3,/usr/include/opencore-amrnb/interf_dec.h,libopencore-amrnb) ++v3_confflags += $(call cond_enable_v3,/usr/include/opencore-amrwb/dec_if.h,libopencore-amrwb) ++v3_confflags += $(call cond_enable_v3,/usr/include/vo-aacenc/voAAC.h,libvo-aacenc) ++v3_confflags += $(call cond_enable_v3,/usr/include/vo-amrwbenc/enc_if.h,libvo-amrwbenc) ++ ++# FAAC is considered non-free ++confflags += $(call cond_enable_nf,/usr/include/faac.h,libfaac) ++ ++# Enable hardened build flags through dpkg-buildflags ++CFLAGS := $(filter-out -g -O2,$(shell dpkg-buildflags --get CFLAGS)) ++CPPFLAGS := $(shell dpkg-buildflags --get CPPFLAGS) ++LDFLAGS := $(filter-out %-Bsymbolic-functions,$(shell dpkg-buildflags --get LDFLAGS)) ++ ++ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS))) ++# Various parts of Libav (and swscale) FTBFS when compiling with -fPIC ++# and with mmx code enabled. ++ confflags += --disable-optimizations ++ confflags += --disable-mmx ++endif ++ ++# Configuration flags for the static libraries ++static_build_confflags += $(confflags) ++ ++# Configuration flags for the non-optimized shared libraries ++shared_build_confflags += $(confflags) --shlibdir=/usr/lib/$(DEB_HOST_MULTIARCH) ++# amd64 has no problems with optimized shared libs. i386 and arm do. ++ifneq ($(DEB_HOST_ARCH),amd64) ++shared_build_confflags += $(nooptflags) ++endif ++shared_build_confflags += --enable-shared ++shared_build_confflags += --disable-static ++# i386 shared builds must be optimized for 586, cf. #728928, #688384 ++ifeq ($(DEB_HOST_ARCH),i386) ++shared_build_confflags += --cpu='i586' ++endif ++ ++## specific to arm architectures ++# Configuration flags for the optimised shared libraries ++vfp_shlibdir := vfp ++vfp_build_confflags += $(confflags) ++vfp_build_confflags += --shlibdir=/usr/lib/$(DEB_HOST_MULTIARCH)/$(vfp_shlibdir) ++vfp_build_confflags += --enable-shared ++vfp_build_confflags += --disable-static ++vfp_build_confflags += --extra-cflags="-mfpu=vfp $(float_abi)" ++# NB: NEON always implies v7+ and Libav's NEON implementation requires VFP ++neon_shlibdir := neon/vfp ++neon_build_confflags += $(confflags) ++neon_build_confflags += --shlibdir=/usr/lib/$(DEB_HOST_MULTIARCH)/$(neon_shlibdir) ++# the NEON pass now requires ubfx which was introduced in armv6t2; we need to ++# enable at least armv6t2 for the NEON pass to build, but NEON implies armv7-a ++# so pass armv7-a if it's not already enabled ++ifneq ($(has_v7),1) ++neon_build_confflags += --cpu='armv7-a' ++endif ++neon_build_confflags += --extra-cflags="-mfpu=neon $(float_abi) -fPIC -DPIC" ++neon_build_confflags += --enable-shared ++neon_build_confflags += --disable-static ++ ++## i386 architecture specific ++# Configuration flags for the optimized shared libraries ++cmov_shlibdir := i686/cmov ++cmov_build_confflags += $(confflags) ++cmov_build_confflags += $(nooptflags) ++cmov_build_confflags += --shlibdir=/usr/lib/$(DEB_HOST_MULTIARCH)/$(cmov_shlibdir) ++cmov_build_confflags += --cpu='i686' ++cmov_build_confflags += --enable-shared ++cmov_build_confflags += --disable-static ++ ++## powerpc architecture specific ++# Configuration flags for the optimized shared libraries ++altivec_shlibdir := altivec ++altivec_build_confflags += $(confflags) ++altivec_build_confflags += --shlibdir=/usr/lib/$(DEB_HOST_MULTIARCH)/$(altivec_shlibdir) ++altivec_build_confflags += --cpu='g4' ++altivec_build_confflags += --enable-shared ++altivec_build_confflags += --disable-static ++altivec_build_confflags += --enable-altivec ++ ++## sparc architecture specific ++# Configuration flags for the optimized shared libraries ++vis_shlibdir := v9 ++vis_build_confflags += $(confflags) ++vis_build_confflags += --shlibdir=/usr/lib/$(DEB_HOST_MULTIARCH)/$(vis_shlibdir) ++vis_build_confflags += --cpu='sparc64' ++vis_build_confflags += --enable-shared ++vis_build_confflags += --disable-static ++vis_build_confflags += --extra-cflags="-fPIC -DPIC" diff --cc debian/control index 0000000,0000000..d39f5f6 new file mode 100644 --- /dev/null +++ b/debian/control @@@ -1,0 -1,0 +1,411 @@@ ++Source: libav ++Section: libs ++Priority: optional ++Maintainer: Debian Multimedia Maintainers ++Uploaders: ++ Sam Hocevar (Debian packages) , ++ Loïc Minier , ++ Reinhard Tartler , ++ Fabian Greffrath , ++ Jonas Smedegaard , ++ Sebastian Ramacher ++Standards-Version: 3.9.5 ++Vcs-Git: git://anonscm.debian.org/pkg-multimedia/libav.git ++Vcs-Browser: http://anonscm.debian.org/gitweb/?p=pkg-multimedia/libav.git;a=summary ++Homepage: http://libav.org/ ++Build-Depends-Indep: ++ doxygen ++Build-Depends: ++ debhelper (>= 9), ++ frei0r-plugins-dev, ++ libasound2-dev [linux-any], ++ libbz2-dev, ++ libcdio-cdda-dev, ++ libcdio-dev, ++ libcdio-paranoia-dev, ++ libdc1394-22-dev [linux-any], ++ libfreetype6-dev (>= 2.5.1), ++ libgnutls28-dev, ++ libgsm1-dev, ++ libjack-dev, ++ libmp3lame-dev, ++ libopencore-amrnb-dev, ++ libopencore-amrwb-dev, ++ libopencv-dev, ++ libopenjpeg-dev, ++ libopus-dev (>= 1.0.1), ++ libpulse-dev, ++ libraw1394-dev [linux-any], ++ librtmp-dev (>= 2.2e-4), ++ libschroedinger-dev, ++ libsdl1.2-dev, ++ libspeex-dev, ++ libtheora-dev (>> 0.0.0.alpha4), ++ libtiff-dev, ++ libva-dev [!hurd-any], ++ libvdpau-dev, ++ libvo-aacenc-dev, ++ libvo-amrwbenc-dev, ++ libvorbis-dev, ++ libvpx-dev, ++ libx11-dev, ++ libx264-dev, ++ libxext-dev, ++ libxfixes-dev, ++ libxvidcore-dev, ++ libxvmc-dev, ++ texi2html, ++ yasm [any-amd64 any-i386], ++ zlib1g-dev ++ ++Package: libav-tools ++Section: video ++Architecture: any ++Replaces: ++ libavcodec-extra-53 (<< 4:0.6~) ++Pre-Depends: ++ ${misc:Pre-Depends}, ++ dpkg (>= 1.15.7.2~) ++Depends: ++ ${misc:Depends}, ++ ${shlibs:Depends} ++Suggests: ++ frei0r-plugins (>= 1.3) ++Conflicts: ++ ffprobe ++Description: Multimedia player, encoder and transcoder ++ Libav is a complete, cross-platform solution to decode, encode, record, ++ convert and stream audio and video. ++ . ++ This package contains the avplay multimedia player, the avconv audio ++ and video encoder, and the avprobe stream analyzer. They support most ++ existing file formats (AVI, MPEG, OGG, Matroska, ASF...) and encoding ++ formats (MPEG, DivX, MPEG4, AC3, DV...). Additionally, it contains the ++ qt-faststart utility which rearranges Quicktime files to facilitate ++ network streaming. ++ . ++ This package replaces the 'ffmpeg' command-line tool that was provided ++ in earlier distroreleases. ++ ++Package: libav-dbg ++Section: debug ++Priority: extra ++Architecture: any ++Replaces: ++ ffmpeg-dbg (<< 6:0.8.3-5), ++ libav-extra-dbg (<< 6:0.8.3-5) ++Breaks: ++ ffmpeg-dbg (<< 6:0.8.3-5), ++ libav-extra-dbg (<< 6:0.8.3-5) ++Depends: ++ libav-tools (= ${binary:Version}), ++ libavcodec56 (= ${binary:Version}) | libavcodec-extra-56 (= ${binary:Version}), ++ libavdevice55 (= ${binary:Version}), ++ libavformat56 (= ${binary:Version}), ++ libavutil54 (= ${binary:Version}), ++ libswscale3 (= ${binary:Version}), ++ ${misc:Depends} ++Description: Debug symbols for Libav related packages ++ Libav is a complete, cross-platform solution to decode, encode, record, ++ convert and stream audio and video. ++ . ++ This package contains debug data of the Libav related shared libraries. ++ . ++ Most people will not need this package. Please install it to produce useful ++ stacktraces to help debugging the Libav library. ++ ++Package: libav-doc ++Section: doc ++Architecture: all ++Depends: ++ ${misc:Depends} ++Description: Documentation of the Libav API ++ Libav is a complete, cross-platform solution to decode, encode, record, ++ convert and stream audio and video. ++ . ++ This package contains the html doxygen documentation of the Libav API. ++ . ++ Only application developers will find this package useful. ++ ++Package: libavutil54 ++Architecture: any ++Multi-Arch: same ++Pre-Depends: ${misc:Pre-Depends} ++Depends: ++ ${misc:Depends}, ++ ${shlibs:Depends} ++Description: Libav utility library ++ Libav is a complete, cross-platform solution to decode, encode, record, ++ convert and stream audio and video. ++ . ++ This is the common utility library from Libav. It contains shared code ++ used by all other Libav libraries. ++ ++Package: libavcodec56 ++Architecture: any ++Multi-Arch: same ++Pre-Depends: ${misc:Pre-Depends} ++Depends: ++ ${misc:Depends}, ++ ${shlibs:Depends} ++Conflicts: ++ libavcodec-extra-56 ++Replaces: ++ libavcodec-extra-56 ++Breaks: ++ mplayer (<< 2:1.0~rc4.dfsg1+svn34540-1~) ++Description: Libav codec library ++ Libav is a complete, cross-platform solution to decode, encode, record, ++ convert and stream audio and video. ++ . ++ This is the codec library from Libav (both encoding and decoding). ++ . ++ It supports most existing codecs (MPEG, MPEG2, MPEG4, AC3, DV...). ++ ++Package: libavdevice55 ++Architecture: any ++Multi-Arch: same ++Pre-Depends: ${misc:Pre-Depends} ++Depends: ++ ${misc:Depends}, ++ ${shlibs:Depends} ++Description: Libav device handling library ++ Libav is a complete, cross-platform solution to decode, encode, record, ++ convert and stream audio and video. ++ . ++ This is the device handling library from Libav. ++ ++Package: libavformat56 ++Architecture: any ++Multi-Arch: same ++Pre-Depends: ${misc:Pre-Depends} ++Depends: ++ ${misc:Depends}, ++ ${shlibs:Depends} ++Description: Libav file format library ++ Libav is a complete, cross-platform solution to decode, encode, record, ++ convert and stream audio and video. ++ . ++ This is the library for handling file formats from Libav. ++ . ++ It supports most existing file formats (AVI, MPEG, OGG, Matroska, ++ ASF...). ++ ++Package: libavfilter5 ++Architecture: any ++Multi-Arch: same ++Pre-Depends: ${misc:Pre-Depends} ++Depends: ++ ${misc:Depends}, ++ ${shlibs:Depends} ++Suggests: ++ frei0r-plugins (>= 1.3) ++Description: Libav video filtering library ++ Libav is a complete, cross-platform solution to decode, encode, record, ++ convert and stream audio and video. ++ . ++ This is the video filtering library from Libav. ++ ++Package: libswscale3 ++Architecture: any ++Multi-Arch: same ++Pre-Depends: ${misc:Pre-Depends} ++Depends: ++ ${misc:Depends}, ++ ${shlibs:Depends} ++Description: Libav video scaling library ++ Libav is a complete, cross-platform solution to decode, encode, record, ++ convert and stream audio and video. ++ . ++ This is the video software scaling library from Libav. ++ ++Package: libavutil-dev ++Section: libdevel ++Architecture: any ++Depends: ++ libavutil54 (= ${binary:Version}), ++ ${misc:Depends} ++Description: Development files for libavutil ++ Libav is a complete, cross-platform solution to decode, encode, record, ++ convert and stream audio and video. ++ . ++ This is the common utility library from Libav. ++ . ++ This package contains the header files and static libraries needed to ++ compile applications or shared objects that use libavutil. ++ ++Package: libavcodec-dev ++Section: libdevel ++Architecture: any ++Depends: ++ libavcodec56 (<= ${source:Upstream-Version}-99) | libavcodec-extra-56 (<= ${source:Upstream-Version}-99), ++ libavcodec56 (>= ${binary:Version}) | libavcodec-extra-56 (>= ${binary:Version}), ++ libavutil-dev (= ${binary:Version}), ++ libavresample-dev (= ${binary:Version}), ++ ${misc:Depends} ++Suggests: ++ libdc1394-22-dev [linux-any], ++ libgsm1-dev, ++ libogg-dev, ++ libraw1394-dev [linux-any], ++ libschroedinger-dev, ++ libspeex-dev, ++ libtheora-dev (>> 0.0.0.alpha4), ++ libvorbis-dev, ++ libx11-dev, ++ libxext-dev, ++ zlib1g-dev ++Description: Development files for libavcodec ++ Libav is a complete, cross-platform solution to decode, encode, record, ++ convert and stream audio and video. ++ . ++ This is the codec library from Libav. It supports most existing ++ encoding formats (MPEG, DivX, MPEG4, AC3, DV...). ++ . ++ This package contains the header files and static libraries needed to ++ compile applications or shared objects that use libavcodec. ++ ++Package: libavdevice-dev ++Section: libdevel ++Architecture: any ++Depends: ++ libavdevice55 (= ${binary:Version}), ++ libavformat-dev (= ${binary:Version}), ++ ${misc:Depends} ++Description: Development files for libavdevice ++ Libav is a complete, cross-platform solution to decode, encode, record, ++ convert and stream audio and video. ++ . ++ This is the device handling library from Libav. ++ . ++ This package contains the header files and static libraries needed to ++ compile applications or shared objects that use libavdevice. ++ ++Package: libavformat-dev ++Section: libdevel ++Architecture: any ++Depends: ++ libavcodec-dev (= ${binary:Version}), ++ libavformat56 (= ${binary:Version}), ++ libavutil-dev (= ${binary:Version}), ++ ${misc:Depends} ++Description: Development files for libavformat ++ Libav is a complete, cross-platform solution to decode, encode, record, ++ convert and stream audio and video. ++ . ++ This is the demuxer library from Libav. It supports most ++ existing file formats (AVI, MPEG, OGG, Matroska, ASF...). ++ . ++ This package contains the header files and static libraries needed to ++ compile applications or shared objects that use libavformat. ++ ++Package: libavfilter-dev ++Section: libdevel ++Architecture: any ++Depends: ++ libavcodec-dev (= ${binary:Version}), ++ libavresample-dev (= ${binary:Version}), ++ libswscale-dev (= ${binary:Version}), ++ libavfilter5 (= ${binary:Version}), ++ ${misc:Depends} ++Description: Development files for libavfilter ++ Libav is a complete, cross-platform solution to decode, encode, record, ++ convert and stream audio and video. ++ . ++ This is the video filtering library from Libav. ++ . ++ This package contains the header files and static libraries needed to ++ compile applications or shared objects that use libavfilter. ++ ++Package: libswscale-dev ++Section: libdevel ++Architecture: any ++Depends: ++ libavutil-dev (= ${binary:Version}), ++ libswscale3 (= ${binary:Version}), ++ ${misc:Depends} ++Description: Development files for libswscale ++ Libav is a complete, cross-platform solution to decode, encode, record, ++ convert and stream audio and video. ++ . ++ This is the video scaling library from Libav. ++ . ++ This package contains the header files and static libraries needed to ++ compile applications or shared objects that use libswscale. ++ ++Package: libavresample-dev ++Section: libdevel ++Architecture: any ++Depends: ++ libavutil-dev (= ${binary:Version}), ++ libavresample2 (= ${binary:Version}), ++ ${misc:Depends} ++Description: Development files for libavresample ++ Libav is a complete, cross-platform solution to decode, encode, record, ++ convert and stream audio and video. ++ . ++ This is the video scaling library from Libav. ++ . ++ This package contains the header files and static libraries needed to ++ compile applications or shared objects that use libswrescale. ++ ++Package: libavresample2 ++Architecture: any ++Multi-Arch: same ++Pre-Depends: ${misc:Pre-Depends} ++Replaces: ++ libavresample0 ++Depends: ++ ${misc:Depends}, ++ ${shlibs:Depends} ++Description: Libav audio resampling library ++ Libav is a complete, cross-platform solution to decode, encode, record, ++ convert and stream audio and video. ++ . ++ This is the audio software resampling library from Libav. ++ ++Package: libavcodec-extra-56 ++Architecture: any ++Multi-Arch: same ++Pre-Depends: ${misc:Pre-Depends} ++Depends: ++ ${misc:Depends}, ++ ${shlibs:Depends} ++Replaces: ++ libavcodec56 ++Conflicts: ++ libavcodec56 ++Breaks: ++ mplayer (<< 2:1.0~rc4.dfsg1+svn34540-1~) ++Description: Libav codec library (additional codecs) ++ Libav is a complete, cross-platform solution to decode, encode, record, ++ convert and stream audio and video. ++ . ++ This is the codec library from Libav (both encoding and decoding). ++ . ++ This package is a replacement for the regular libavcodec56 library package; ++ it contains