diff options
| author | Derek Buitenhuis <derek.buitenhuis@gmail.com> | 2012-06-08 15:20:14 -0400 |
|---|---|---|
| committer | Derek Buitenhuis <derek.buitenhuis@gmail.com> | 2012-06-08 15:20:14 -0400 |
| commit | 888cee659ebb23e8a8d3909521c1c287f934149b (patch) | |
| tree | c48ff919157608b8c4d7c0221cc505096cd4002b | |
| parent | 4451f9ae169534999c64b77cccc5cf2976832660 (diff) | |
| download | ffmpeg-888cee659ebb23e8a8d3909521c1c287f934149b.tar.gz | |
Update changelog for 0.6.6 release
Signed-off-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
| -rw-r--r-- | Changelog | 35 |
1 files changed, 35 insertions, 0 deletions
@@ -1,6 +1,41 @@ Entries are sorted chronologically from oldest to youngest within each release, releases are sorted from youngest to oldest. +version 0.6.6: +- id3v2: fix skipping extended header in id3v2.4 +- nsvdec: Fix use of uninitialized streams +- nsvdec: Be more careful with av_malloc() +- nsvdec: Propagate errors +- dv: check stype +- dv: Fix null pointer dereference due to ach=0 +- dv: Fix small stack overread related to CVE-2011-3929 and CVE-2011-3936. +- atrac3: Fix crash in tonal component decoding +- mjpegbdec: Fix overflow in SOS +- kgv1dec: Increase offsets array size so it is large enough +- motionpixels: decode only the 111 complete frames for fate +- motionpixels: Clip YUV values after applying a gradient +- celp filters: Do not read earlier than the start of the 'out' vector +- vqavideo: return error if image size is not a multiple of block size (CVE-2012-0947) +- dpcm: ignore extra unpaired bytes in stereo streams (CVE-2011-3951) +- aacsbr: prevent out of bounds memcpy() (CVE-2012-0850) +- h264: Add check for invalid chroma_format_idc (CVE-2012-0851) +- adpcm: ADPCM Electronic Arts has always two channels (CVE-2012-0852) +- shorten: remove VLA and check for buffer overflow +- shorten: Prevent block size from increasing +- shorten: Fix out of bound writes in fix_bitshift() +- shorten: check for realloc failure (CVE-2012-0858) +- shorten: Use separate pointers for the allocated memory for decoded samples (CVE-2012-0858) +- kmvc: Check palsize (CVE-2011-3952) +- qdm2: clip array indices returned by qdm2_get_vlc() +- configure: properly check for mingw-w64 through installed headers +- mingw32: properly check if vfw capture is supported by the system headers +- mingw32: merge checks for mingw-w64 and mingw32-runtime >= 3.15 into one +- dxva2: define required feature selection macros +- png: check bit depth for PAL8/Y400A pixel formats +- ea: check chunk_size for validity +- tqi: Pass errors from the MB decoder + + version 0.6.5: - vorbis: An additional defense in the Vorbis codec. (CVE-2011-3895) - vorbisdec: Fix decoding bug with channel handling. |