the following additional codecs: ++ . ++ * OpenCORE Adaptive Multi-Rate (AMR) Narrow-Band (Encoder/Decoder) ++ * OpenCORE Adaptive Multi-Rate (AMR) Wide-Band (Decoder) ++ * Android VisualOn AAC (Encoder) ++ * Android VisualOn Adaptive Multi-Rate (AMR) Wide-Band (Encoder) ++ . ++ Because this package links against libraries that are licensed under ++ Apache License 2.0, the resulting binaries are distributed under the ++ GPL version 3 or later. ++ ++Package: libavcodec-extra ++Section: metapackages ++Priority: extra ++Architecture: all ++Depends: ++ libavcodec-extra-56, ++ ${misc:Depends}, ++Description: Libav codec library (additional codecs meta-package) ++ Libav is a complete, cross-platform solution to decode, encode, record, ++ convert and stream audio and video. ++ . ++ This package depends on the latest version of the libavcodec variant ++ that offers additional codec support. Application packages can depend ++ on it if they require or suggest this variant in a robust manner. diff --cc debian/copyright index 0000000,0000000..2ae0b86 new file mode 100644 --- /dev/null +++ b/debian/copyright @@@ -1,0 -1,0 +1,514 @@@ ++Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ ++Upstream-Name: Libav ++Upstream-Contact: libav-devel@libav.org ++Source: http://libav.org ++Comment: ++ The license for the whole work is the GPL, not the LGPL, because GPL-only ++ parts of Libav were activated -- namely libswscale, x11grab and ++ other GPL licensed libraries. If you need LGPL versions of the libraries, ++ please comment out the appropriate line in debian/confflags. ++ . ++ Because libavcodec-extra-* links against libraries that are licensed ++ under Apache License 2.0, the resulting binaries are distributed under ++ the GPL version 3 or later. ++ ++Files: * ++Copyright: 1994-2012, the Xiph.Org Foundation and contributors ++ 1995, The Bitmap Brothers Ltd. ++ 1999-2000, Sebastien Rougeaux ++ 1999, Intel Corporation ++ 1999, Roger Hardiman ++ 2000-2001, Gerard Lantau ++ 2000-2001, Michel Lespinasse ++ 2000-2001, Peter Gubanov ++ 2000-2003,2005,2010, Fabrice Bellard ++ 2000-2011, The libav developers ++ 2001-2003, BERO ++ 2001,2003, Dr. Tim Ferguson ++ 2001-2005, The ffmpeg Project ++ 2001-2012, Michael Niedermayer ++ 2001, Daniel Maas ++ 2001, Juan J. Sierralta P ++ 2001, Lionel Ulmer ++ 2002-2004,2006-2011, Maxim Poliakovski ++ 2002,2005, Francois Revol ++ 2002-2005, Roberto Togni ++ 2002-2006, Alex Beregszaszi ++ 2002-2008, The Libav Project ++ 2002, Brian Foley ++ 2002, Dieter Shirley ++ 2002, Falk Hueffner ++ 2002, Frederic 'dilb' Boulay ++ 2002, Gildas Bazin ++ 2002, Gunnar Monell ++ 2002, Laszlo Torok ++ 2002, Lennert Buytenhek ++ 2002, Mark Hills ++ 2002, Remi Guyomarch ++ 2002, Steve O'Hara-Smith ++ 2002, the xine project ++ 2003-2004,2006, Roman Shaposhnik ++ 2003-2004,2007, Mike Melanson ++ 2003-2004, Romain Dolbeau ++ 2003-2005, Christopher R. Hertel ++ 2003,2006-2007, Michel Bardiaux ++ 2003,2008-2011, Sascha Sommer ++ 2003-2012, x264 project ++ 2003, David S. Miller ++ 2003, Ewald Snel ++ 2003, Gustavo Sverzut Barbieri ++ 2003, International Business Machines, Corp ++ 2003, Ivan Kalvachev ++ 2003, James Klicman ++ 2003, Max Krasnyansky ++ 2003, Nick Kurshev ++ 2003, Pascal Massimino ++ 2003, Thomas Raivio ++ 2003, Tinic Uro ++ 2004-2005,2007-2010,2012, Loren Merritt ++ 2004-2005,2007, Denes Balatoni ++ 2004,2007, Benjamin Zores ++ 2004-2007, Eric Lasota ++ 2004,2007, Marc Hoffman ++ 2004-2012, Konstantin Shishkov ++ 2004, Adam Thayer ++ 2004, AGAWA Koji ++ 2004, Gildas Bazin ++ 2004, Maarten Daniels ++ 2005-2006, DivX, Inc ++ 2005-2006, Oded Shimon ++ 2005-2006, Robert Edele ++ 2005,2007-2008, Ian Caulfield ++ 2005,2007,2011-2012, Luca Barbato ++ 2005,2007, Wolfram Gloger ++ 2005-2008, Diego Biurrun ++ 2005-2011, Benjamin Larsson ++ 2005-2011, Reimar Döffinger ++ 2005-2012, Mans Rullgard ++ 2005, Alban Bedel ++ 2005, Anonymous ++ 2005, David Hammerton ++ 2005, Jeff Muizelaar ++ 2005, Matthieu CASTET ++ 2005, Ole André Vadla Ravnås ++ 2005, Roine Gustafsson ++ 2005, Steve Underwood ++ 2005, Vidar Madsen ++ 2005, Wim Taymans ++ 2005, Zoltan Hidvegi ++ 2006-2007, Baptiste Coudurier ++ 2006-2007, Maxim Gavrilov ++ 2006-2007, Reynaldo H. Verdejo Pinochet ++ 2006-2007, Ryan Martell ++ 2006-2007, SmartJog S.A. ++ 2006-2008, Baptiste Coudurier ++ 2006,2008, Gregory Montoir ++ 2006-2009, Luca Abeni ++ 2006-2009, Ramiro Polla ++ 2006-2009, Robert Swain ++ 2006,2009, Stefan Gehrer ++ 2006-2010, Aurelien Jacobs ++ 2006-2010, Prakash Punnoor ++ 2006-2012, Justin Ruggles ++ 2006, Corey Hickey ++ 2006, Daniel Maas ++ 2006, Guillaume Poirier ++ 2006, Kartikey Mahendra BHATT ++ 2006, Michael Benjamin ++ 2006, Patrick Guimond ++ 2006, Paul Richards ++ 2006, Steve Lhomme ++ 2006, Thijs Vermeir ++ 2007-2008, Ivo van Poorten ++ 2007-2008, Joseph Artsimovich ++ 2007-2008, Marco Gerards ++ 2007-2008, Siarhei Siamashka ++ 2007-2008, UAB "DKD" ++ 2007,2009-2012, Nicolas George ++ 2007-2009, Bartlomiej Wolowiec ++ 2007,2009, Björn Axelsson ++ 2007,2010, Anssi Hannula ++ 2007,2010, Bobby Bingham ++ 2007-2010, David Conrad ++ 2007-2010, Vitor Sessak ++ 2007-2011, Stefano Sabatini ++ 2007, Alexis Ballier ++ 2007, Benoit Fouet ++ 2007, Christian Ohm ++ 2007, Clemens Fruhwirth ++ 2007, Collabora Ltd ++ 2007, Denes Balatoni ++ 2007, Edward Hervey ++ 2007, Marc Hoffman ++ 2007, Marc Hoffman ++ 2007, Nicholas Tung ++ 2007, Nokia Corporation ++ 2007, Philippe Kalaf ++ 2007, Ronald S. Bultje ++ 2007, Ulion ++ 2008-2009, Andrej Stepanchuk ++ 2008-2009, Baptiste Coudurier ++ 2008-2009, Jaikrishnan Menon ++ 2008-2009, Ronald S. Bultje ++ 2008-2009, Splitted-Desktop Systems ++ 2008,2010, Alexander Strange ++ 2008,2010, Eli Friedman ++ 2008-2010, Laurent Aimar ++ 2008-2010, Paul Kendall ++ 2008,2010, Zhentan Feng ++ 2008, Affine Systems, Inc (Michael Sullivan, Bobby Impollonia) ++ 2008, Alessandro Sappia ++ 2008, Anuradha Suraparaju ++ 2008, BBC ++ 2008, GUCAS ++ 2008, NVIDIA ++ 2008, Robert Marston ++ 2008, robs@users.sourceforge.net ++ 2008, Sisir Koppaka ++ 2008, Victor Paesa ++ 2008, Vladimir Voroshilov ++ 2008, vmrsss ++ 2009-2010, Alex Converse ++ 2009-2010, Daniel Verkamp ++ 2009-2010, Howard Chu ++ 2009-2010, Thilo Borgmann ++ 2009-2012, Martin Storsjo ++ 2009,2012, Nathan Caldwell ++ 2009, Christian Schmidt ++ 2009, Colin McQuillan ++ 2009, Colin McQuillian ++ 2009, Dylan Yudaken ++ 2009, Giliard B. de Freitas ++ 2009, Ivan Schreter ++ 2009, James Darnley ++ 2009, Jimmy Christensen ++ 2009, Kenan Gillet ++ 2009, Michael Tison ++ 2009, Naotoshi Nojiri ++ 2009, Nicolas Martin ++ 2009, Samalyse ++ 2009, Sebastien Lucas ++ 2009, Stephen Backway ++ 2009, Thomas P. Higdon ++ 2009, Tobias Bindhammer ++ 2009, Toshimitsu Kimura ++ 2009, Xuggle Incorporated ++ 2009, Zuxy Meng ++ 2010-2011, Anatoly Nenashev ++ 2010,2011, Anton Khirnov ++ 2010-2011, Janne Grunau ++ 2010-2011, Vitor Sessak ++ 2010,2012, Google, Inc ++ 2010,2012, Ronald S. Bultje ++ 2010, Adrian Daerr ++ 2010, Amanda, Y.N. Wu ++ 2010, Baptiste Coudurier ++ 2010, Brandon Mintern ++ 2010, Carl Eugen Hoyos ++ 2010, Daniel G. Taylor ++ 2010, Francesco Lavra ++ 2010, Holger Lubitz ++ 2010, Jacob Meuser ++ 2010, Jason Garrett-Glaser ++ 2010, Josh Allmann ++ 2010, Marcelo Galvao Povoa ++ 2010, Mark Nauwelaerts ++ 2010, Michael Chinen ++ 2010, Michele Orrù ++ 2010, Mohamed Naufal Basheer ++ 2010, Nolan Lum ++ 2010, Rafael Carre ++ 2010, Rob Clark ++ 2010, Sebastian Vater ++ 2010, S.N. Hemanth Meenakshisundaram ++ 2010, Tomas Härdin ++ 2011-2012, Daniel Kang ++ 2011-2012, Derek Buitenhuis ++ 2011-2012, Mashiat Sarker Shakkhar ++ 2011-2012, Paul B Mahol ++ 2011, Andreas Öman ++ 2011, Juan Carlos Rodriguez ++ 2011, Kieran Kunhya ++ 2011, Mark Himsley ++ 2011, Matthew Hoops ++ 2011, Max Horn ++ 2011, Michael Bradshaw ++ 2011, Michael Karcher ++ 2011, Mina Nagy Zaki ++ 2011, Miroslav Slugeň ++ 2011, MirriAd Ltd ++ 2011, Sebastien Zwickert ++ 2011, Sven Hesse ++ 2012, Aneesh Dogra (lionaneesh) ++ 2012, Antti Seppälä ++ 2012, Christophe Gisquet ++ 2012, Jan Ekström ++ 2012, Samuel Pitoiset ++ CMU 1993, Computer Science, Speech Group Chengxiang Lu and Alex ++ Hauptmann ++ Sebastien Bechet ++License: LGPL-2.1+~Libav ++Comments: ++ Some copyright holder details extracted from referenced sources at ++ . ++ ++Files: doc/doxy/doxy_stylesheet.css ++Copyright: 2012, Twitter, Inc ++License: Apache-2.0 ++ ++Files: libavcodec/jfdctfst.c ++ libavcodec/jfdctint_template.c ++ libavcodec/jrevdct.c ++Copyright: 1991-1996, Thomas G. Lane ++License: IJG ++ ++Files: libavdevice/x11grab.c ++ libavfilter/yadif.h ++ libavfilter/vf_blackframe.c ++ libavfilter/vf_boxblur.c ++ libavfilter/vf_cropdetect.c ++ libavfilter/vf_delogo.c ++ libavfilter/vf_hqdn3d.c ++ libavfilter/vf_yadif.c ++ libavfilter/x86/yadif.c ++ libavfilter/x86/yadif_template.c ++Copyright: 1997-1998, Rasca, Berlin ++ 2000-2001, Fabrice Bellard ++ 2002-2003, Brian J. Murrell ++ 2002,2006-2010 Michael Niedermayer ++ 2002, A'rpi ++ 2002, Jindrich Makovicka ++ 2003-2004 Karl H. Beckers, Frankfurt ++ 2003, Daniel Moreno ++ 2006, Clemens Fruhwirth ++ 2006, Edouard Gomez ++ 2006, Ivo van Poorten ++ 2006, Julian Hall ++ 2010-2011, Stefano Sabatini ++ 2010, Baptiste Coudurier ++ 2012, Loren Merritt ++License: GPL-2+~Libav ++ ++Files: doc/texi2pod.pl ++Copyright: 1999-2001, Free Software Foundation, Inc ++License: GPL-2+~GCC ++ ++Files: ++ libavcodec/arm/jrevdct_arm.S ++ libavcodec/nellymoser.c ++ libavcodec/nellymoserdec.c ++ libavcodec/nellymoser.h ++ libavcodec/x86/vc1dsp_init.c ++ libavcodec/x86/vc1dsp_mmx.c ++ libavformat/metadata-example.c ++ libavformat/oggdec.c ++ libavformat/oggdec.h ++ libavformat/oggparseogm.c ++ libavformat/oggparsespeex.c ++ libavformat/oggparsetheora.c ++ libavformat/oggparsevorbis.c ++ libavformat/output-example.c ++Copyright: 2005, Alex Beregszaszi ++ 2001, Lionel Ulmer / ++ 2003, Fabrice Bellard ++ 2005, Matthieu CASTET ++ 2005, Michael Ahlberg ++ 2005, Måns Rullgård ++ 2007, 520e17cd55896441042b14df2566a6eb610ed444 ++ 2007, 539459aeb7d425140b62a3ec7dbf6dc8e408a306 ++ 2007, a840bda5870ba11f19698ff6eb9581dfb0f95fa5 ++ 2007, Benjamin Larsson ++ 2007, Christophe GISQUET ++ 2007, Loic Minier ++ 2008, Reimar Döffinger ++ 2011, Reinhard Tartler ++License: Expat ++ ++Files: libavcodec/faandct.c ++ libavcodec/zerocodec.c ++Copyright: 2003, Michael Niedermayer ++ 2003, Roman Shaposhnik ++ 2012, Derek Buitenhuis ++License: ISC ++ ++Files: libavcodec/arm/vp8dsp_armv6.S ++Copyright: 2010, Google Inc ++ 2010, Rob Clark ++ 2011, Mans Rullgard ++License: BSD-3-clause~Google and LGPL-2.1+~Libav ++ ++Files: libavutil/adler32.c ++Copyright: 1995, Mark Adler ++License: Zlib ++ ++License: LGPL-2.1+~Libav ++ Libav is free software; you can redistribute it and/or modify it under ++ the terms of the GNU Lesser General Public License as published by the ++ Free Software Foundation; either version 2.1 of the License, or (at ++ your option) any later version. ++ . ++ Libav is distributed in the hope that it will be useful, but WITHOUT ++ ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public ++ License for more details. ++ . ++ Comment: ++ . ++ On Debian systems the 'GNU Lesser General Public License' version 2.1 ++ is located in '/usr/share/common-licenses/LGPL-2.1'. ++ . ++ You should have received a copy of the 'GNU Lesser General Public ++ License' along with this program. If not, see ++ . ++ ++License: GPL-2+~Libav ++ Libav is free software; you can redistribute it and/or modify it under ++ the terms of the GNU General Public License as published by the Free ++ Software Foundation; either version 2 of the License, or (at your ++ option) any later version. ++ . ++ Libav is distributed in the hope that it will be useful, but WITHOUT ++ ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++ for more details. ++ . ++ Comment: ++ . ++ On Debian systems the 'GNU General Public License' version 2 is located ++ in '/usr/share/common-licenses/GPL-2'. ++ . ++ You should have received a copy of the 'GNU General Public License' ++ along with this program. If not, see . ++ ++License: GPL-2+~GCC ++ GNU CC is free software; you can redistribute it and/or modify it under ++ the terms of the GNU General Public License as published by the Free ++ Software Foundation; either version 2, or (at your option) any later ++ version. ++ . ++ GNU CC is distributed in the hope that it will be useful, but WITHOUT ++ ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++ for more details. ++ ++License: Apache-2.0 ++ Licensed under the Apache License v2.0 ++ . ++ http://www.apache.org/licenses/LICENSE-2.0 ++ . ++ Comment: ++ . ++ On Debian systems the 'Apache License' version 2.0 is located in ++ '/usr/share/common-licenses/Apache-2.0'. ++ ++License: IJG ++ Permission is hereby granted to use, copy, modify, and distribute this ++ software (or portions thereof) for any purpose, without fee, subject to ++ these conditions: ++ . ++ (1) If any part of the source code for this software is distributed, ++ then this README file must be included, with this copyright and ++ no-warranty notice unaltered; and any additions, deletions, or changes ++ to the original files must be clearly indicated in accompanying ++ documentation. ++ . ++ (2) If only executable code is distributed, then the accompanying ++ documentation must state that "this software is based in part on the ++ work of the Independent JPEG Group". ++ . ++ (3) Permission for use of this software is granted only if the user ++ accepts full responsibility for any undesirable consequences; the ++ authors accept NO LIABILITY for damages of any kind. ++ . ++ These conditions apply to any software derived from or based on the IJG ++ code, not just to the unmodified library. If you use our work, you ++ ought to acknowledge us. ++ . ++ Permission is NOT granted for the use of any IJG author's name or ++ company name in advertising or publicity relating to this software or ++ products derived from it. This software may be referred to only as ++ "the Independent JPEG Group's software". ++ . ++ We specifically permit and encourage the use of this software as the ++ basis of commercial products, provided that all warranty or liability ++ claims are assumed by the product vendor. ++ ++License: BSD-3-clause~Google ++ Redistribution and use in source and binary forms, with or without ++ modification, are permitted provided that the following conditions are ++ met: ++ . ++ * Redistributions of source code must retain the above copyright ++ notice, this list of conditions and the following disclaimer. ++ . ++ * Redistributions in binary form must reproduce the above copyright ++ notice, this list of conditions and the following disclaimer in the ++ documentation and/or other materials provided with the distribution. ++ . ++ * Neither the name of Google nor the names of its contributors may be ++ used to endorse or promote products derived from this software ++ without specific prior written permission. ++ . ++ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS ++ IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED ++ TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A ++ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT ++ HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT ++ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, ++ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY ++ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT ++ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE ++ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. ++ ++License: Zlib ++ This software is provided 'as-is', without any express or implied ++ warranty. In no event will the authors be held liable for any damages ++ arising from the use of this software. ++ . ++ Permission is granted to anyone to use this software for any purpose, ++ including commercial applications, and to alter it and redistribute it ++ freely, subject to the following restrictions: ++ . ++ 1. The origin of this software must not be misrepresented; you must not ++ claim that you wrote the original software. If you use this software ++ in a product, an acknowledgment in the product documentation would ++ be appreciated but is not required. ++ 2. Altered source versions must be plainly marked as such, and must not ++ be misrepresented as being the original software. ++ 3. This notice may not be removed or altered from any source ++ distribution. ++ ++License: Expat ++ Permission is hereby granted, free of charge, to any person obtaining a ++ copy of this software and associated documentation files (the ++ "Software"), to deal in the Software without restriction, including ++ without limitation the rights to use, copy, modify, merge, publish, ++ distribute, sublicense, and/or sell copies of the Software, and to ++ permit persons to whom the Software is furnished to do so, subject to ++ the following conditions: ++ . ++ The above copyright notice and this permission notice shall be included ++ in all copies or substantial portions of the Software. ++ . ++ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS ++ OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF ++ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. ++ IN NO EVENT SHALL THE COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, ++ DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR ++ OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR ++ THE USE OR OTHER DEALINGS IN THE SOFTWARE. ++ ++License: ISC ++ Permission to use, copy, modify, and/or distribute this software for ++ any purpose with or without fee is hereby granted, provided that the ++ above copyright notice and this permission notice appear in all copies. ++ . ++ THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL ++ WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED ++ WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR ++ BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES ++ OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, ++ WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ++ ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS ++ SOFTWARE. diff --cc debian/gbp.conf index 0000000,0000000..c0fe6b4 new file mode 100644 --- /dev/null +++ b/debian/gbp.conf @@@ -1,0 -1,0 +1,8 @@@ ++[DEFAULT] ++upstream-branch = upstream.jessie ++debian-branch = jessie ++upstream-tag = upstream/%(version)s ++debian-tag = debian/%(version)s ++pristine-tar = True ++compression = xz ++ diff --cc debian/get_soname_version.sh index 0000000,0000000..ebe2101 new file mode 100755 --- /dev/null +++ b/debian/get_soname_version.sh @@@ -1,0 -1,0 +1,23 @@@ ++#!/bin/sh ++ ++# small helper script to learn about library sonames ++# adapted from upstream's configure script ++ ++# Avoid locale weirdness, besides we really just want to translate ASCII. ++toupper(){ ++ echo "$@" | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ ++} ++ ++get_version(){ ++ lcname=${1} ++ name=$(toupper $lcname) ++ file=$lcname/version.h ++ eval $(awk "/#define ${name}_VERSION_M/ { print \$2 \"=\" \$3 }" "$file") ++ eval ${name}_VERSION=\$${name}_VERSION_MAJOR.\$${name}_VERSION_MINOR.\$${name}_VERSION_MICRO ++ eval echo "${lcname}_VERSION=\$${name}_VERSION" ++ eval echo "${lcname}_VERSION_MAJOR=\$${name}_VERSION_MAJOR" ++ eval echo "${lcname}_VERSION_MINOR=\$${name}_VERSION_MINOR" ++} ++ ++get_version "$1" ++ diff --cc debian/libav-doc.doc-base index 0000000,0000000..337f506 new file mode 100644 --- /dev/null +++ b/debian/libav-doc.doc-base @@@ -1,0 -1,0 +1,9 @@@ ++Document: libav-doc ++Title: Libav API Documentation ++Author: Libav Developers ++Abstract: This is the main documentation for the Libav API. ++Section: Programming ++ ++Format: HTML ++Index: /usr/share/doc/libav-doc/html/index.html ++Files: /usr/share/doc/libav-doc/html/*.html diff --cc debian/libav-tools.install index 0000000,0000000..3eb991a new file mode 100644 --- /dev/null +++ b/debian/libav-tools.install @@@ -1,0 -1,0 +1,6 @@@ ++etc ++usr/bin/av* ++usr/bin/qt-faststart ++usr/share/avconv/*.avpreset ++usr/share/man/man1/av* ++usr/share/doc/libav/*.html diff --cc debian/libav-tools.maintscript index 0000000,0000000..fd11a31 new file mode 100644 --- /dev/null +++ b/debian/libav-tools.maintscript @@@ -1,0 -1,0 +1,1 @@@ ++rm_conffile /etc/avserver.conf 6:10.2-1~ diff --cc debian/libavcodec-dev.examples index 0000000,0000000..c272481 new file mode 100644 --- /dev/null +++ b/debian/libavcodec-dev.examples @@@ -1,0 -1,0 +1,1 @@@ ++doc/examples/*.c diff --cc debian/libavcodec-dev.install.in index 0000000,0000000..69ce957 new file mode 100644 --- /dev/null +++ b/debian/libavcodec-dev.install.in @@@ -1,0 -1,0 +1,4 @@@ ++usr/include/libavcodec ++usr/lib/@DEB_HOST_MULTIARCH@/libavcodec.a ++usr/lib/@DEB_HOST_MULTIARCH_OPT@/libavcodec.so ++usr/lib/@DEB_HOST_MULTIARCH@/pkgconfig/libavcodec.pc diff --cc debian/libavcodec-extra-56.install.in index 0000000,0000000..7c69bb0 new file mode 100644 --- /dev/null +++ b/debian/libavcodec-extra-56.install.in @@@ -1,0 -1,0 +1,1 @@@ ++usr/lib/@DEB_HOST_MULTIARCH_OPT@/libavcodec.so.* diff --cc debian/libavcodec-extra-56.lintian-overrides index 0000000,0000000..295b2ff new file mode 100644 --- /dev/null +++ b/debian/libavcodec-extra-56.lintian-overrides @@@ -1,0 -1,0 +1,3 @@@ ++# This is the sister package of libavcodec56 ++libavcodec-extra-56: package-name-doesnt-match-sonames ++libavcodec-extra-56: shlib-with-non-pic-code diff --cc debian/libavcodec56.install.in index 0000000,0000000..7c69bb0 new file mode 100644 --- /dev/null +++ b/debian/libavcodec56.install.in @@@ -1,0 -1,0 +1,1 @@@ ++usr/lib/@DEB_HOST_MULTIARCH_OPT@/libavcodec.so.* diff --cc debian/libavcodec56.lintian-overrides index 0000000,0000000..999dd7e new file mode 100644 --- /dev/null +++ b/debian/libavcodec56.lintian-overrides @@@ -1,0 -1,0 +1,2 @@@ ++# Overriding these fpic lintian errors. Please see bug #528080. ++libavcodec56: shlib-with-non-pic-code diff --cc debian/libavdevice-dev.install.in index 0000000,0000000..985ce79 new file mode 100644 --- /dev/null +++ b/debian/libavdevice-dev.install.in @@@ -1,0 -1,0 +1,4 @@@ ++usr/include/libavdevice ++usr/lib/@DEB_HOST_MULTIARCH@/libavdevice.a ++usr/lib/@DEB_HOST_MULTIARCH_OPT@/libavdevice.so ++usr/lib/@DEB_HOST_MULTIARCH@/pkgconfig/libavdevice.pc diff --cc debian/libavdevice55.install.in index 0000000,0000000..e942547 new file mode 100644 --- /dev/null +++ b/debian/libavdevice55.install.in @@@ -1,0 -1,0 +1,1 @@@ ++usr/lib/@DEB_HOST_MULTIARCH_OPT@/libavdevice.so.* diff --cc debian/libavdevice55.lintian-overrides index 0000000,0000000..e07bc71 new file mode 100644 --- /dev/null +++ b/debian/libavdevice55.lintian-overrides @@@ -1,0 -1,0 +1,2 @@@ ++# Overriding these fpic lintian errors. Please see bug #528080. ++libavdevice55: shlib-with-non-pic-code diff --cc debian/libavfilter-dev.install.in index 0000000,0000000..716ee90 new file mode 100644 --- /dev/null +++ b/debian/libavfilter-dev.install.in @@@ -1,0 -1,0 +1,4 @@@ ++usr/include/libavfilter ++usr/lib/@DEB_HOST_MULTIARCH@/libavfilter.a ++usr/lib/@DEB_HOST_MULTIARCH_OPT@/libavfilter.so ++usr/lib/@DEB_HOST_MULTIARCH@/pkgconfig/libavfilter.pc diff --cc debian/libavfilter5.install.in index 0000000,0000000..4e4157c new file mode 100644 --- /dev/null +++ b/debian/libavfilter5.install.in @@@ -1,0 -1,0 +1,1 @@@ ++usr/lib/@DEB_HOST_MULTIARCH_OPT@/libavfilter.so.* diff --cc debian/libavfilter5.lintian-overrides index 0000000,0000000..cd28cbc new file mode 100644 --- /dev/null +++ b/debian/libavfilter5.lintian-overrides @@@ -1,0 -1,0 +1,2 @@@ ++# Overriding these fpic lintian errors. Please see bug #528080. ++libavfilter5: shlib-with-non-pic-code diff --cc debian/libavformat-dev.install.in index 0000000,0000000..a4ee167 new file mode 100644 --- /dev/null +++ b/debian/libavformat-dev.install.in @@@ -1,0 -1,0 +1,4 @@@ ++usr/include/libavformat ++usr/lib/@DEB_HOST_MULTIARCH@/libavformat.a ++usr/lib/@DEB_HOST_MULTIARCH_OPT@/libavformat.so ++usr/lib/@DEB_HOST_MULTIARCH@/pkgconfig/libavformat.pc diff --cc debian/libavformat56.install.in index 0000000,0000000..660f3a5 new file mode 100644 --- /dev/null +++ b/debian/libavformat56.install.in @@@ -1,0 -1,0 +1,1 @@@ ++usr/lib/@DEB_HOST_MULTIARCH_OPT@/libavformat.so.* diff --cc debian/libavformat56.lintian-overrides index 0000000,0000000..8f15f1c new file mode 100644 --- /dev/null +++ b/debian/libavformat56.lintian-overrides @@@ -1,0 -1,0 +1,2 @@@ ++# Overriding these fpic lintian errors. Please see bug #528080. ++libavformat56: shlib-with-non-pic-code diff --cc debian/libavresample-dev.install.in index 0000000,0000000..8e1e76a new file mode 100644 --- /dev/null +++ b/debian/libavresample-dev.install.in @@@ -1,0 -1,0 +1,4 @@@ ++usr/include/libavresample ++usr/lib/@DEB_HOST_MULTIARCH@/libavresample.a ++usr/lib/@DEB_HOST_MULTIARCH_OPT@/libavresample.so ++usr/lib/@DEB_HOST_MULTIARCH@/pkgconfig/libavresample.pc diff --cc debian/libavresample2.install.in index 0000000,0000000..d361728 new file mode 100644 --- /dev/null +++ b/debian/libavresample2.install.in @@@ -1,0 -1,0 +1,1 @@@ ++usr/lib/@DEB_HOST_MULTIARCH_OPT@/libavresample.so.* diff --cc debian/libavresample2.lintian-overrides index 0000000,0000000..3f86247 new file mode 100644 --- /dev/null +++ b/debian/libavresample2.lintian-overrides @@@ -1,0 -1,0 +1,2 @@@ ++# Overriding these fpic lintian errors. Please see bug #528080. ++libavresample2: shlib-with-non-pic-code diff --cc debian/libavutil-dev.install.in index 0000000,0000000..5eeb883 new file mode 100644 --- /dev/null +++ b/debian/libavutil-dev.install.in @@@ -1,0 -1,0 +1,4 @@@ ++usr/include/libavutil ++usr/lib/@DEB_HOST_MULTIARCH@/libavutil.a ++usr/lib/@DEB_HOST_MULTIARCH_OPT@/libavutil.so ++usr/lib/@DEB_HOST_MULTIARCH@/pkgconfig/libavutil.pc diff --cc debian/libavutil54.install.in index 0000000,0000000..3dc6cc2 new file mode 100644 --- /dev/null +++ b/debian/libavutil54.install.in @@@ -1,0 -1,0 +1,1 @@@ ++usr/lib/@DEB_HOST_MULTIARCH_OPT@/libavutil.so.* diff --cc debian/libavutil54.lintian-overrides index 0000000,0000000..eb64862 new file mode 100644 --- /dev/null +++ b/debian/libavutil54.lintian-overrides @@@ -1,0 -1,0 +1,2 @@@ ++# Overriding these fpic lintian errors. Please see bug #528080. ++libavutil54: shlib-with-non-pic-code diff --cc debian/libswscale-dev.install.in index 0000000,0000000..71eb932 new file mode 100644 --- /dev/null +++ b/debian/libswscale-dev.install.in @@@ -1,0 -1,0 +1,4 @@@ ++usr/include/libswscale ++usr/lib/@DEB_HOST_MULTIARCH@/libswscale.a ++usr/lib/@DEB_HOST_MULTIARCH_OPT@/libswscale.so ++usr/lib/@DEB_HOST_MULTIARCH@/pkgconfig/libswscale.pc diff --cc debian/libswscale3.install.in index 0000000,0000000..2ac5f14 new file mode 100644 --- /dev/null +++ b/debian/libswscale3.install.in @@@ -1,0 -1,0 +1,1 @@@ ++usr/lib/@DEB_HOST_MULTIARCH_OPT@/libswscale.so.* diff --cc debian/libswscale3.lintian-overrides index 0000000,0000000..eb53acd new file mode 100644 --- /dev/null +++ b/debian/libswscale3.lintian-overrides @@@ -1,0 -1,0 +1,2 @@@ ++# Overriding these fpic lintian errors. Please see bug #528080. ++libswscale3: shlib-with-non-pic-code diff --cc debian/patches/02-configure-disable-ebx-gcc-4.9.patch index 0000000,0000000..5d1fa37 new file mode 100644 --- /dev/null +++ b/debian/patches/02-configure-disable-ebx-gcc-4.9.patch @@@ -1,0 -1,0 +1,25 @@@ ++Description: Disable ebx_available on i586 ++Author: Sebastian Ramacher , ++ Bernhard Übelacker ++Bug: https://bugzilla.libav.org/show_bug.cgi?id=850 ++Bug-Debian: https://bugs.debian.org/783082 ++Last-Update: 2015-05-05 ++ ++--- a/configure +++++ b/configure ++@@ -3978,6 +3978,15 @@ ++ check_inline_asm ebx_available '""::"b"(0)' && ++ check_inline_asm ebx_available '"":::"%ebx"' ++ +++ # workaround for debian#783082 / libav#850 +++ if enabled gcc; then +++ case $($cc -dumpversion) in +++ 4.9.*|5.*) +++ disable ebx_available +++ ;; +++ esac +++ fi +++ ++ # check whether xmm clobbers are supported ++ check_inline_asm xmm_clobbers '"":::"%xmm0"' ++ diff --cc debian/patches/03-disable-configuration-warnings.patch index 0000000,0000000..0f5a630 new file mode 100644 --- /dev/null +++ b/debian/patches/03-disable-configuration-warnings.patch @@@ -1,0 -1,0 +1,19 @@@ ++Author: Reinhard Tartler ++Description: Disable configuration output warnings ++Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=619530 ++Bug-Ubuntu: https://launchpad.net/bugs/765357 ++Forwarded: not-needed ++ ++--- a/cmdutils.c +++++ b/cmdutils.c ++@@ -765,7 +765,9 @@ void print_error(const char *filename, i ++ av_log(NULL, AV_LOG_ERROR, "%s: %s\n", filename, errbuf_ptr); ++ } ++ ++-static int warned_cfg = 0; +++// Debian/Ubuntu: see http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=619530 +++// https://launchpad.net/bugs/765357 +++static int warned_cfg = 1; ++ ++ #define INDENT 1 ++ #define SHOW_VERSION 2 diff --cc debian/patches/CVE-2014-8542.patch index 0000000,0000000..9010ec5 new file mode 100644 --- /dev/null +++ b/debian/patches/CVE-2014-8542.patch @@@ -1,0 -1,0 +1,27 @@@ ++From 105654e376a736d243aef4a1d121abebce912e6b Mon Sep 17 00:00:00 2001 ++From: Michael Niedermayer ++Date: Fri, 3 Oct 2014 04:30:58 +0200 ++Subject: [PATCH] avcodec/utils: Add case for jv to avcodec_align_dimensions2() ++ ++Fixes out of array accesses ++Fixes: asan_heap-oob_12304aa_8_asan_heap-oob_4da4f3_300_intro.jv ++ ++Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind ++Signed-off-by: Michael Niedermayer ++--- ++ libavcodec/utils.c | 4 ++++ ++ 1 file changed, 4 insertions(+) ++ ++--- a/libavcodec/utils.c +++++ b/libavcodec/utils.c ++@@ -254,6 +254,10 @@ ++ w_align = 4; ++ h_align = 4; ++ } +++ if (s->codec_id == AV_CODEC_ID_JV) { +++ w_align = 8; +++ h_align = 8; +++ } ++ break; ++ case AV_PIX_FMT_BGR24: ++ if ((s->codec_id == AV_CODEC_ID_MSZH) || diff --cc debian/patches/CVE-2014-9317.patch index 0000000,0000000..f21d41f new file mode 100644 --- /dev/null +++ b/debian/patches/CVE-2014-9317.patch @@@ -1,0 -1,0 +1,31 @@@ ++From: Michael Niedermayer ++Date: Wed, 26 Nov 2014 14:45:47 +0000 (+0100) ++Subject: avcodec/pngdec: Check IHDR/IDAT order ++X-Git-Tag: n2.5~151 ++X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=79ceaf827be0b070675d4cd0a55c3386542defd8 ++ ++avcodec/pngdec: Check IHDR/IDAT order ++ ++Fixes out of array access ++Fixes: asan_heap-oob_20a6c26_2690_cov_3434532168_mail.png ++Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind ++Signed-off-by: Michael Niedermayer ++ ++[sunweaver] - Port this commit to libav in Debian jessie. ++--- ++ ++--- a/libavcodec/pngdec.c +++++ b/libavcodec/pngdec.c ++@@ -445,6 +445,12 @@ ++ case MKTAG('I', 'H', 'D', 'R'): ++ if (length != 13) ++ goto fail; +++ +++ if (s->state & PNG_IDAT) { +++ av_log(avctx, AV_LOG_ERROR, "IHDR after IDAT\n"); +++ goto fail; +++ } +++ ++ s->width = bytestream2_get_be32(&s->gb); ++ s->height = bytestream2_get_be32(&s->gb); ++ if (av_image_check_size(s->width, s->height, 0, avctx)) { diff --cc debian/patches/CVE-2015-1207.patch index 0000000,0000000..a4dd285 new file mode 100644 --- /dev/null +++ b/debian/patches/CVE-2015-1207.patch @@@ -1,0 -1,0 +1,22 @@@ ++From 3859868c75313e318ebc5d0d33baada62d45dd75 Mon Sep 17 00:00:00 2001 ++From: Michael Niedermayer ++Date: Tue, 6 Jan 2015 04:29:10 +0100 ++Subject: [PATCH] avformat/mov: fix integer overflow in mov_read_udta_string() ++ ++Found-by: Paul Mehta ++Signed-off-by: Michael Niedermayer ++--- ++ libavformat/mov.c | 2 +- ++ 1 file changed, 1 insertion(+), 1 deletion(-) ++ ++--- a/libavformat/mov.c +++++ b/libavformat/mov.c ++@@ -337,7 +337,7 @@ ++ ++ if (!key) ++ return 0; ++- if (atom.size < 0) +++ if (atom.size < 0 || str_size >= INT_MAX/2) ++ return AVERROR_INVALIDDATA; ++ ++ str_size = FFMIN3(sizeof(str)-1, str_size, atom.size); diff --cc debian/patches/CVE-2015-6761.patch index 0000000,0000000..763c983 new file mode 100644 --- /dev/null +++ b/debian/patches/CVE-2015-6761.patch @@@ -1,0 -1,0 +1,28 @@@ ++From: Michael Niedermayer ++Date: Wed, 30 Sep 2015 11:10:48 +0000 (+0200) ++Subject: avcodec/vp8: Do not use num_coeff_partitions in thread/buffer setup ++X-Git-Tag: n3.0~2422 ++X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=dabea74d0e82ea80cd344f630497cafcb3ef872c ++ ++avcodec/vp8: Do not use num_coeff_partitions in thread/buffer setup ++ ++The variable is not a constant and can lead to race conditions ++ ++Fixes: repro.webm (not reproducable with FFmpeg alone) ++ ++Found-by: Dale Curtis ++Tested-by: Dale Curtis ++Signed-off-by: Michael Niedermayer ++--- ++ ++--- a/libavcodec/vp8.c +++++ b/libavcodec/vp8.c ++@@ -156,7 +156,7 @@ ++ s->mb_height = (s->avctx->coded_height + 15) / 16; ++ ++ s->mb_layout = is_vp7 || avctx->active_thread_type == FF_THREAD_SLICE && ++- FFMIN(s->num_coeff_partitions, avctx->thread_count) > 1; +++ avctx->thread_count > 1; ++ if (!s->mb_layout) { // Frame threading and one thread ++ s->macroblocks_base = av_mallocz((s->mb_width + s->mb_height * 2 + 1) * ++ sizeof(*s->macroblocks)); diff --cc debian/patches/CVE-2015-6818.patch index 0000000,0000000..0bc4513 new file mode 100644 --- /dev/null +++ b/debian/patches/CVE-2015-6818.patch @@@ -1,0 -1,0 +1,31 @@@ ++From: Michael Niedermayer ++Date: Mon, 29 Jun 2015 19:08:05 +0000 (+0200) ++Subject: avcodec/pngdec: Only allow one IHDR chunk ++X-Git-Tag: n2.8~1342 ++X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=47f4e2d8960ca756ca153ab8e3e93d80449b8c91 ++ ++avcodec/pngdec: Only allow one IHDR chunk ++ ++Multiple IHDR chunks are forbidden in PNG ++Fixes inconsistency and out of array accesses ++ ++Fixes: asan_heap-oob_4d5c5a_1738_cov_2638287726_c-m2-8f2b481b7fd9bd745e620b7c01a18df2.png ++ ++Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind ++Signed-off-by: Michael Niedermayer ++--- ++ ++--- a/libavcodec/pngdec.c +++++ b/libavcodec/pngdec.c ++@@ -451,6 +451,11 @@ ++ goto fail; ++ } ++ +++ if (s->state & PNG_IHDR) { +++ av_log(avctx, AV_LOG_ERROR, "Multiple IHDR\n"); +++ goto fail; +++ } +++ ++ s->width = bytestream2_get_be32(&s->gb); ++ s->height = bytestream2_get_be32(&s->gb); ++ if (av_image_check_size(s->width, s->height, 0, avctx)) { diff --cc debian/patches/CVE-2015-6820.patch index 0000000,0000000..c44600a new file mode 100644 --- /dev/null +++ b/debian/patches/CVE-2015-6820.patch @@@ -1,0 -1,0 +1,49 @@@ ++From: Michael Niedermayer ++Date: Wed, 1 Jul 2015 00:05:43 +0000 (+0200) ++Subject: avcodec/aacsbr: check that the element type matches before applying SBR ++X-Git-Tag: n2.8~1308 ++X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=79a98294da6cd85f8c86b34764c5e0c43b09eea3 ++ ++avcodec/aacsbr: check that the element type matches before applying SBR ++ ++Fixes out of array access ++Fixes: signal_sigsegv_3670fc0_2818_cov_2307326154_moon.mux ++ ++Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind ++Signed-off-by: Michael Niedermayer ++--- ++ ++--- a/libavcodec/aacsbr.c +++++ b/libavcodec/aacsbr.c ++@@ -1006,6 +1006,8 @@ ++ { ++ unsigned int cnt = get_bits_count(gb); ++ +++ sbr->id_aac = id_aac; +++ ++ if (id_aac == TYPE_SCE || id_aac == TYPE_CCE) { ++ if (read_sbr_single_channel_element(ac, sbr, gb)) { ++ sbr_turnoff(sbr); ++@@ -1658,6 +1660,12 @@ ++ int nch = (id_aac == TYPE_CPE) ? 2 : 1; ++ int err; ++ +++ if (id_aac != sbr->id_aac) { +++ av_log(ac->avctx, AV_LOG_ERROR, +++ "element type mismatch %d != %d\n", id_aac, sbr->id_aac); +++ sbr_turnoff(sbr); +++ } +++ ++ if (!sbr->kx_and_m_pushed) { ++ sbr->kx[0] = sbr->kx[1]; ++ sbr->m[0] = sbr->m[1]; ++--- a/libavcodec/sbr.h +++++ b/libavcodec/sbr.h ++@@ -114,6 +114,7 @@ ++ typedef struct SpectralBandReplication { ++ int sample_rate; ++ int start; +++ int id_aac; ++ int reset; ++ SpectrumParameters spectrum_params; ++ int bs_amp_res_header; diff --cc debian/patches/CVE-2015-6821.patch index 0000000,0000000..5aa4fe5 new file mode 100644 --- /dev/null +++ b/debian/patches/CVE-2015-6821.patch @@@ -1,0 -1,0 +1,121 @@@ ++From: Michael Niedermayer ++Date: Thu, 9 Jul 2015 20:16:15 +0000 (+0200) ++Subject: avcodec/mpegvideo: Clear pointers in ff_mpv_common_init() ++X-Git-Tag: n2.8~1148 ++X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=b160fc290cf49b516c5b6ee0730fd9da7fc623b1 ++ ++avcodec/mpegvideo: Clear pointers in ff_mpv_common_init() ++ ++This ensures that no stale pointers leak through on any path ++ ++Fixes: signal_sigsegv_c3097a_991_xtrem_e2_m64q15_a32sxx.3gp ++ ++Found-by: Samuel Groß, Mateusz "j00ru" Jurczyk and Gynvael Coldwind ++Signed-off-by: Michael Niedermayer ++--- ++ ++--- a/libavcodec/mpegvideo.c +++++ b/libavcodec/mpegvideo.c ++@@ -1228,6 +1228,82 @@ ++ return AVERROR(ENOMEM); ++ } ++ +++static void clear_context(MpegEncContext *s) +++{ +++ int i, j, k; +++ +++ memset(&s->next_picture, 0, sizeof(s->next_picture)); +++ memset(&s->last_picture, 0, sizeof(s->last_picture)); +++ memset(&s->current_picture, 0, sizeof(s->current_picture)); +++ memset(&s->new_picture, 0, sizeof(s->new_picture)); +++ +++ memset(s->thread_context, 0, sizeof(s->thread_context)); +++ +++ s->me.map = NULL; +++ s->me.score_map = NULL; +++ s->dct_error_sum = NULL; +++ s->block = NULL; +++ s->blocks = NULL; +++ memset(s->pblocks, 0, sizeof(s->pblocks)); +++ s->ac_val_base = NULL; +++ s->ac_val[0] = +++ s->ac_val[1] = +++ s->ac_val[2] =NULL; +++ s->edge_emu_buffer = NULL; +++ s->me.scratchpad = NULL; +++ s->me.temp = +++ s->rd_scratchpad = +++ s->b_scratchpad = +++ s->obmc_scratchpad = NULL; +++ +++ s->parse_context.buffer = NULL; +++ s->parse_context.buffer_size = 0; +++ s->bitstream_buffer = NULL; +++ s->allocated_bitstream_buffer_size = 0; +++ s->picture = NULL; +++ s->mb_type = NULL; +++ s->p_mv_table_base = NULL; +++ s->b_forw_mv_table_base = NULL; +++ s->b_back_mv_table_base = NULL; +++ s->b_bidir_forw_mv_table_base = NULL; +++ s->b_bidir_back_mv_table_base = NULL; +++ s->b_direct_mv_table_base = NULL; +++ s->p_mv_table = NULL; +++ s->b_forw_mv_table = NULL; +++ s->b_back_mv_table = NULL; +++ s->b_bidir_forw_mv_table = NULL; +++ s->b_bidir_back_mv_table = NULL; +++ s->b_direct_mv_table = NULL; +++ for (i = 0; i < 2; i++) { +++ for (j = 0; j < 2; j++) { +++ for (k = 0; k < 2; k++) { +++ s->b_field_mv_table_base[i][j][k] = NULL; +++ s->b_field_mv_table[i][j][k] = NULL; +++ } +++ s->b_field_select_table[i][j] = NULL; +++ s->p_field_mv_table_base[i][j] = NULL; +++ s->p_field_mv_table[i][j] = NULL; +++ } +++ s->p_field_select_table[i] = NULL; +++ } +++ +++ s->dc_val_base = NULL; +++ s->coded_block_base = NULL; +++ s->mbintra_table = NULL; +++ s->cbp_table = NULL; +++ s->pred_dir_table = NULL; +++ +++ s->mbskip_table = NULL; +++ +++ s->er.error_status_table = NULL; +++ s->er.er_temp_buffer = NULL; +++ s->mb_index2xy = NULL; +++ s->lambda_table = NULL; +++ +++ s->cplx_tab = NULL; +++ s->bits_tab = NULL; +++} +++ ++ /** ++ * init common structure for both encoder and decoder. ++ * this assumes that some variables like width/height are already set ++@@ -1239,6 +1315,8 @@ ++ s->avctx->active_thread_type & FF_THREAD_SLICE) ? ++ s->avctx->thread_count : 1; ++ +++ clear_context(s); +++ ++ if (s->encoding && s->avctx->slices) ++ nb_slices = s->avctx->slices; ++ ++@@ -1290,10 +1368,6 @@ ++ if (!s->picture[i].f) ++ goto fail; ++ } ++- memset(&s->next_picture, 0, sizeof(s->next_picture)); ++- memset(&s->last_picture, 0, sizeof(s->last_picture)); ++- memset(&s->current_picture, 0, sizeof(s->current_picture)); ++- memset(&s->new_picture, 0, sizeof(s->new_picture)); ++ s->next_picture.f = av_frame_alloc(); ++ if (!s->next_picture.f) ++ goto fail; diff --cc debian/patches/CVE-2015-6822.patch index 0000000,0000000..54454d4 new file mode 100644 --- /dev/null +++ b/debian/patches/CVE-2015-6822.patch @@@ -1,0 -1,0 +1,24 @@@ ++From: Michael Niedermayer ++Date: Mon, 13 Jul 2015 14:05:21 +0000 (+0200) ++Subject: avcodec/sanm: Reset sizes in destroy_buffers() ++X-Git-Tag: n2.8~1072 ++X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=39bbdebb1ed8eb9c9b0cd6db85afde6ba89d86e4 ++ ++avcodec/sanm: Reset sizes in destroy_buffers() ++ ++Fixes crash in 1288a2fe8e9ae6b00ca40e089d08ca65_signal_sigsegv_7ffff71426a7_354_accident.san with allocation limit 65536 ++ ++Found-by: Samuel Groß, Mateusz "j00ru" Jurczyk and Gynvael Coldwind ++Signed-off-by: Michael Niedermayer ++--- ++ ++--- a/libavcodec/sanm.c +++++ b/libavcodec/sanm.c ++@@ -406,6 +406,7 @@ ++ ctx->frm0_size = ++ ctx->frm1_size = ++ ctx->frm2_size = 0; +++ init_sizes(ctx, 0, 0); ++ } ++ ++ static av_cold int init_buffers(SANMVideoContext *ctx) diff --cc debian/patches/CVE-2015-6823.patch index 0000000,0000000..6c1b5f2 new file mode 100644 --- /dev/null +++ b/debian/patches/CVE-2015-6823.patch @@@ -1,0 -1,0 +1,29 @@@ ++From: Michael Niedermayer ++Date: Mon, 13 Jul 2015 13:46:10 +0000 (+0200) ++Subject: avcodec/alac: Clear pointers in allocate_buffers() ++X-Git-Tag: n2.8~1073 ++X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=f7068bf277a37479aecde2832208d820682b35e6 ++ ++avcodec/alac: Clear pointers in allocate_buffers() ++ ++Fixes: 06a4edb39ad8a9883175f9bd428334a2_signal_sigsegv_7ffff713351a_706_mov__alac__ALAC_6ch.mov ++ ++Found-by: Samuel Groß, Mateusz "j00ru" Jurczyk and Gynvael Coldwind ++Signed-off-by: Michael Niedermayer ++--- ++ ++--- a/libavcodec/alac.c +++++ b/libavcodec/alac.c ++@@ -482,6 +482,12 @@ ++ int ch; ++ int buf_size = alac->max_samples_per_frame * sizeof(int32_t); ++ +++ for (ch = 0; ch < 2; ch++) { +++ alac->predict_error_buffer[ch] = NULL; +++ alac->output_samples_buffer[ch] = NULL; +++ alac->extra_bits_buffer[ch] = NULL; +++ } +++ ++ for (ch = 0; ch < FFMIN(alac->channels, 2); ch++) { ++ FF_ALLOC_OR_GOTO(alac->avctx, alac->predict_error_buffer[ch], ++ buf_size, buf_alloc_fail); diff --cc debian/patches/CVE-2015-6824.patch index 0000000,0000000..b7fa1dd new file mode 100644 --- /dev/null +++ b/debian/patches/CVE-2015-6824.patch @@@ -1,0 -1,0 +1,30 @@@ ++From: Michael Niedermayer ++Date: Wed, 15 Jul 2015 17:20:19 +0000 (+0200) ++Subject: swscale/utils: Clear pix buffers ++X-Git-Tag: n2.8~1024 ++X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=a5d44d5c220e12ca0cb7a4eceb0f74759cb13111 ++ ++swscale/utils: Clear pix buffers ++ ++Fixes use of uninitialized memory ++Fixes: a96874b9466b6edc660a519c7ad47977_signal_sigsegv_7ffff713351a_744_nc_sample.avi with memlimit 2147483648 ++ ++Found-by: Samuel Groß, Mateusz "j00ru" Jurczyk and Gynvael Coldwind ++Signed-off-by: Michael Niedermayer ++--- ++ ++--- a/libswscale/utils.c +++++ b/libswscale/utils.c ++@@ -1217,9 +1217,9 @@ ++ ++ /* Allocate pixbufs (we use dynamic allocation because otherwise we would ++ * need to allocate several megabytes to handle all possible cases) */ ++- FF_ALLOC_OR_GOTO(c, c->lumPixBuf, c->vLumBufSize * 3 * sizeof(int16_t *), fail); ++- FF_ALLOC_OR_GOTO(c, c->chrUPixBuf, c->vChrBufSize * 3 * sizeof(int16_t *), fail); ++- FF_ALLOC_OR_GOTO(c, c->chrVPixBuf, c->vChrBufSize * 3 * sizeof(int16_t *), fail); +++ FF_ALLOCZ_OR_GOTO(c, c->lumPixBuf, c->vLumBufSize * 3 * sizeof(int16_t *), fail); +++ FF_ALLOCZ_OR_GOTO(c, c->chrUPixBuf, c->vChrBufSize * 3 * sizeof(int16_t *), fail); +++ FF_ALLOCZ_OR_GOTO(c, c->chrVPixBuf, c->vChrBufSize * 3 * sizeof(int16_t *), fail); ++ if (CONFIG_SWSCALE_ALPHA && isALPHA(c->srcFormat) && isALPHA(c->dstFormat)) ++ FF_ALLOCZ_OR_GOTO(c, c->alpPixBuf, c->vLumBufSize * 3 * sizeof(int16_t *), fail); ++ /* Note we need at least one pixel more at the end because of the MMX code diff --cc debian/patches/CVE-2015-6825.patch index 0000000,0000000..ed9011a new file mode 100644 --- /dev/null +++ b/debian/patches/CVE-2015-6825.patch @@@ -1,0 -1,0 +1,24 @@@ ++From: Michael Niedermayer ++Date: Thu, 16 Jul 2015 09:52:33 +0000 (+0200) ++Subject: avcodec/pthread_frame: clear priv_data, avoid stale pointer in error case ++X-Git-Tag: n2.8~1010 ++X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=f1a38264f20382731cf2cc75fdd98f4c9a84a626 ++ ++avcodec/pthread_frame: clear priv_data, avoid stale pointer in error case ++ ++Fixes: b4b47bc2b3fb7ca710bfffe5aa969e37_signal_sigabrt_7ffff70eccc9_744_nc_sample2.avi with memlimit of 4194304 ++ ++Found-by: Samuel Groß, Mateusz "j00ru" Jurczyk and Gynvael Coldwind ++Signed-off-by: Michael Niedermayer ++--- ++ ++--- a/libavcodec/pthread_frame.c +++++ b/libavcodec/pthread_frame.c ++@@ -616,6 +616,7 @@ ++ ++ copy->internal = av_malloc(sizeof(AVCodecInternal)); ++ if (!copy->internal) { +++ copy->priv_data = NULL; ++ err = AVERROR(ENOMEM); ++ goto error; ++ } diff --cc debian/patches/CVE-2015-6826.patch index 0000000,0000000..e334deb new file mode 100644 --- /dev/null +++ b/debian/patches/CVE-2015-6826.patch @@@ -1,0 -1,0 +1,32 @@@ ++From: Michael Niedermayer ++Date: Sat, 18 Jul 2015 09:24:45 +0000 (+0200) ++Subject: avcodec/rv34: Clear pointers in ff_rv34_decode_init_thread_copy() ++X-Git-Tag: n2.8~958 ++X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=3197c0aa87a3b7190e17d49e6fbc7b554e4b3f0a ++ ++avcodec/rv34: Clear pointers in ff_rv34_decode_init_thread_copy() ++ ++Avoids leaving stale pointers ++Fixes: signal_sigabrt_7ffff70eccc9_819_sabtriple.rm with memlimit 536870912 ++ ++Found-by: Samuel Groß, Mateusz "j00ru" Jurczyk and Gynvael Coldwind ++Signed-off-by: Michael Niedermayer ++--- ++ ++--- a/libavcodec/rv34.c +++++ b/libavcodec/rv34.c ++@@ -1525,7 +1525,14 @@ ++ ++ if (avctx->internal->is_copy) { ++ r->tmp_b_block_base = NULL; +++ r->cbp_chroma = NULL; +++ r->cbp_luma = NULL; +++ r->deblock_coefs = NULL; +++ r->intra_types_hist = NULL; +++ r->mb_type = NULL; +++ ++ ff_mpv_idct_init(&r->s); +++ ++ if ((err = ff_mpv_common_init(&r->s)) < 0) ++ return err; ++ if ((err = rv34_decoder_alloc(r)) < 0) { diff --cc debian/patches/CVE-2015-8216.patch index 0000000,0000000..3328f3e new file mode 100644 --- /dev/null +++ b/debian/patches/CVE-2015-8216.patch @@@ -1,0 -1,0 +1,39 @@@ ++From: Michael Niedermayer ++Date: Wed, 4 Nov 2015 17:08:52 +0000 (+0100) ++Subject: avcodec/mjpegdec: Check index in ljpeg_decode_yuv_scan() before using it ++X-Git-Tag: n3.0~1729 ++X-Git-Url: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=d24888ef19ba38b787b11d1ee091a3d94920c76a ++ ++avcodec/mjpegdec: Check index in ljpeg_decode_yuv_scan() before using it ++ ++Fixes: 04715144ba237443010554be0d05343f/asan_heap-oob_1eafc76_1737_c685b48041a563461839e4e7ab97abb8.jpg ++Fixes out of array access ++ ++Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind ++Signed-off-by: Michael Niedermayer ++ ++[sunweaver] Re-based for libav 11.12 in Debian jessie LTS. ++ ++--- ++ ++--- a/libavcodec/mjpegdec.c +++++ b/libavcodec/mjpegdec.c ++@@ -768,6 +768,10 @@ ++ ++ for (j = 0; j < n; j++) { ++ int pred; +++ if ( h * mb_x + x >= s->width +++ || v * mb_y + y >= s->height) { +++ // Nothing to do +++ } else { ++ // FIXME optimize this crap ++ ptr = s->picture_ptr->data[c] + ++ (linesize * (v * mb_y + y)) + ++@@ -788,6 +792,7 @@ ++ if (s->interlaced && s->bottom_field) ++ ptr += linesize >> 1; ++ *ptr = pred + (mjpeg_decode_dc(s, s->dc_index[i]) << point_transform); +++ } ++ ++ if (++x == h) { ++ x = 0; diff --cc debian/patches/CVE-2015-8217.patch index 0000000,0000000..2187520 new file mode 100644 --- /dev/null +++ b/debian/patches/CVE-2015-8217.patch @@@ -1,0 -1,0 +1,33 @@@ ++From: Michael Niedermayer ++Date: Thu, 5 Nov 2015 13:52:33 +0000 (+0100) ++Subject: avcodec/hevc_ps: Check chroma_format_idc ++X-Git-Tag: n3.0~1722 ++X-Git-Url: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=93f30f825c08477fe8f76be00539e96014cc83c8 ++ ++avcodec/hevc_ps: Check chroma_format_idc ++ ++Fixes out of array access ++Fixes: 24d05e8b84676799c735c9e27d97895e/asan_heap-oob_1b70f6a_2955_7c3652a7f370f9f3ef40642bc2c99bb2.bit ++ ++Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind ++Signed-off-by: Michael Niedermayer ++ ++[sunweaver] Ported to libav 11.12 in Debian jessie LTS. ++ ++--- ++ ++--- a/libavcodec/hevc_ps.c +++++ b/libavcodec/hevc_ps.c ++@@ -661,9 +661,9 @@ ++ } ++ ++ sps->chroma_format_idc = get_ue_golomb_long(gb); ++- if (sps->chroma_format_idc != 1) { ++- avpriv_report_missing_feature(s->avctx, "chroma_format_idc != 1\n"); ++- ret = AVERROR_PATCHWELCOME; +++ if (sps->chroma_format_idc > 3u) { +++ av_log(s->avctx, AV_LOG_ERROR, "chroma_format_idc %d is invalid\n", sps->chroma_format_idc); +++ ret = AVERROR_INVALIDDATA; ++ goto err; ++ } ++ diff --cc debian/patches/CVE-2015-8363.patch index 0000000,0000000..5d19571 new file mode 100644 --- /dev/null +++ b/debian/patches/CVE-2015-8363.patch @@@ -1,0 -1,0 +1,36 @@@ ++ ++m: Michael Niedermayer ++Date: Fri, 13 Nov 2015 23:51:56 +0000 (+0100) ++Subject: avcodec/jpeg2000dec: Check for duplicate SIZ marker ++X-Git-Tag: n3.0~1580 ++X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=44a7f17d0b20e6f8d836b2957e3e357b639f19a2 ++ ++avcodec/jpeg2000dec: Check for duplicate SIZ marker ++ ++Fixes: 0231a17345734228011c6f35a64e4594/asan_heap-oob_1d92a72_3218_1213809a9e3affec77e4c191fdfdc0a9.mov ++ ++Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind ++Signed-off-by: Michael Niedermayer ++--- ++ ++--- a/libavcodec/jpeg2000dec.c +++++ b/libavcodec/jpeg2000dec.c ++@@ -1265,6 +1265,7 @@ ++ } ++ av_freep(&s->tile); ++ s->numXtiles = s->numYtiles = 0; +++ s->ncomponents = 0; ++ } ++ ++ static int jpeg2000_read_main_headers(Jpeg2000DecoderContext *s) ++@@ -1315,6 +1316,10 @@ ++ ++ switch (marker) { ++ case JPEG2000_SIZ: +++ if (s->ncomponents) { +++ av_log(s->avctx, AV_LOG_ERROR, "Duplicate SIZ\n"); +++ return AVERROR_INVALIDDATA; +++ } ++ ret = get_siz(s); ++ break; ++ case JPEG2000_COC: diff --cc debian/patches/CVE-2015-8364.patch index 0000000,0000000..98830e8 new file mode 100644 --- /dev/null +++ b/debian/patches/CVE-2015-8364.patch @@@ -1,0 -1,0 +1,34 @@@ ++From: Michael Niedermayer ++Date: Sat, 14 Nov 2015 01:36:22 +0000 (+0100) ++Subject: avcodec/ivi: Check image dimensions ++X-Git-Tag: n3.0~1578 ++X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=df91aa034b82b77a3c4e01791f4a2b2ff6c82066 ++ ++avcodec/ivi: Check image dimensions ++ ++Fixes integer overflow ++Fixes: 1e32c6c591d940337c20b197ec1c4d3d/asan_heap-oob_4a52e5_8946_0bb0d9e863def56005e49f1d89bdc94d.avi ++ ++Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind ++Signed-off-by: Michael Niedermayer ++--- ++ ++--- a/libavcodec/ivi_common.c +++++ b/libavcodec/ivi_common.c ++@@ -30,6 +30,7 @@ ++ ++ #define BITSTREAM_READER_LE ++ #include "libavutil/attributes.h" +++#include "libavutil/imgutils.h" ++ #include "libavutil/timer.h" ++ #include "avcodec.h" ++ #include "get_bits.h" ++@@ -312,7 +313,7 @@ ++ ++ ivi_free_buffers(planes); ++ ++- if (cfg->pic_width < 1 || cfg->pic_height < 1 || +++ if (av_image_check_size(cfg->pic_width, cfg->pic_height, 0, NULL) < 0 || ++ cfg->luma_bands < 1 || cfg->chroma_bands < 1) ++ return AVERROR_INVALIDDATA; ++ diff --cc debian/patches/CVE-2015-8661.patch index 0000000,0000000..8b1ee24 new file mode 100644 --- /dev/null +++ b/debian/patches/CVE-2015-8661.patch @@@ -1,0 -1,0 +1,25 @@@ ++From: Michael Niedermayer ++Date: Tue, 24 Nov 2015 21:12:37 +0000 (+0100) ++Subject: avcodec/h264_slice: Limit max_contexts when slice_context_count is initialized ++X-Git-Tag: n3.0~1433 ++X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=4ea4d2f438c9a7eba37980c9a87be4b34943e4d5 ++ ++avcodec/h264_slice: Limit max_contexts when slice_context_count is initialized ++ ++Fixes out of array access ++Fixes: 1430e9c43fae47a24c179c7c54f94918/signal_sigsegv_421427_2049_f2192b6829ab6e0eefcb035329c03c60.264 ++ ++Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind ++Signed-off-by: Michael Niedermayer ++--- ++ ++--- a/libavcodec/h264_slice.c +++++ b/libavcodec/h264_slice.c ++@@ -1118,6 +1118,7 @@ ++ nb_slices = max_slices; ++ } ++ h->slice_context_count = nb_slices; +++ h->max_contexts = FFMIN(h->max_contexts, nb_slices); ++ ++ if (!HAVE_THREADS || !(h->avctx->active_thread_type & FF_THREAD_SLICE)) { ++ ret = ff_h264_context_init(h); diff --cc debian/patches/CVE-2015-8662.patch index 0000000,0000000..9eef1ed new file mode 100644 --- /dev/null +++ b/debian/patches/CVE-2015-8662.patch @@@ -1,0 -1,0 +1,27 @@@ ++From: Michael Niedermayer ++Date: Fri, 27 Nov 2015 19:52:39 +0000 (+0100) ++Subject: avcodec/jpeg2000dwt: Check ndeclevels before calling dwt_decode*() ++X-Git-Tag: n3.0~1388 ++X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=75422280fbcdfbe9dc56bde5525b4d8b280f1bc5 ++ ++avcodec/jpeg2000dwt: Check ndeclevels before calling dwt_decode*() ++ ++Fixes out of array access ++Fixes: 01859c9a9ac6cd60a008274123275574/asan_heap-oob_1dff571_8250_50d3d1611e294c3519fd1fa82198b69b.avi ++ ++Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind ++Signed-off-by: Michael Niedermayer ++--- ++ ++--- a/libavcodec/jpeg2000dwt.c +++++ b/libavcodec/jpeg2000dwt.c ++@@ -334,6 +334,9 @@ ++ ++ int ff_dwt_decode(DWTContext *s, void *t) ++ { +++ if (s->ndeclevels == 0) +++ return 0; +++ ++ switch (s->type) { ++ case FF_DWT97: ++ dwt_decode97_float(s, t); diff --cc debian/patches/CVE-2015-8663.patch index 0000000,0000000..13d49f0 new file mode 100644 --- /dev/null +++ b/debian/patches/CVE-2015-8663.patch @@@ -1,0 -1,0 +1,106 @@@ ++From: Michael Niedermayer ++Date: Sat, 28 Nov 2015 19:08:46 +0000 (+0100) ++Subject: avcodec/utils: Clear dimensions in ff_get_buffer() on failure ++X-Git-Tag: n3.0~1374 ++X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=abee0a1c60612e8638640a8a3738fffb65e16dbf ++ ++avcodec/utils: Clear dimensions in ff_get_buffer() on failure ++ ++Fixes out of array access ++Fixes: 482d8f2fd17c9f532b586458a33f267c/asan_heap-oob_4a52b6_7417_1d08d477736d66cdadd833d146bb8bae.mov ++ ++Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind ++Signed-off-by: Michael Niedermayer ++ ++[sunweaver] - manually adapted for Debian jessie's libav version which lacks the get_internal_buffer() symbol. ++--- ++ ++### ++### original patch from ffmpeg's Git repository: ++### http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=abee0a1c60612e8638640a8a3738fffb65e16dbf ++### ++#diff --git a/libavcodec/utils.c b/libavcodec/utils.c ++#index e018e445f4..d00dfae4ac 100644 ++#--- a/libavcodec/utils.c ++#+++ b/libavcodec/utils.c ++#@@ -888,8 +888,10 @@ end: ++# int ff_get_buffer(AVCodecContext *avctx, AVFrame *frame, int flags) ++# { ++# int ret = get_buffer_internal(avctx, frame, flags); ++#- if (ret < 0) ++#+ if (ret < 0) { ++# av_log(avctx, AV_LOG_ERROR, "get_buffer() failed\n"); ++#+ frame->width = frame->height = 0; ++#+ } ++# return ret; ++# } ++Index: libav-11.12-deb8u2/libavcodec/utils.c ++=================================================================== ++--- libav-11.12-deb8u2.orig/libavcodec/utils.c +++++ libav-11.12-deb8u2/libavcodec/utils.c ++@@ -617,6 +617,10 @@ int ff_get_buffer(AVCodecContext *avctx, ++ ++ switch (avctx->codec_type) { ++ case AVMEDIA_TYPE_VIDEO: +++ if (av_image_check_size(avctx->width, avctx->height, 0, avctx) < 0) { +++ frame->width = frame->height = 0; +++ return AVERROR(EINVAL); +++ } ++ if (frame->width <= 0 || frame->height <= 0) { ++ frame->width = FFMAX(avctx->width, avctx->coded_width); ++ frame->height = FFMAX(avctx->height, avctx->coded_height); ++@@ -634,9 +638,6 @@ int ff_get_buffer(AVCodecContext *avctx, ++ frame->sample_aspect_ratio.den); ++ frame->sample_aspect_ratio = (AVRational){ 0, 1 }; ++ } ++- ++- if ((ret = av_image_check_size(avctx->width, avctx->height, 0, avctx)) < 0) ++- return ret; ++ break; ++ case AVMEDIA_TYPE_AUDIO: ++ if (!frame->sample_rate) ++@@ -670,8 +671,11 @@ int ff_get_buffer(AVCodecContext *avctx, ++ } ++ ++ ret = ff_decode_frame_props(avctx, frame); ++- if (ret < 0) +++ if (ret < 0) { +++ if (avctx->codec_type == AVMEDIA_TYPE_VIDEO) +++ frame->width = frame->height = 0; ++ return ret; +++ } ++ ++ if (hwaccel && hwaccel->alloc_frame) { ++ ret = hwaccel->alloc_frame(avctx, frame); ++@@ -696,8 +700,11 @@ FF_DISABLE_DEPRECATION_WARNINGS ++ frame->reference = 1; ++ ++ ret = avctx->get_buffer(avctx, frame); ++- if (ret < 0) +++ if (ret < 0) { +++ if (avctx->codec_type == AVMEDIA_TYPE_VIDEO) +++ frame->width = frame->height = 0; ++ return ret; +++ } ++ ++ /* return if the buffers are already set up ++ * this would happen e.g. when a custom get_buffer() calls ++@@ -789,6 +796,8 @@ fail: ++ avctx->release_buffer(avctx, frame); ++ av_freep(&priv); ++ av_buffer_unref(&dummy_buf); +++ if (avctx->codec_type == AVMEDIA_TYPE_VIDEO) +++ frame->width = frame->height = 0; ++ return ret; ++ } ++ FF_ENABLE_DEPRECATION_WARNINGS ++@@ -802,6 +811,9 @@ end: ++ frame->height = avctx->height; ++ } ++ +++ if ((ret < 0) && (avctx->codec_type == AVMEDIA_TYPE_VIDEO)) +++ frame->width = frame->height = 0; +++ ++ return ret; ++ } ++ diff --cc debian/patches/CVE-2016-10190-pre1-3668701f.patch index 0000000,0000000..7919214 new file mode 100644 --- /dev/null +++ b/debian/patches/CVE-2016-10190-pre1-3668701f.patch @@@ -1,0 -1,0 +1,30 @@@ ++From 3668701f96005f4f7fc3145c800911e39351c132 Mon Sep 17 00:00:00 2001 ++From: Michael Niedermayer ++Date: Sun, 29 Mar 2015 00:33:35 +0100 ++Subject: [PATCH] avformat/http: Return an error in case of prematurely ending ++ data ++ ++Fixes Ticket 4039 ++ ++Signed-off-by: Michael Niedermayer ++--- ++ libavformat/http.c | 8 ++++++++ ++ 1 file changed, 8 insertions(+) ++ ++--- a/libavformat/http.c +++++ b/libavformat/http.c ++@@ -707,6 +707,14 @@ ++ s->filesize >= 0 && s->off >= s->filesize) ++ return AVERROR_EOF; ++ len = ffurl_read(s->hd, buf, size); +++ if (!len && (!s->willclose || s->chunksize < 0) && +++ s->filesize >= 0 && s->off < s->filesize) { +++ av_log(h, AV_LOG_ERROR, +++ "Streams ends prematurly at %"PRId64", should be %"PRId64"\n", +++ s->off, s->filesize +++ ); +++ return AVERROR(EIO); +++ } ++ } ++ if (len > 0) { ++ s->off += len; diff --cc debian/patches/CVE-2016-10190-pre2-362c17e6.patch index 0000000,0000000..647afc7 new file mode 100644 --- /dev/null +++ b/debian/patches/CVE-2016-10190-pre2-362c17e6.patch @@@ -1,0 -1,0 +1,31 @@@ ++From 362c17e6563808ef48655e5ddf59a35b6497b8b2 Mon Sep 17 00:00:00 2001 ++From: Rodger Combs ++Date: Sun, 18 Oct 2015 17:50:21 -0500 ++Subject: [PATCH] lavf/http: fix incorrect warning in range requests ++ ++--- ++ libavformat/http.c | 7 ++++--- ++ 1 file changed, 4 insertions(+), 3 deletions(-) ++ ++--- a/libavformat/http.c +++++ b/libavformat/http.c ++@@ -703,15 +703,16 @@ ++ memcpy(buf, s->buf_ptr, len); ++ s->buf_ptr += len; ++ } else { +++ int64_t target_end = s->end_off ? s->end_off : s->filesize; ++ if ((!s->willclose || s->chunksize < 0) && ++- s->filesize >= 0 && s->off >= s->filesize) +++ target_end >= 0 && s->off >= target_end) ++ return AVERROR_EOF; ++ len = ffurl_read(s->hd, buf, size); ++ if (!len && (!s->willclose || s->chunksize < 0) && ++- s->filesize >= 0 && s->off < s->filesize) { +++ target_end >= 0 && s->off < target_end) { ++ av_log(h, AV_LOG_ERROR, ++ "Streams ends prematurly at %"PRId64", should be %"PRId64"\n", ++- s->off, s->filesize +++ s->off, target_end ++ ); ++ return AVERROR(EIO); ++ } diff --cc debian/patches/CVE-2016-10190-pre3-strtoull.patch index 0000000,0000000..e5f8fe2 new file mode 100644 --- /dev/null +++ b/debian/patches/CVE-2016-10190-pre3-strtoull.patch @@@ -1,0 -1,0 +1,20 @@@ ++--- a/configure +++++ b/configure ++@@ -2942,7 +2942,7 @@ ++ _ld_lib='lib%.a' ++ _ld_path='-libpath:' ++ _flags='-nologo' ++- _cflags='-D_USE_MATH_DEFINES -D_CRT_SECURE_NO_WARNINGS -Dinline=__inline -FIstdlib.h -Dstrtoll=_strtoi64' +++ _cflags='-D_USE_MATH_DEFINES -D_CRT_SECURE_NO_WARNINGS -Dinline=__inline -FIstdlib.h -Dstrtoll=_strtoi64 -Dstrtoull=_strtoui64' ++ elif $_cc 2>&1 | grep -q Intel; then ++ _type=icl ++ _ident=$($cc 2>&1 | head -n1) ++@@ -2965,7 +2965,7 @@ ++ _flags='-nologo -Qdiag-error:4044,10157' ++ # -Qvec- -Qsimd- to prevent miscompilation, -GS for consistency ++ # with MSVC which enables it by default. ++- _cflags='-D_USE_MATH_DEFINES -FIstdlib.h -Dstrtoll=_strtoi64 -Qms0 -Qvec- -Qsimd- -GS' +++ _cflags='-D_USE_MATH_DEFINES -FIstdlib.h -Dstrtoll=_strtoi64 -Dstrtoull=_strtoui64 -Qms0 -Qvec- -Qsimd- -GS' ++ elif $_cc --version 2>/dev/null | grep -q ^cparser; then ++ _type=cparser ++ _ident=$($_cc --version | head -n1) diff --cc debian/patches/CVE-2016-10190.patch index 0000000,0000000..c6a2000 new file mode 100644 --- /dev/null +++ b/debian/patches/CVE-2016-10190.patch @@@ -1,0 -1,0 +1,231 @@@ ++From 2a05c8f813de6f2278827734bf8102291e7484aa Mon Sep 17 00:00:00 2001 ++From: "Ronald S. Bultje" ++Date: Mon, 5 Dec 2016 08:02:33 -0500 ++Subject: [PATCH] http: make length/offset-related variables unsigned. ++ ++Fixes #5992, reported and found by Paul Cher . ++--- ++ libavformat/http.c | 70 +++++++++++++++++++++++++--------------------- ++ 1 file changed, 38 insertions(+), 32 deletions(-) ++ ++--- a/libavformat/http.c +++++ b/libavformat/http.c ++@@ -52,8 +52,8 @@ ++ int line_count; ++ int http_code; ++ /* Used if "Transfer-Encoding: chunked" otherwise -1. */ ++- int64_t chunksize; ++- int64_t off, end_off, filesize; +++ uint64_t chunksize; +++ uint64_t off, end_off, filesize; ++ char *location; ++ HTTPAuthState auth_state; ++ HTTPAuthState proxy_auth_state; ++@@ -75,9 +75,9 @@ ++ int post_datalen; ++ int icy; ++ /* how much data was read since the last ICY metadata packet */ ++- int icy_data_read; +++ uint64_t icy_data_read; ++ /* after how many bytes of read data a new metadata packet will be found */ ++- int icy_metaint; +++ uint64_t icy_metaint; ++ char *icy_metadata_headers; ++ char *icy_metadata_packet; ++ AVDictionary *metadata; ++@@ -278,7 +278,7 @@ ++ ++ h->is_streamed = 1; ++ ++- s->filesize = -1; +++ s->filesize = UINT64_MAX; ++ s->location = av_strdup(uri); ++ if (!s->location) ++ return AVERROR(ENOMEM); ++@@ -375,9 +375,9 @@ ++ ++ if (!strncmp(p, "bytes ", 6)) { ++ p += 6; ++- s->off = strtoll(p, NULL, 10); +++ s->off = strtoull(p, NULL, 10); ++ if ((slash = strchr(p, '/')) && strlen(slash) > 0) ++- s->filesize = strtoll(slash + 1, NULL, 10); +++ s->filesize = strtoull(slash + 1, NULL, 10); ++ } ++ h->is_streamed = 0; /* we _can_ in fact seek */ ++ } ++@@ -479,8 +479,9 @@ ++ if ((ret = parse_location(s, p)) < 0) ++ return ret; ++ *new_location = 1; ++- } else if (!av_strcasecmp(tag, "Content-Length") && s->filesize == -1) { ++- s->filesize = strtoll(p, NULL, 10); +++ } else if (!av_strcasecmp(tag, "Content-Length") && +++ s->filesize == UINT64_MAX) { +++ s->filesize = strtoull(p, NULL, 10); ++ } else if (!av_strcasecmp(tag, "Content-Range")) { ++ parse_content_range(h, p); ++ } else if (!av_strcasecmp(tag, "Accept-Ranges") && ++@@ -488,7 +489,7 @@ ++ h->is_streamed = 0; ++ } else if (!av_strcasecmp(tag, "Transfer-Encoding") && ++ !av_strncasecmp(p, "chunked", 7)) { ++- s->filesize = -1; +++ s->filesize = UINT64_MAX; ++ s->chunksize = 0; ++ } else if (!av_strcasecmp(tag, "WWW-Authenticate")) { ++ ff_http_auth_handle_header(&s->auth_state, tag, p); ++@@ -503,7 +504,7 @@ ++ av_free(s->mime_type); ++ s->mime_type = av_strdup(p); ++ } else if (!av_strcasecmp(tag, "Icy-MetaInt")) { ++- s->icy_metaint = strtoll(p, NULL, 10); +++ s->icy_metaint = strtoull(p, NULL, 10); ++ } else if (!av_strncasecmp(tag, "Icy-", 4)) { ++ if ((ret = parse_icy(s, tag, p)) < 0) ++ return ret; ++@@ -529,7 +530,7 @@ ++ char line[MAX_URL_SIZE]; ++ int err = 0; ++ ++- s->chunksize = -1; +++ s->chunksize = UINT64_MAX; ++ ++ for (;;) { ++ if ((err = http_get_line(s, line, sizeof(line))) < 0) ++@@ -556,7 +557,7 @@ ++ int post, err; ++ char headers[HTTP_HEADERS_SIZE] = ""; ++ char *authstr = NULL, *proxyauthstr = NULL; ++- int64_t off = s->off; +++ uint64_t off = s->off; ++ int len = 0; ++ const char *method; ++ int send_expect_100 = 0; ++@@ -604,7 +605,7 @@ ++ // server supports seeking by analysing the reply headers. ++ if (!has_header(s->headers, "\r\nRange: ") && !post) { ++ len += av_strlcatf(headers + len, sizeof(headers) - len, ++- "Range: bytes=%"PRId64"-", s->off); +++ "Range: bytes=%"PRIu64"-", s->off); ++ if (s->end_off) ++ len += av_strlcatf(headers + len, sizeof(headers) - len, ++ "%"PRId64, s->end_off - 1); ++@@ -671,7 +672,7 @@ ++ s->line_count = 0; ++ s->off = 0; ++ s->icy_data_read = 0; ++- s->filesize = -1; +++ s->filesize = UINT64_MAX; ++ s->willclose = 0; ++ s->end_chunked_post = 0; ++ s->end_header = 0; ++@@ -688,7 +689,7 @@ ++ if (err < 0) ++ return err; ++ ++- return (off == s->off) ? 0 : -1; +++ return (off == s->off) ? 0 : UINT64_MAX; ++ } ++ ++ static int http_buf_read(URLContext *h, uint8_t *buf, int size) ++@@ -703,15 +704,13 @@ ++ memcpy(buf, s->buf_ptr, len); ++ s->buf_ptr += len; ++ } else { ++- int64_t target_end = s->end_off ? s->end_off : s->filesize; ++- if ((!s->willclose || s->chunksize < 0) && ++- target_end >= 0 && s->off >= target_end) +++ uint64_t target_end = s->end_off ? s->end_off : s->filesize; +++ if ((!s->willclose || s->chunksize == UINT64_MAX) && s->off >= target_end) ++ return AVERROR_EOF; ++ len = ffurl_read(s->hd, buf, size); ++- if (!len && (!s->willclose || s->chunksize < 0) && ++- target_end >= 0 && s->off < target_end) { +++ if (!len && (!s->willclose || s->chunksize == UINT64_MAX) && s->off < target_end) { ++ av_log(h, AV_LOG_ERROR, ++- "Streams ends prematurly at %"PRId64", should be %"PRId64"\n", +++ "Streams ends prematurly at %"PRIu64", should be %"PRIu64"\n", ++ s->off, target_end ++ ); ++ return AVERROR(EIO); ++@@ -772,7 +771,7 @@ ++ return err; ++ } ++ ++- if (s->chunksize >= 0) { +++ if (s->chunksize != UINT64_MAX) { ++ if (!s->chunksize) { ++ char line[32]; ++ ++@@ -782,19 +781,23 @@ ++ return err; ++ } while (!*line); /* skip CR LF from last chunk */ ++ ++- s->chunksize = strtoll(line, NULL, 16); +++ s->chunksize = strtoull(line, NULL, 16); ++ ++- av_dlog(NULL, "Chunked encoding data size: %"PRId64"'\n", +++ av_log(h, AV_LOG_DEBUG, +++ "Chunked encoding data size: %"PRIu64"'\n", ++ s->chunksize); ++- if (s->chunksize < 0) ++- return AVERROR_INVALIDDATA; ++- else if (!s->chunksize) +++ if (!s->chunksize) ++ return 0; ++- break; +++ else if (s->chunksize == UINT64_MAX) { +++ av_log(h, AV_LOG_ERROR, "Invalid chunk size %"PRIu64"\n", +++ s->chunksize); +++ return AVERROR_INVALIDDATA; +++ } ++ } ++ } ++ size = FFMIN(size, s->chunksize); ++ } +++ ++ #if CONFIG_ZLIB ++ if (s->compressed) ++ return http_buf_read_compressed(h, buf, size); ++@@ -844,10 +847,11 @@ ++ { ++ HTTPContext *s = h->priv_data; ++ /* until next metadata packet */ ++- int remaining = s->icy_metaint - s->icy_data_read; +++ uint64_t remaining; ++ ++- if (remaining < 0) +++ if (s->icy_metaint < s->icy_data_read) ++ return AVERROR_INVALIDDATA; +++ remaining = s->icy_metaint - s->icy_data_read; ++ ++ if (!remaining) { ++ /* The metadata packet is variable sized. It has a 1 byte header ++@@ -960,7 +964,7 @@ ++ { ++ HTTPContext *s = h->priv_data; ++ URLContext *old_hd = s->hd; ++- int64_t old_off = s->off; +++ uint64_t old_off = s->off; ++ uint8_t old_buf[BUFFER_SIZE]; ++ int old_buf_size, ret; ++ AVDictionary *options = NULL; ++@@ -970,7 +974,7 @@ ++ else if ((whence == SEEK_CUR && off == 0) || ++ (whence == SEEK_SET && off == s->off)) ++ return s->off; ++- else if ((s->filesize == -1 && whence == SEEK_END) || h->is_streamed) +++ else if ((s->filesize == UINT64_MAX && whence == SEEK_END) || h->is_streamed) ++ return AVERROR(ENOSYS); ++ ++ /* we save the old context in case the seek fails */ ++@@ -1105,7 +1109,7 @@ ++ s->buf_ptr = s->buffer; ++ s->buf_end = s->buffer; ++ s->line_count = 0; ++- s->filesize = -1; +++ s->filesize = UINT64_MAX; ++ cur_auth_type = s->proxy_auth_state.auth_type; ++ ++ /* Note: This uses buffering, potentially reading more than the diff --cc debian/patches/CVE-2016-10191.patch index 0000000,0000000..e26bb98 new file mode 100644 --- /dev/null +++ b/debian/patches/CVE-2016-10191.patch @@@ -1,0 -1,0 +1,34 @@@ ++From 7d57ca4d9a75562fa32e40766211de150f8b3ee7 Mon Sep 17 00:00:00 2001 ++From: Michael Niedermayer ++Date: Mon, 5 Dec 2016 11:14:51 +0100 ++Subject: [PATCH] avformat/rtmppkt: Check for packet size mismatches ++ ++Fixes out of array access ++ ++Found-by: Paul Cher ++Reviewed-by: Paul Cher ++Signed-off-by: Michael Niedermayer ++--- ++ libavformat/rtmppkt.c | 8 ++++++++ ++ 1 file changed, 8 insertions(+) ++ ++diff --git a/libavformat/rtmppkt.c b/libavformat/rtmppkt.c ++index 0d693c27f7f..cde0da78ce1 100644 ++--- a/libavformat/rtmppkt.c +++++ b/libavformat/rtmppkt.c ++@@ -235,6 +235,14 @@ static int rtmp_packet_read_one_chunk(URLContext *h, RTMPPacket *p, ++ if (hdr != RTMP_PS_TWELVEBYTES) ++ timestamp += prev_pkt[channel_id].timestamp; ++ +++ if (prev_pkt[channel_id].read && size != prev_pkt[channel_id].size) { +++ av_log(NULL, AV_LOG_ERROR, "RTMP packet size mismatch %d != %d\n", +++ size, +++ prev_pkt[channel_id].size); +++ ff_rtmp_packet_destroy(&prev_pkt[channel_id]); +++ prev_pkt[channel_id].read = 0; +++ } +++ ++ if (!prev_pkt[channel_id].read) { ++ if ((ret = ff_rtmp_packet_create(p, channel_id, type, timestamp, ++ size)) < 0) ++ diff --cc debian/patches/CVE-2017-10001.patch index 0000000,0000000..53207fb new file mode 100644 --- /dev/null +++ b/debian/patches/CVE-2017-10001.patch @@@ -1,0 -1,0 +1,65 @@@ ++From: Michael Niedermayer ++Date: Sat, 31 Mar 2018 01:10:43 +0000 (+0200) ++Subject: avcodec/utvideodec: Set pro flag based on fourcc ++X-Git-Tag: n4.0~194 ++X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=47b7c68ae54560e2308bdb6be4fb076c73b93081 ++ ++avcodec/utvideodec: Set pro flag based on fourcc ++ ++This avoids mixing 8bit variants with pro and 10bit with non pro mode. ++Fixes: out of array read ++Fixes: poc_03_30.avi ++ ++Found-by: GwanYeong Kim ++Reviewed-by: Paul B Mahol ++Signed-off-by: Michael Niedermayer ++--- ++ ++diff --git a/libavcodec/utvideodec.c b/libavcodec/utvideodec.c ++index 086129d094..82cb038ccd 100644 ++--- a/libavcodec/utvideodec.c +++++ b/libavcodec/utvideodec.c ++@@ -949,14 +949,17 @@ static av_cold int decode_init(AVCodecContext *avctx) ++ break; ++ case MKTAG('U', 'Q', 'Y', '2'): ++ c->planes = 3; +++ c->pro = 1; ++ avctx->pix_fmt = AV_PIX_FMT_YUV422P10; ++ break; ++ case MKTAG('U', 'Q', 'R', 'G'): ++ c->planes = 3; +++ c->pro = 1; ++ avctx->pix_fmt = AV_PIX_FMT_GBRP10; ++ break; ++ case MKTAG('U', 'Q', 'R', 'A'): ++ c->planes = 4; +++ c->pro = 1; ++ avctx->pix_fmt = AV_PIX_FMT_GBRAP10; ++ break; ++ case MKTAG('U', 'L', 'H', '0'): ++@@ -1031,7 +1034,7 @@ static av_cold int decode_init(AVCodecContext *avctx) ++ if (c->compression != 2) ++ avpriv_request_sample(avctx, "Unknown compression type"); ++ c->slices = avctx->extradata[9] + 1; ++- } else if (avctx->extradata_size >= 16) { +++ } else if (!c->pro && avctx->extradata_size >= 16) { ++ av_log(avctx, AV_LOG_DEBUG, "Encoder version %d.%d.%d.%d\n", ++ avctx->extradata[3], avctx->extradata[2], ++ avctx->extradata[1], avctx->extradata[0]); ++@@ -1046,14 +1049,13 @@ static av_cold int decode_init(AVCodecContext *avctx) ++ c->slices = (c->flags >> 24) + 1; ++ c->compression = c->flags & 1; ++ c->interlaced = c->flags & 0x800; ++- } else if (avctx->extradata_size == 8) { +++ } else if (c->pro && avctx->extradata_size == 8) { ++ av_log(avctx, AV_LOG_DEBUG, "Encoder version %d.%d.%d.%d\n", ++ avctx->extradata[3], avctx->extradata[2], ++ avctx->extradata[1], avctx->extradata[0]); ++ av_log(avctx, AV_LOG_DEBUG, "Original format %"PRIX32"\n", ++ AV_RB32(avctx->extradata + 4)); ++ c->interlaced = 0; ++- c->pro = 1; ++ c->frame_info_size = 4; ++ } else { ++ av_log(avctx, AV_LOG_ERROR, ++ diff --cc debian/patches/CVE-2017-14055.patch index 0000000,0000000..d1ddb98 new file mode 100644 --- /dev/null +++ b/debian/patches/CVE-2017-14055.patch @@@ -1,0 -1,0 +1,22 @@@ ++From: Markus Koschany ++Date: Sun, 30 Dec 2018 14:27:49 +0100 ++Subject: CVE-2017-14055 ++ ++Origin: https://github.com/FFmpeg/FFmpeg/commit/4f05e2e2dc1a89f38cd9f0960a6561083d714f1e ++--- ++ libavformat/mvdec.c | 2 ++ ++ 1 file changed, 2 insertions(+) ++ ++diff --git a/libavformat/mvdec.c b/libavformat/mvdec.c ++index e21ec06..4c62993 100644 ++--- a/libavformat/mvdec.c +++++ b/libavformat/mvdec.c ++@@ -327,6 +327,8 @@ static int mv_read_header(AVFormatContext *avctx) ++ uint32_t pos = avio_rb32(pb); ++ uint32_t asize = avio_rb32(pb); ++ uint32_t vsize = avio_rb32(pb); +++ if (avio_feof(pb)) +++ return AVERROR_INVALIDDATA; ++ avio_skip(pb, 8); ++ av_add_index_entry(ast, pos, timestamp, asize, 0, AVINDEX_KEYFRAME); ++ av_add_index_entry(vst, pos + asize, i, vsize, 0, AVINDEX_KEYFRAME); diff --cc debian/patches/CVE-2017-14056.patch index 0000000,0000000..81a8201 new file mode 100644 --- /dev/null +++ b/debian/patches/CVE-2017-14056.patch @@@ -1,0 -1,0 +1,38 @@@ ++From: Markus Koschany ++Date: Sun, 30 Dec 2018 14:25:04 +0100 ++Subject: CVE-2017-14056 ++ ++Origin: https://github.com/FFmpeg/FFmpeg/commit/96f24d1bee7fe7bac08e2b7c74db1a046c9dc0de ++--- ++ libavformat/rl2.c | 15 ++++++++++++--- ++ 1 file changed, 12 insertions(+), 3 deletions(-) ++ ++diff --git a/libavformat/rl2.c b/libavformat/rl2.c ++index 5d30bf8..48c1ea6 100644 ++--- a/libavformat/rl2.c +++++ b/libavformat/rl2.c ++@@ -175,12 +175,21 @@ static av_cold int rl2_read_header(AVFormatContext *s) ++ } ++ ++ /** read offset and size tables */ ++- for(i=0; i < frame_count;i++) +++ for(i=0; i < frame_count;i++) { +++ if (avio_feof(pb)) +++ return AVERROR_INVALIDDATA; ++ chunk_size[i] = avio_rl32(pb); ++- for(i=0; i < frame_count;i++) +++ } +++ for(i=0; i < frame_count;i++) { +++ if (avio_feof(pb)) +++ return AVERROR_INVALIDDATA; ++ chunk_offset[i] = avio_rl32(pb); ++- for(i=0; i < frame_count;i++) +++ } +++ for(i=0; i < frame_count;i++) { +++ if (avio_feof(pb)) +++ return AVERROR_INVALIDDATA; ++ audio_size[i] = avio_rl32(pb) & 0xFFFF; +++ } ++ ++ /** build the sample index */ ++ for(i=0;i ++Date: Mon, 31 Jan 2018 14:48:32 +0100 ++Subject: CVE-2017-14057 ++ ++Origin: https://github.com/FFmpeg/FFmpeg/commit/7f9ec5593e04827249e7aeb466da06a98a0d7329 ++--- ++ libavformat/asfdec.c | 6 ++++-- ++ 1 file changed, 4 insertions(+), 2 deletions(-) ++ ++diff --git a/libavformat/asfdec.c b/libavformat/asfdec.c ++index 85e800d..1ec36aa 100644 ++--- a/libavformat/asfdec.c +++++ b/libavformat/asfdec.c ++@@ -683,13 +683,15 @@ static int asf_read_marker(AVFormatContext *s, int64_t size) ++ count = avio_rl32(pb); // markers count ++ avio_rl16(pb); // reserved 2 bytes ++ name_len = avio_rl16(pb); // name length ++- for (i = 0; i < name_len; i++) ++- avio_r8(pb); // skip the name +++ avio_skip(pb, name_len); ++ ++ for (i = 0; i < count; i++) { ++ int64_t pres_time; ++ int name_len; ++ +++ if (avio_feof(pb)) +++ return AVERROR_INVALIDDATA; +++ ++ avio_rl64(pb); // offset, 8 bytes ++ pres_time = avio_rl64(pb); // presentation time ++ pres_time -= asf->hdr.preroll * 10000; diff --cc debian/patches/CVE-2017-14169.patch index 0000000,0000000..286a746 new file mode 100644 --- /dev/null +++ b/debian/patches/CVE-2017-14169.patch @@@ -1,0 -1,0 +1,36 @@@ ++From 9d00fb9d70ee8c0cc7002b89318c5be00f1bbdad Mon Sep 17 00:00:00 2001 ++From: =?UTF-8?q?=E5=AD=99=E6=B5=A9=28=E6=99=93=E9=BB=91=29?= ++ ++Date: Tue, 29 Aug 2017 23:59:21 +0200 ++Subject: [PATCH] avformat/mxfdec: Fix Sign error in mxf_read_primer_pack() ++MIME-Version: 1.0 ++Content-Type: text/plain; charset=UTF-8 ++Content-Transfer-Encoding: 8bit ++ ++Fixes: 20170829B.mxf ++ ++Co-Author: 张洪亮(望初)" ++Found-by: Xiaohei and Wangchu from Alibaba Security Team ++Signed-off-by: Michael Niedermayer ++--- ++ libavformat/mxfdec.c | 2 +- ++ 1 file changed, 1 insertion(+), 1 deletion(-) ++ ++--- a/libavformat/mxfdec.c +++++ b/libavformat/mxfdec.c ++@@ -407,12 +407,13 @@ ++ avpriv_request_sample(pb, "Primer pack item length %d", item_len); ++ return AVERROR_PATCHWELCOME; ++ } ++- if (item_num > UINT_MAX / item_len) +++ if (item_num > 65536 || item_num < 0) +++ av_log(mxf->fc, AV_LOG_ERROR, "item_num %d is too large\n", item_num); ++ return AVERROR_INVALIDDATA; ++- mxf->local_tags_count = item_num; ++ mxf->local_tags = av_malloc(item_num*item_len); ++ if (!mxf->local_tags) ++ return AVERROR(ENOMEM); +++ mxf->local_tags_count = item_num; ++ avio_read(pb, mxf->local_tags, item_num*item_len); ++ return 0; ++ } diff --cc debian/patches/CVE-2017-14170.patch index 0000000,0000000..14864ec new file mode 100644 --- /dev/null +++ b/debian/patches/CVE-2017-14170.patch @@@ -1,0 -1,0 +1,31 @@@ ++From: Markus Koschany ++Date: Sun, 30 Dec 2018 20:53:42 +0100 ++Subject: CVE-2017-14170 ++ ++Origin: https://github.com/FFmpeg/FFmpeg/commit/900f39692ca0337a98a7cf047e4e2611071810c2 ++--- ++ libavformat/mxfdec.c | 4 ++++ ++ 1 file changed, 4 insertions(+) ++ ++diff --git a/libavformat/mxfdec.c b/libavformat/mxfdec.c ++index 9aedd47..5392ed9 100644 ++--- a/libavformat/mxfdec.c +++++ b/libavformat/mxfdec.c ++@@ -743,6 +743,8 @@ static int mxf_read_index_entry_array(AVIOContext *pb, MXFIndexTableSegment *seg ++ return AVERROR(ENOMEM); ++ ++ length = avio_rb32(pb); +++ if(segment->nb_index_entries && length < 11) +++ return AVERROR_INVALIDDATA; ++ ++ segment->temporal_offset_entries = av_mallocz(segment->nb_index_entries * ++ sizeof(*segment->temporal_offset_entries)); ++@@ -760,6 +762,8 @@ static int mxf_read_index_entry_array(AVIOContext *pb, MXFIndexTableSegment *seg ++ } ++ ++ for (i = 0; i < segment->nb_index_entries; i++) { +++ if(avio_feof(pb)) +++ return AVERROR_INVALIDDATA; ++ segment->temporal_offset_entries[i] = avio_r8(pb); ++ avio_r8(pb); /* KeyFrameOffset */ ++ segment->flag_entries[i] = avio_r8(pb); diff --cc debian/patches/CVE-2017-14171.patch index 0000000,0000000..b6883ae new file mode 100644 --- /dev/null +++ b/debian/patches/CVE-2017-14171.patch @@@ -1,0 -1,0 +1,26 @@@ ++From: Markus Koschany ++Date: Sun, 30 Dec 2018 20:51:01 +0100 ++Subject: CVE-2017-14171 ++ ++Origin: https://github.com/FFmpeg/FFmpeg/commit/c24bcb553650b91e9eff15ef6e54ca73de2453b7 ++--- ++ libavformat/nsvdec.c | 5 ++++- ++ 1 file changed, 4 insertions(+), 1 deletion(-) ++ ++diff --git a/libavformat/nsvdec.c b/libavformat/nsvdec.c ++index 670b867..25cc443 100644 ++--- a/libavformat/nsvdec.c +++++ b/libavformat/nsvdec.c ++@@ -351,8 +351,11 @@ static int nsv_parse_NSVf_header(AVFormatContext *s) ++ if (!nsv->nsvs_file_offset) ++ return AVERROR(ENOMEM); ++ ++- for(i=0;insvs_file_offset[i] = avio_rl32(pb) + size; +++ } ++ ++ if(table_entries > table_entries_used && ++ avio_rl32(pb) == MKTAG('T','O','C','2')) { diff --cc debian/patches/CVE-2017-14223.patch index 0000000,0000000..a3e72ad new file mode 100644 --- /dev/null +++ b/debian/patches/CVE-2017-14223.patch @@@ -1,0 -1,0 +1,30 @@@ ++From afc9c683ed9db01edb357bc8c19edad4282b3a97 Mon Sep 17 00:00:00 2001 ++From: Michael Niedermayer ++Date: Tue, 5 Sep 2017 00:16:29 +0200 ++Subject: [PATCH] avformat/asfdec: Fix DoS in asf_build_simple_index() ++ ++Fixes: Missing EOF check in loop ++No testcase ++ ++Found-by: Xiaohei and Wangchu from Alibaba Security Team ++Signed-off-by: Michael Niedermayer ++ ++[sunweaver] - Backport to libav as found in Debian jessie LTS. ++--- ++ libavformat/asfdec.c | 5 +++++ ++ 1 file changed, 5 insertions(+) ++ ++--- a/libavformat/asfdec.c +++++ b/libavformat/asfdec.c ++@@ -1442,6 +1442,11 @@ ++ int64_t pos = s->data_offset + s->packet_size * (int64_t)pktnum; ++ int64_t index_pts = FFMAX(av_rescale(itime, i, 10000) - asf->hdr.preroll, 0); ++ +++ if (avio_feof(s->pb)) { +++ ret = AVERROR_INVALIDDATA; +++ goto end; +++ } +++ ++ if (pos != last_pos) { ++ av_log(s, AV_LOG_DEBUG, "pktnum:%d, pktct:%d pts: %"PRId64"\n", ++ pktnum, pktct, index_pts); diff --cc debian/patches/CVE-2017-14767.patch index 0000000,0000000..50fb744 new file mode 100644 --- /dev/null +++ b/debian/patches/CVE-2017-14767.patch @@@ -1,0 -1,0 +1,25 @@@ ++From: Markus Koschany ++Date: Sun, 30 Dec 2018 17:39:40 +0100 ++Subject: CVE-2017-14767 ++ ++Origin: https://github.com/FFmpeg/FFmpeg/commit/c42a1388a6d1bfd8001bf6a4241d8ca27e49326d ++--- ++ libavformat/rtpdec_h264.c | 5 +++++ ++ 1 file changed, 5 insertions(+) ++ ++diff --git a/libavformat/rtpdec_h264.c b/libavformat/rtpdec_h264.c ++index abf1f39..72f645f 100644 ++--- a/libavformat/rtpdec_h264.c +++++ b/libavformat/rtpdec_h264.c ++@@ -116,6 +116,11 @@ static int sdp_parse_fmtp_config_h264(AVFormatContext *s, ++ codec->extradata_size = 0; ++ av_freep(&codec->extradata); ++ +++ if (*value == 0 || value[strlen(value) - 1] == ',') { +++ av_log(s, AV_LOG_WARNING, "Missing PPS in sprop-parameter-sets, ignoring\n"); +++ return 0; +++ } +++ ++ while (*value) { ++ char base64packet[1024]; ++ uint8_t decoded_packet[1024]; diff --cc debian/patches/CVE-2017-15672.patch index 0000000,0000000..b5390c4 new file mode 100644 --- /dev/null +++ b/debian/patches/CVE-2017-15672.patch @@@ -1,0 -1,0 +1,22 @@@ ++From: Markus Koschany ++Date: Sun, 30 Dec 2018 17:29:28 +0100 ++Subject: CVE-2017-15672 ++ ++Origin: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=c20f4fcb74da2d0432c7b54499bb98f48236b904 ++--- ++ libavcodec/ffv1dec.c | 2 +- ++ 1 file changed, 1 insertion(+), 1 deletion(-) ++ ++diff --git a/libavcodec/ffv1dec.c b/libavcodec/ffv1dec.c ++index 50b220f..84a4b1b 100644 ++--- a/libavcodec/ffv1dec.c +++++ b/libavcodec/ffv1dec.c ++@@ -730,7 +730,7 @@ static int read_header(FFV1Context *f) ++ } else { ++ const uint8_t *p = c->bytestream_end; ++ for (f->slice_count = 0; ++- f->slice_count < MAX_SLICES && 3 < p - c->bytestream_start; +++ f->slice_count < MAX_SLICES && 3 + 5*!!f->ec < p - c->bytestream_start; ++ f->slice_count++) { ++ int trailer = 3 + 5 * !!f->ec; ++ int size = AV_RB24(p - trailer); diff --cc debian/patches/CVE-2017-17130.patch index 0000000,0000000..8477fac new file mode 100644 --- /dev/null +++ b/debian/patches/CVE-2017-17130.patch @@@ -1,0 -1,0 +1,28 @@@ ++From: Markus Koschany ++Date: Sun, 30 Dec 2018 17:14:54 +0100 ++Subject: CVE-2017-17130 ++ ++Origin: https://github.com/libav/libav/commit/49cf72b3ac77140cf4715c18fe7c7610d918d912 ++--- ++ libavcodec/vc1dec.c | 4 ++-- ++ 1 files changed, 2 insertions(+), 2 deletions(-) ++--- a/libavcodec/vc1dec.c +++++ b/libavcodec/vc1dec.c ++@@ -5844,7 +5844,7 @@ static int vc1_decode_frame(AVCodecContext *avctx, void *data, ++ buf_size3 << 3); ++ /* assuming that the field marker is at the exact middle, ++ hope it's correct */ ++- slices[n_slices].mby_start = s->mb_height >> 1; +++ slices[n_slices].mby_start = s->mb_height + 1 >> 1; ++ n_slices1 = n_slices - 1; // index of the last slice of the first field ++ n_slices++; ++ break; ++@@ -5892,7 +5892,7 @@ static int vc1_decode_frame(AVCodecContext *avctx, void *data, ++ buf_size3 = vc1_unescape_buffer(divider + 4, buf + buf_size - divider - 4, slices[n_slices].buf); ++ init_get_bits(&slices[n_slices].gb, slices[n_slices].buf, ++ buf_size3 << 3); ++- slices[n_slices].mby_start = s->mb_height >> 1; +++ slices[n_slices].mby_start = s->mb_height + 1 >> 1; ++ n_slices1 = n_slices - 1; ++ n_slices++; ++ } diff --cc debian/patches/CVE-2017-7863.patch index 0000000,0000000..0623e6a new file mode 100644 --- /dev/null +++ b/debian/patches/CVE-2017-7863.patch @@@ -1,0 -1,0 +1,36 @@@ ++From e477f09d0b3619f3d29173b2cd593e17e2d1978e Mon Sep 17 00:00:00 2001 ++From: Michael Niedermayer ++Date: Sat, 4 Feb 2017 12:24:14 +0100 ++Subject: [PATCH] avcodec/pngdec: Check trns more completely ++ ++Fixes out of array access ++Fixes: 546/clusterfuzz-testcase-4809433909559296 ++ ++Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg ++Signed-off-by: Michael Niedermayer ++ ++[sunweaver] ported to libav in Debian jessie LTS (which only supports palette based transparency). ++ ++--- ++ libavcodec/pngdec.c | 15 ++++++++++++++- ++ 1 file changed, 14 insertions(+), 1 deletion(-) ++ ++--- a/libavcodec/pngdec.c +++++ b/libavcodec/pngdec.c ++@@ -592,6 +592,16 @@ ++ { ++ int v, i; ++ +++ if (!(s->state & PNG_IHDR)) { +++ av_log(avctx, AV_LOG_ERROR, "trns before IHDR\n"); +++ return AVERROR_INVALIDDATA; +++ } +++ +++ if (s->state & PNG_IDAT) { +++ av_log(avctx, AV_LOG_ERROR, "trns after IDAT\n"); +++ return AVERROR_INVALIDDATA; +++ } +++ ++ /* read the transparency. XXX: Only palette mode supported */ ++ if (s->color_type != PNG_COLOR_TYPE_PALETTE || ++ length > 256 || diff --cc debian/patches/CVE-2017-7865.patch index 0000000,0000000..32f5e36 new file mode 100644 --- /dev/null +++ b/debian/patches/CVE-2017-7865.patch @@@ -1,0 -1,0 +1,37 @@@ ++From 2080bc33717955a0e4268e738acf8c1eeddbf8cb Mon Sep 17 00:00:00 2001 ++From: Michael Niedermayer ++Date: Wed, 25 Jan 2017 00:20:19 +0100 ++Subject: [PATCH] avcodec/utils: correct align value for interplay ++ ++Fixes out of array access ++Fixes: 452/fuzz-1-ffmpeg_VIDEO_AV_CODEC_ID_INTERPLAY_VIDEO_fuzzer ++ ++Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg ++Signed-off-by: Michael Niedermayer ++--- ++ libavcodec/utils.c | 7 ++++++- ++ 1 file changed, 6 insertions(+), 1 deletion(-) ++ ++--- a/libavcodec/utils.c +++++ b/libavcodec/utils.c ++@@ -247,6 +247,10 @@ ++ w_align = 4; ++ h_align = 4; ++ } +++ if (s->codec_id == AV_CODEC_ID_INTERPLAY_VIDEO) { +++ w_align = 8; +++ h_align = 8; +++ } ++ case AV_PIX_FMT_PAL8: ++ case AV_PIX_FMT_BGR8: ++ case AV_PIX_FMT_RGB8: ++@@ -254,7 +258,8 @@ ++ w_align = 4; ++ h_align = 4; ++ } ++- if (s->codec_id == AV_CODEC_ID_JV) { +++ if (s->codec_id == AV_CODEC_ID_JV || +++ s->codec_id == AV_CODEC_ID_INTERPLAY_VIDEO) { ++ w_align = 8; ++ h_align = 8; ++ } diff --cc debian/patches/CVE-2017-9993.patch index 0000000,0000000..ad2b2b6 new file mode 100644 --- /dev/null +++ b/debian/patches/CVE-2017-9993.patch @@@ -1,0 -1,0 +1,23 @@@ ++From: Markus Koschany ++Date: Sun, 30 Dec 2018 16:57:18 +0100 ++Subject: CVE-2017-9993 ++ ++Origin: https://github.com/FFmpeg/FFmpeg/commit/a5d849b149ca67ced2d271dc84db0bc95a548abb ++--- ++ libavformat/avidec.c | 3 +++ ++ 1 file changed, 3 insertions(+) ++ ++diff --git a/libavformat/avidec.c b/libavformat/avidec.c ++index 928bbaa..713f822 100644 ++--- a/libavformat/avidec.c +++++ b/libavformat/avidec.c ++@@ -870,6 +870,9 @@ static int read_gab2_sub(AVStream *st, AVPacket *pkt) ++ if (!(sub_demuxer = av_probe_input_format2(&pd, 1, &score))) ++ goto error; ++ +++ if (strcmp(sub_demuxer->name, "srt") && strcmp(sub_demuxer->name, "ass")) +++ goto error; +++ ++ if (!(ast->sub_ctx = avformat_alloc_context())) ++ goto error; ++ diff --cc debian/patches/CVE-2017-9994.patch index 0000000,0000000..e96096f new file mode 100644 --- /dev/null +++ b/debian/patches/CVE-2017-9994.patch @@@ -1,0 -1,0 +1,46 @@@ ++From: Markus Koschany ++Date: Sun, 30 Dec 2018 16:54:59 +0100 ++Subject: CVE-2017-9994 ++ ++Origin: https://github.com/FFmpeg/FFmpeg/commit/6b5d3fb26fb4be48e4966e4b1d97c2165538d4ef ++--- ++ libavcodec/vp8.c | 3 +++ ++ libavcodec/webp.c | 3 +-- ++ 2 files changed, 4 insertions(+), 2 deletions(-) ++ ++diff --git a/libavcodec/vp8.c b/libavcodec/vp8.c ++index 08b72c9..9c55f5d 100644 ++--- a/libavcodec/vp8.c +++++ b/libavcodec/vp8.c ++@@ -32,6 +32,7 @@ ++ #include "thread.h" ++ #include "vp8.h" ++ #include "vp8data.h" +++#include "libavutil/avassert.h" ++ ++ #if ARCH_ARM ++ # include "arm/vp8.h" ++@@ -2463,6 +2464,8 @@ int vp78_decode_frame(AVCodecContext *avctx, void *data, int *got_frame, ++ enum AVDiscard skip_thresh; ++ VP8Frame *av_uninit(curframe), *prev_frame; ++ +++ av_assert0(avctx->pix_fmt == AV_PIX_FMT_YUVA420P || avctx->pix_fmt == AV_PIX_FMT_YUV420P); +++ ++ if (is_vp7) ++ ret = vp7_decode_frame_header(s, avpkt->data, avpkt->size); ++ else ++diff --git a/libavcodec/webp.c b/libavcodec/webp.c ++index 4138e54..c167537 100644 ++--- a/libavcodec/webp.c +++++ b/libavcodec/webp.c ++@@ -1304,9 +1304,8 @@ static int vp8_lossy_decode_frame(AVCodecContext *avctx, AVFrame *p, ++ if (!s->initialized) { ++ ff_vp8_decode_init(avctx); ++ s->initialized = 1; ++- if (s->has_alpha) ++- avctx->pix_fmt = AV_PIX_FMT_YUVA420P; ++ } +++ avctx->pix_fmt = s->has_alpha ? AV_PIX_FMT_YUVA420P : AV_PIX_FMT_YUV420P; ++ s->lossless = 0; ++ ++ if (data_size > INT_MAX) { diff --cc debian/patches/CVE-2018-14394.patch index 0000000,0000000..bc41e39 new file mode 100644 --- /dev/null +++ b/debian/patches/CVE-2018-14394.patch @@@ -1,0 -1,0 +1,25 @@@ ++From: Markus Koschany ++Date: Sun, 30 Dec 2018 16:51:20 +0100 ++Subject: CVE-2018-14394 ++ ++Origin: https://github.com/FFmpeg/FFmpeg/commit/3a2d21bc5f97aa0161db3ae731fc2732be6108b8 ++--- ++ libavformat/movenc.c | 5 +++++ ++ 1 file changed, 5 insertions(+) ++ ++diff --git a/libavformat/movenc.c b/libavformat/movenc.c ++index e48a363..6d99a0a 100644 ++--- a/libavformat/movenc.c +++++ b/libavformat/movenc.c ++@@ -3033,6 +3033,11 @@ int ff_mov_write_packet(AVFormatContext *s, AVPacket *pkt) ++ else ++ samples_in_chunk = 1; ++ +++ if (samples_in_chunk < 1) { +++ av_log(s, AV_LOG_ERROR, "fatal error, input packet contains no samples\n"); +++ return AVERROR_PATCHWELCOME; +++ } +++ ++ /* copy extradata if it exists */ ++ if (trk->vos_len == 0 && enc->extradata_size > 0) { ++ trk->vos_len = enc->extradata_size; diff --cc debian/patches/CVE-2018-1999010.patch index 0000000,0000000..35fced6 new file mode 100644 --- /dev/null +++ b/debian/patches/CVE-2018-1999010.patch @@@ -1,0 -1,0 +1,69 @@@ ++From: Markus Koschany ++Date: Sun, 30 Dec 2018 16:39:05 +0100 ++Subject: CVE-2018-1999010 ++ ++Origin: https://github.com/FFmpeg/FFmpeg/commit/cced03dd667a5df6df8fd40d8de0bff477ee02e ++--- ++ libavformat/mms.c | 42 ++++++++++++++++++++++++++---------------- ++ 1 file changed, 26 insertions(+), 16 deletions(-) ++ ++diff --git a/libavformat/mms.c b/libavformat/mms.c ++index fb16a3c..787edf1 100644 ++--- a/libavformat/mms.c +++++ b/libavformat/mms.c ++@@ -94,22 +94,26 @@ int ff_mms_asf_header_parser(MMSContext *mms) ++ } ++ } ++ } else if (!memcmp(p, ff_asf_stream_header, sizeof(ff_asf_guid))) { ++- flags = AV_RL16(p + sizeof(ff_asf_guid)*3 + 24); ++- stream_id = flags & 0x7F; ++- //The second condition is for checking CS_PKT_STREAM_ID_REQUEST packet size, ++- //we can calcuate the packet size by stream_num. ++- //Please see function send_stream_selection_request(). ++- if (mms->stream_num < MMS_MAX_STREAMS && ++- 46 + mms->stream_num * 6 < sizeof(mms->out_buffer)) { ++- mms->streams = av_fast_realloc(mms->streams, ++- &mms->nb_streams_allocated, ++- (mms->stream_num + 1) * sizeof(MMSStream)); ++- mms->streams[mms->stream_num].id = stream_id; ++- mms->stream_num++; ++- } else { ++- av_log(NULL, AV_LOG_ERROR, ++- "Corrupt stream (too many A/V streams)\n"); ++- return AVERROR_INVALIDDATA; +++ if (end - p >= (sizeof(ff_asf_guid) * 3 + 26)) { +++ flags = AV_RL16(p + sizeof(ff_asf_guid)*3 + 24); +++ stream_id = flags & 0x7F; +++ //The second condition is for checking CS_PKT_STREAM_ID_REQUEST packet size, +++ //we can calculate the packet size by stream_num. +++ //Please see function send_stream_selection_request(). +++ if (mms->stream_num < MMS_MAX_STREAMS && +++ 46 + mms->stream_num * 6 < sizeof(mms->out_buffer)) { +++ mms->streams = av_fast_realloc(mms->streams, +++ &mms->nb_streams_allocated, +++ (mms->stream_num + 1) * sizeof(MMSStream)); +++ if (!mms->streams) +++ return AVERROR(ENOMEM); +++ mms->streams[mms->stream_num].id = stream_id; +++ mms->stream_num++; +++ } else { +++ av_log(NULL, AV_LOG_ERROR, +++ "Corrupt stream (too many A/V streams)\n"); +++ return AVERROR_INVALIDDATA; +++ } ++ } ++ } else if (!memcmp(p, ff_asf_ext_stream_header, sizeof(ff_asf_guid))) { ++ if (end - p >= 88) { ++@@ -141,6 +145,12 @@ int ff_mms_asf_header_parser(MMSContext *mms) ++ } ++ } else if (!memcmp(p, ff_asf_head1_guid, sizeof(ff_asf_guid))) { ++ chunksize = 46; // see references [2] section 3.4. This should be set 46. +++ if (chunksize > end - p) { +++ av_log(NULL, AV_LOG_ERROR, +++ "Corrupt stream (header chunksize %"PRId64" is invalid)\n", +++ chunksize); +++ return AVERROR_INVALIDDATA; +++ } ++ } ++ p += chunksize; ++ } diff --cc debian/patches/CVE-2018-6621.patch index 0000000,0000000..e275722 new file mode 100644 --- /dev/null +++ b/debian/patches/CVE-2018-6621.patch @@@ -1,0 -1,0 +1,22 @@@ ++From: Markus Koschany ++Date: Sun, 6 Jan 2019 16:05:17 +0100 ++Subject: CVE-2018-6621 ++ ++Origin: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/118e1b0b3370dd1c0da442901b486689efd1654b ++--- ++ libavcodec/utvideodec.c | 2 +- ++ 1 file changed, 1 insertion(+), 1 deletion(-) ++ ++diff --git a/libavcodec/utvideodec.c b/libavcodec/utvideodec.c ++index 553f45d..63556b8 100644 ++--- a/libavcodec/utvideodec.c +++++ b/libavcodec/utvideodec.c ++@@ -362,7 +362,7 @@ static int decode_frame(AVCodecContext *avctx, void *data, int *got_frame, ++ slice_end = bytestream2_get_le32u(&gb); ++ slice_size = slice_end - slice_start; ++ if (slice_end < 0 || slice_size < 0 || ++- bytestream2_get_bytes_left(&gb) < slice_end) { +++ bytestream2_get_bytes_left(&gb) < slice_end + 1024LL) { ++ av_log(avctx, AV_LOG_ERROR, "Incorrect slice size\n"); ++ return AVERROR_INVALIDDATA; ++ } diff --cc debian/patches/CVE-2018-7557.patch index 0000000,0000000..d4a821a new file mode 100644 --- /dev/null +++ b/debian/patches/CVE-2018-7557.patch @@@ -1,0 -1,0 +1,43 @@@ ++From: Markus Koschany ++Date: Sun, 30 Dec 2018 15:14:44 +0100 ++Subject: CVE-2018-7557 ++ ++Origin: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/7414d0bda7763f9bd69c26c068e482ab297c1c96 ++--- ++ libavcodec/utvideodec.c | 9 +++++++++ ++ 1 file changed, 9 insertions(+) ++ ++diff --git a/libavcodec/utvideodec.c b/libavcodec/utvideodec.c ++index bb8c7aa..553f45d 100644 ++--- a/libavcodec/utvideodec.c +++++ b/libavcodec/utvideodec.c ++@@ -28,6 +28,7 @@ ++ #include ++ ++ #include "libavutil/intreadwrite.h" +++#include "libavutil/pixdesc.h" ++ #include "avcodec.h" ++ #include "bswapdsp.h" ++ #include "bytestream.h" ++@@ -477,6 +478,7 @@ static int decode_frame(AVCodecContext *avctx, void *data, int *got_frame, ++ static av_cold int decode_init(AVCodecContext *avctx) ++ { ++ UtvideoContext * const c = avctx->priv_data; +++ int h_shift, v_shift; ++ ++ c->avctx = avctx; ++ ++@@ -541,6 +543,13 @@ static av_cold int decode_init(AVCodecContext *avctx) ++ return AVERROR_INVALIDDATA; ++ } ++ +++ av_pix_fmt_get_chroma_sub_sample(avctx->pix_fmt, &h_shift, &v_shift); +++ if ((avctx->width & ((1<height & ((1< ++Date: Sun, 30 Dec 2018 12:12:16 +0100 ++Subject: avio_feof ++ ++This function is needed for several of the CVE-2017-140xx flaws. ++--- ++ libavformat/avio.h | 2 ++ ++ libavformat/aviobuf.c | 11 +++++++++++ ++ 2 files changed, 13 insertions(+) ++ ++diff --git a/libavformat/avio.h b/libavformat/avio.h ++index 3360e82..7669132 100644 ++--- a/libavformat/avio.h +++++ b/libavformat/avio.h ++@@ -227,6 +227,8 @@ static av_always_inline int64_t avio_tell(AVIOContext *s) ++ */ ++ int64_t avio_size(AVIOContext *s); ++ +++int avio_feof(AVIOContext *s); +++ ++ /** @warning currently size is limited */ ++ int avio_printf(AVIOContext *s, const char *fmt, ...) av_printf_format(2, 3); ++ ++diff --git a/libavformat/aviobuf.c b/libavformat/aviobuf.c ++index 6923b78..17b8300 100644 ++--- a/libavformat/aviobuf.c +++++ b/libavformat/aviobuf.c ++@@ -257,6 +257,17 @@ int64_t avio_size(AVIOContext *s) ++ return size; ++ } ++ +++int avio_feof(AVIOContext *s) +++{ +++ if(!s) +++ return 0; +++ if(s->eof_reached){ +++ s->eof_reached=0; +++ fill_buffer(s); +++ } +++ return s->eof_reached; +++} +++ ++ void avio_wl32(AVIOContext *s, unsigned int val) ++ { ++ avio_w8(s, val); diff --cc debian/patches/series index 0000000,0000000..cc437eb new file mode 100644 --- /dev/null +++ b/debian/patches/series @@@ -1,0 -1,0 +1,45 @@@ ++02-configure-disable-ebx-gcc-4.9.patch ++03-disable-configuration-warnings.patch ++CVE-2015-6761.patch ++CVE-2014-9317.patch ++CVE-2015-6818.patch ++CVE-2015-6820.patch ++CVE-2015-6821.patch ++CVE-2015-6822.patch ++CVE-2015-6823.patch ++CVE-2015-6824.patch ++CVE-2015-6825.patch ++CVE-2015-6826.patch ++CVE-2015-8216.patch ++CVE-2015-8217.patch ++CVE-2015-8363.patch ++CVE-2015-8364.patch ++CVE-2015-8661.patch ++CVE-2015-8662.patch ++CVE-2015-8663.patch ++CVE-2016-10190-pre1-3668701f.patch ++CVE-2016-10190-pre2-362c17e6.patch ++CVE-2016-10190-pre3-strtoull.patch ++CVE-2016-10190.patch ++CVE-2016-10191.patch ++CVE-2018-7557.patch ++CVE-2018-6621.patch ++CVE-2018-1999010.patch ++CVE-2018-14394.patch ++CVE-2017-9994.patch ++CVE-2017-9993.patch ++CVE-2017-17130.patch ++CVE-2017-15672.patch ++CVE-2017-14767.patch ++CVE-2017-14055.patch ++CVE-2017-14056.patch ++CVE-2017-14170.patch ++CVE-2017-14171.patch ++avio_feof.patch ++CVE-2017-14057.patch ++CVE-2015-1207.patch ++CVE-2017-14169.patch ++CVE-2017-14223.patch ++CVE-2017-7863.patch ++CVE-2014-8542.patch ++CVE-2017-7865.patch diff --cc debian/qt-faststart.1 index 0000000,0000000..b78da3d new file mode 100644 --- /dev/null +++ b/debian/qt-faststart.1 @@@ -1,0 -1,0 +1,36 @@@ ++.\" Hey, EMACS: -*- nroff -*- ++.\" First parameter, NAME, should be all caps ++.\" Second parameter, SECTION, should be 1-8, maybe w/ subsection ++.\" other parameters are allowed: see man(7), man(1) ++.TH QT-FASTSTART 1 "May 10, 2009" ++.\" Please adjust this date whenever revising the manpage. ++.\" ++.\" Some roff macros, for reference: ++.\" .nh disable hyphenation ++.\" .hy enable hyphenation ++.\" .ad l left justify ++.\" .ad b justify to both left and right margins ++.\" .nf disable filling ++.\" .fi enable filling ++.\" .br insert line break ++.\" .sp insert n+1 empty lines ++.\" for manpage-specific macros, see man(7) ++.SH NAME ++qt-faststart \- utility for Quicktime files ++.SH SYNOPSIS ++.B qt-faststart ++.br ++.SH DESCRIPTION ++\fBqt-faststart\fP is a utility that rearranges a Quicktime file such that the ++moov atom is in front of the data, thus facilitating network streaming. ++.SH OPTIONS ++Options processed by the executable: ++.TP ++\fB\\fR ++The source Quicktime file. ++.TP ++\fB\\fR ++The destination Quicktime file. ++.SH AUTHOR ++This manual page was written by Andres Mejia ++for the Debian GNU/Linux system, but may be used by others. diff --cc debian/rebuild-scripts/README index 0000000,0000000..db98823 new file mode 100644 --- /dev/null +++ b/debian/rebuild-scripts/README @@@ -1,0 -1,0 +1,35 @@@ ++The scripts in this folder may be helpful for doing mass rebuilds. ++ ++How to use: ++ ++1. Upload the new Libav upstream release to experimental, make sure your ++ mirror has it available. ++ ++1. Copy this folder to a temporary directory with lots of ++ storage. (e.g., /srv/scratch/libav_rebuilds) ++ ++2. Identify all packages you need to rebuild either using grep-dctrl(1), ++ or by scraping the Debian release tracker at ++ https://release.debian.org/transitions/. List all packages in a file ++ "packages.txt" ++ ++3. Review and adjust the dependencies and chroot names in ++ git_experimental_source ++ ++4. Execute "./do_all_safe" ++ ++Discussion: ++ ++git_experimental_source will use the schroot chroot to download the ++source package from debian/experimental in a subdirectory with the ++package name. It also places a script called "build.sh" with an schroot ++invocation that makes sure you have the libav packages from experimental ++in your build.sh chroot avaialable. do_all_safe iterates over the ++package list, download packages that have not been downloaded yet and ++executes the generated $package/build.sh script. ++ ++If a build breaks, the idea is to go into that directory, and work on a ++patch to fix the problem. To start over, just delete the directory and ++call do_all_safe again. ++ ++August 2014, Reinhard Tartler diff --cc debian/rebuild-scripts/do_all_safe index 0000000,0000000..954533d new file mode 100755 --- /dev/null +++ b/debian/rebuild-scripts/do_all_safe @@@ -1,0 -1,0 +1,28 @@@ ++#!/bin/sh ++ ++#!/bin/sh ++# ++# Copyright 2014, Reinhard Tartler ++# ++# These helper script is free software; you can redistribute it and/or ++# modify it under the terms of the GNU General Public License as ++# published by the Free Software Foundation; either version 2 of the ++# License, or (at your option) any later version. ++# ++# This script is distributed in the hope that it will be useful, but ++# WITHOUT ANY WARRANTY; without even the implied warranty of ++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++# General Public License for more details. ++# ++ ++set -ex ++ ++for package in `cat packages.txt`; do ++ if [ ! -d $package ]; then ++ echo "Rebuilding $package" ++ ./git_experimental_source $package ++ ./$package/build.sh || true ++ else ++ echo "Skipping $package" ++ fi ++done diff --cc debian/rebuild-scripts/git_experimental_source index 0000000,0000000..8dc233c new file mode 100755 --- /dev/null +++ b/debian/rebuild-scripts/git_experimental_source @@@ -1,0 -1,0 +1,51 @@@ ++#!/bin/sh ++# ++# Copyright 2014, Reinhard Tartler ++# ++# These helper script is free software; you can redistribute it and/or ++# modify it under the terms of the GNU General Public License as ++# published by the Free Software Foundation; either version 2 of the ++# License, or (at your option) any later version. ++# ++# This script is distributed in the hope that it will be useful, but ++# WITHOUT ANY WARRANTY; without even the implied warranty of ++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++# General Public License for more details. ++# ++ ++set -e ++ ++packagename=$1 ++basedir=$(readlink -f `dirname $0`) ++ ++if [ -z "$packagename" ]; then ++ echo "usage $0 packagename" ++ exit 1 ++fi ++ ++rm -rf $basedir/$packagename ++mkdir -p $basedir/$packagename ++ ++cd $basedir/$packagename ++ ++schroot -c experimental-amd64-sbuild -- apt-get source -d -t experimental $packagename ++package=`ls *.dsc` ++ ++cat < build.sh ++#!/bin/sh ++ ++cd $PWD ++sbuild -A -dexperimental --build-dep-resolver=aptitude \ ++ --make-binNMU="rebuild against libav11" --binNMU=+42 \ ++ --add-depends "libavformat-dev (>> 6:11~~)" \ ++ --add-depends "libavcodec-dev (>> 6:11~~)" \ ++ --add-depends "libavfilter-dev (>> 6:11~~)" \ ++ --add-depends "libavresample-dev (>> 6:11~~)" \ ++ --add-depends "libavdevice-dev (>> 6:11~~)" \ ++ --add-depends "libswscale-dev (>> 6:11~~)" \ ++ --add-depends "libavutil-dev (>> 6:11~~)" \ ++ "\$@" \ ++ $package ++EOF ++ ++chmod +x build.sh diff --cc debian/rules index 0000000,0000000..72227f5 new file mode 100755 --- /dev/null +++ b/debian/rules @@@ -1,0 -1,0 +1,207 @@@ ++#!/usr/bin/make -f ++ ++EPOCH=6: ++DEB_SOURCE := $(shell dpkg-parsechangelog | sed -n 's/^Source: //p') ++DEB_VERSION := $(shell dpkg-parsechangelog | sed -n 's/^Version: //p') ++UPSTREAM_VERSION := $(shell echo $(DEB_VERSION) | sed -r 's/[^:]+://; s/-[^-]+$$//') ++SHLIBS_VERSION := $(EPOCH)11~beta1 ++ ++# The libavcodec-extra package is necessary because it links against ++# libraries that are GPLv3 licensed. Make sure that you do not link ++# GPLv2 only applications against the libavcodec-extra flavor! ++# ++# Because of the lack of archive skew problems, only libavcodec produces ++# an -extra variant. ++ ++VENDOR := Debian ++# these package do not build -extra variants ++LIB_PKGS := $(shell sed -nr 's/^Package:[[:space:]]*(lib(avutil|avdevice|avformat|avfilter|avresample|swscale)[0-9]+)[[:space:]]*$$/\1/p' debian/control) ++# these packages do build -extra variants ++LIB_PKGS2 := $(shell sed -nr 's/^Package:[[:space:]]*(libavcodec[0-9]+)[[:space:]]*$$/\1/p' debian/control) ++# these packages are the -extra- variants ++LIB_EXTRA_PKGS := $(shell sed -nr 's/^Package:[[:space:]]*(libavcodec-extra-[0-9]+)[[:space:]]*$$/\1/p' debian/control) ++ ++ ++# these are the -dev packages ++DEV_PKGS := $(shell echo $(LIB_PKGS) $(LIB_PKGS2) | sed 's/[0-9]\+\>/-dev/g') ++ ++# Support multiple makes at once ++ifneq (,$(filter parallel=%,$(DEB_BUILD_OPTIONS))) ++NUMJOBS = -j$(patsubst parallel=%,%,$(filter parallel=%,$(DEB_BUILD_OPTIONS))) ++else ++# on i386 and amd64, we query the system unless overriden by DEB_BUILD_OPTIONS ++ifeq ($(DEB_HOST_ARCH),i386) ++NUMJOBS := -j$(shell getconf _NPROCESSORS_ONLN 2>/dev/null || echo 1) ++else ifeq ($(DEB_HOST_ARCH),amd64) ++NUMJOBS := -j$(shell getconf _NPROCESSORS_ONLN 2>/dev/null || echo 1) ++endif ++endif ++ ++include debian/confflags ++OPT_FLAVORS := $(filter-out static shared, $(FLAVORS)) ++ ++info: ++ @echo Packages that do not build -extra variants: $(LIB_PKGS) ++ @echo Packages that do build -extra variatnts: $(LIB_PKGS2) ++ @echo Packages that are the -extra- variants: $(LIB_EXTRA_PKGS) ++ ++$(info FLAVORS = $(FLAVORS)) ++$(info DEB_BUILD_OPTIONS = $(DEB_BUILD_OPTIONS)) ++$(info CFLAGS = $(CFLAGS)) ++$(info CPPFLAGS = $(CPPFLAGS)) ++$(info LDFLAGS = $(LDFLAGS)) ++ ++define dh_install_file_opt_flavor ++ grep @DEB_HOST_MULTIARCH_OPT@ < $(1).in | \ ++ sed 's:@DEB_HOST_MULTIARCH_OPT@:$(DEB_HOST_MULTIARCH)/$($(2)_shlibdir):g' >> $(1) ++ ++endef ++ ++DH_INSTALL_FILES := $(foreach pkg, $(LIB_PKGS) $(LIB_PKGS2) $(LIB_EXTRA_PKGS) $(DEV_PKGS), debian/$(pkg).install) ++$(DH_INSTALL_FILES): ++ sed 's/@DEB_HOST_MULTIARCH\(_OPT\)\?@/$(DEB_HOST_MULTIARCH)/g' $@.in > $@ ++ $(foreach opt_flavor,$(OPT_FLAVORS),$(call dh_install_file_opt_flavor,$@,$(opt_flavor))) ++ ++configure-%: configure-stamp-% ++configure-stamp-%: configure ++ dh_testdir ++ mkdir -p debian-$* ++ cd debian-$* && CFLAGS="$(CFLAGS)" CPPFLAGS="$(CPPFLAGS)" LDFLAGS="$(LDFLAGS)" $(CURDIR)/configure \ ++ $($*_build_confflags) $(extra_$*_build_confflags) ++ touch $@ ++configure-extra-stamp-%: ++ dh_testdir ++ mkdir -p debian-extra-$* ++ cd debian-extra-$* && CFLAGS="$(CFLAGS)" CPPFLAGS="$(CPPFLAGS)" LDFLAGS="$(LDFLAGS)" $(CURDIR)/configure \ ++ $($*_build_confflags) $(v3_confflags) $(extra_$*_build_confflags) ++ touch $@ ++ ++build-%: build-stamp-% ++build-stamp-%: configure-stamp-% ++ dh_testdir ++ $(MAKE) -C debian-$* $(NUMJOBS) V=1 ++ touch $@ ++build-extra-stamp-%: configure-extra-stamp-% ++ dh_testdir ++ $(MAKE) -C debian-extra-$* $(NUMJOBS) V=1 ++ touch $@ ++ ++debian-shared/tools/qt-faststart: build-stamp-shared ++ $(MAKE) -C debian-shared tools/qt-faststart V=1 ++ ++build: build-stamp build-extra ++build-stamp: $(addprefix build-stamp-, $(FLAVORS)) debian-shared/tools/qt-faststart ++ touch $@ ++build-extra: $(addprefix build-extra-stamp-, $(filter-out static,$(FLAVORS))) ++ touch $@ ++ ++clean: ++ dh_testdir ++ rm -f build-stamp build-extra $(addprefix build-stamp-, $(FLAVORS)) \ ++ $(addprefix build-extra-stamp-, $(FLAVORS)) \ ++ $(addprefix configure-stamp-, $(FLAVORS)) \ ++ $(addprefix configure-extra-stamp-, $(FLAVORS)) \ ++ build-doxy-stamp ++ rm -rf libav/ # created by the libav-extra variant ++ rm -rf $(addprefix debian-, $(FLAVORS)) \ ++ $(addprefix debian-extra-, $(FLAVORS)) doxy ++ dh_clean $(DH_INSTALL_FILES) $(wildcard formats*.txt) $(wildcard codecs*.txt) ++ ++# The trailing newline is important! ++define install_flavor ++ $(MAKE) -C debian-$(1) install DESTDIR=$(CURDIR)/debian/tmp \ ++ mandir=$(CURDIR)/debian/tmp/usr/share/man ++ ++endef ++ ++# The trailing newline is important! ++define install_flavor_extra ++ $(MAKE) -C debian-extra-$(1) install DESTDIR=$(CURDIR)/debian/tmp/extra \ ++ mandir=$(CURDIR)/debian/tmp/usr/share/man ++ ++endef ++ ++# usage $(call call_and_install_avconv_dump,$package,$parameter), paramter like "codecs" or "formats" ++define call_and_install_avconv_dump ++ mkdir -p debian/$(1)/usr/share/doc/$(1) ++ env LD_LIBRARY_PATH="$(CURDIR)/debian/$(1)/usr/lib/$(DEB_HOST_MULTIARCH):$(CURDIR)/debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH):$(LD_LIBRARY_PATH)" \ ++ debian/tmp/usr/bin/avconv -$(2) > debian/$(1)/usr/share/doc/$(1)/$(2)-$(DEB_HOST_ARCH).txt ++ cat debian/$(1)/usr/share/doc/$(1)/$(2)-$(DEB_HOST_ARCH).txt ++ ++endef ++ ++# installs arch-dependent files only ++install: build $(DH_INSTALL_FILES) ++ dh_testdir ++ dh_testroot ++ dh_prep -a ++ $(foreach flavor,$(FLAVORS),$(call install_flavor,$(flavor))) ++ mkdir -p debian/tmp/etc ++ install -m 755 -D debian-shared/tools/qt-faststart debian/tmp/usr/bin/qt-faststart ++ dh_install $(addprefix -N,$(LIB_EXTRA_PKGS)) \ ++ --fail-missing --sourcedir=debian/tmp ++ dh_installdocs -a doc/APIchanges ++ install -m 644 -D debian-shared/doc/*.html doc/t2h.init debian/libav-tools/usr/share/doc/libav-tools ++ dh_installexamples -a ++ dh_installchangelogs -a Changelog ++ $(foreach flavor,$(filter-out static,$(FLAVORS)),$(call install_flavor_extra,$(flavor))) ++ dh_install $(addprefix -p,$(LIB_EXTRA_PKGS)) --fail-missing \ ++ --sourcedir=debian/tmp/extra ++ $(call call_and_install_avconv_dump,libavformat56,formats) ++ $(call call_and_install_avconv_dump,libavcodec56,codecs) ++ $(call call_and_install_avconv_dump,libavcodec-extra-56,codecs) ++ ++binary-indep: ++ dh_testdir ++ dh_testroot ++ dh_prep -i ++ doxygen doc/Doxyfile ++ mkdir -p debian/libav-doc/usr/share/doc/libav-doc ++ mv -v doc/doxy/html debian/libav-doc/usr/share/doc/libav-doc ++ dh_installdocs -i ++ dh_installchangelogs -i ++ dh_compress -i ++ dh_fixperms -i ++ dh_installdeb -i ++ dh_gencontrol -i ++ dh_md5sums -i ++ dh_builddeb -i -- -Zxz ++ ++binary-arch: build install ++ dh_testdir ++ dh_testroot ++ dh_installman -plibav-tools debian/qt-faststart.1 ++ dh_strip -a --dbg-package=libav-dbg ++ dh_lintian -a ++ dh_link -a ++ dh_compress -a ++ dh_fixperms -a ++ ++ # operate on non -extra package producing packages ++ for pkg in $(LIB_PKGS); do \ ++ dh_makeshlibs -p"$$pkg" -V"$$pkg (>= $(SHLIBS_VERSION))"; \ ++ done ++ # operate e.g. the -extra- packages, produce shlibs that have alternative dependencies ++ for pkg in $(LIB_EXTRA_PKGS); do \ ++ npkg=$$(echo "$$pkg" | sed -r 's/-extra-//'); \ ++ dh_makeshlibs -p"$$pkg" -V"$$npkg (>= $(SHLIBS_VERSION)) | $$pkg (>= $(EPOCH)$(UPSTREAM_VERSION))"; \ ++ done ++ # operate on packages with -extra- variants such as libavcodec54 - produce shlibs that have alternative dependencies ++ for pkg in $(LIB_PKGS2); do \ ++ upkg=$$(echo "$$pkg" | sed -r 's/([0-9]+)$$/-extra-\1/'); \ ++ dh_makeshlibs -p"$$pkg" -V"$$pkg (>= $(SHLIBS_VERSION)) | $$upkg (>= $(EPOCH)$(UPSTREAM_VERSION))"; \ ++ done ++ dh_shlibdeps ++ dh_installdeb -a ++ dh_gencontrol -a ++ dh_md5sums -a ++ dh_builddeb -a -- -Zxz ++ ++binary: binary-indep binary-arch ++ ++.PHONY: build $(addprefix build-, $(FLAVORS)) \ ++ clean \ ++ $(addprefix configure-, $(FLAVORS)) \ ++ binary binary-indep binary-arch \ ++ install install-common install-extra \ ++ get-orig-source diff --cc debian/source/format index 0000000,0000000..163aaf8 new file mode 100644 --- /dev/null +++ b/debian/source/format @@@ -1,0 -1,0 +1,1 @@@ ++3.0 (quilt) diff --cc debian/source/include-binaries index 0000000,0000000..95a390b new file mode 100644 --- /dev/null +++ b/debian/source/include-binaries @@@ -1,0 -1,0 +1,1 @@@ ++debian/upstream-signing-key.pgp diff --cc debian/source/lintian-overrides index 0000000,0000000..91f4401 new file mode 100644 --- /dev/null +++ b/debian/source/lintian-overrides @@@ -1,0 -1,0 +1,2 @@@ ++# ffmpeg-dbg is an empty, transitional package ++libav source: dbg-package-missing-depends ffmpeg-dbg diff --cc debian/upstream-signing-key.pgp index 0000000,0000000..82ee026 new file mode 100644 Binary files differ diff --cc debian/watch index 0000000,0000000..0e3dce5 new file mode 100644 --- /dev/null +++ b/debian/watch @@@ -1,0 -1,0 +1,3 @@@ ++version=3 ++opts="uversionmangle=s/_/~/i,pgpsigurlmangle=s/$/.asc/" \ ++http://libav.org/releases/libav-([\d\.]+)\.tar\.xz