123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254 |
- Release Notes
- =============
- * 0.5 "Bike Shed World Domination" March 3, 2009
- General notes
- -------------
- It has been so long since the last release that this should be considered the
- first FFmpeg release of recent times. Because of the way things have unfolded to
- date, the notes for this version cannot be entirely conventional.
- See the Changelog file for a list of significant changes.
- Please note that our policy on bug reports has not changed. We still only accept
- bug reports against HEAD of the FFmpeg trunk repository. If you are experiencing
- any issues with any formally released version of FFmpeg, please try a current
- version of the development code to check if the issue still exists. If it does,
- make your report against the development code following the usual bug reporting
- guidelines.
- API notes
- ---------
- In the next release, it is intended to remove a number of deprecated APIs. We
- decided to put out a release that includes said APIs for the benefit of third
- party software.
- As such, this release:
- - provides a sync point for said APIs
- - increases awareness of API changes
- - allows the next release to detail how to transition from the old to the new
- The deprecated APIs to be removed are:
- - imgconvert (to be replaced by libswscale)
- - vhook (to be replaced by libavfilter)
- If at all possible, do not use the deprecated APIs. All notes on API changes
- should appear in doc/APIchanges.
- * 0.5.1 March 2, 2010
- General notes
- -------------
- This point release includes some minor updates to make the 0.5 release series
- usable for users that need to retain the existing behavior as closely as
- possible. The changes follow below:
- Security fixes
- --------------
- Various programming errors in container and codec implementations
- may lead to denial of service or the execution of arbitrary code
- if the user is tricked into opening a malformed media file or stream.
- Affected and updated have been the implementations of the following
- codecs and container formats:
- - the Vorbis audio codec
- - the FF Video 1 codec
- - the MPEG audio codec
- - the H264 video codec
- - the MLP codec
- - the HuffYUV codec
- - the ASF demuxer
- - the Ogg container implementation
- - the MOV container implementation
- Symbol Versioning enabled
- -------------------------
- The backported symbol versioning change is enabled on platforms that support
- it. This allows users to upgrade from 0.5.1 to the upcoming 0.6 release
- without having to recompile their applications. Please note that distributors
- have to recompile applications against 0.5.1 before upgrading to 0.6.
- libx264.c backport
- ------------------
- This release includes a backport to the libx264 wrapper that allows FFmpeg to
- be compiled against newer versions of libx264 up to API version 85.
- licensing changes
- -----------------
- Previously both libswscale and our AC-3 decoder had GPLed parts. These have
- been replaced by fresh LGPL code. x86 optimizations for libswscale remain GPL,
- but the C code is fully functional. Optimizations for other architectures have
- been relicensed to LGPL.
- AMR-NB decoding/encoding and AMR-WB decoding is now possible through the free
- software OpenCORE libraries as an alternative to the non-free libamr libraries.
- We found out that libfaac contains non-free parts and is not LGPL as previously
- claimed. We have changed configure to reflect this. You now have to pass the
- --enable-nonfree option if you wish to compile with libfaac support enabled.
- Furthermore the non-free bits in libavcodec/fdctref.c have been rewritten. Note
- well that they were only used in a test program and never compiled into any
- FFmpeg library.
- * 0.5.2 May 25, 2010
- General notes
- -------------
- This is a maintenance-only release that addresses a small number of security
- and portability issues. Distributors and system integrators are encouraged
- to update and share their patches against this branch.
- * 0.5.3 Oct 18, 2010
- General notes
- -------------
- This is (again) another maintenance-only release that addresses a fix
- for seekable HTTP and an exploitable bug in the FLIC decoder
- (cf. CVE-2010-3429 for details). Distributors and system integrators are
- encouraged to update and share their patches against this branch.
- * 0.5.4 Mar 17, 2011
- General notes
- -------------
- This is the first release that we cut after git migration. It is another
- maintenance-only release that addresses several security issues that were
- brought to our attention. In detail, fixes for RV30/40, WMV, Vorbis and
- VC-1 have been backported from trunk. Distributors and system integrators
- are encouraged to update and share their patches against this branch.
- * 0.5.5 Nov 6, 2011
- General notes
- -------------
- This maintenance-only release addresses several security issues that
- were brought to our attention. In detail, fixes for the MJPEG decoder,
- the CAVS decoder (CVE-2011-3362, CVE-2011-3973, CVE-2011-3974), and the
- Matroska decoder (MSVR11-011/CVE-2011-3504) and many others have been
- corrected. Additional, this release contains fixes for compilation with
- gcc-4.6. Distributors and system integrators are encouraged to update
- and share their patches against this branch.
- * 0.5.6 Nov 21, 2011
- General notes
- -------------
- This maintenance-only release addresses several security issues that
- were brought to our attention.
- * 0.5.7 Dec 25, 2011
- General notes
- -------------
- This maintenance-only release addresses several security issues that
- were brought to our attention. In details, it features fixes for the
- QDM2 decoder (CVE-2011-4351), DoS in the VP5/VP6 decoders
- (CVE-2011-4353), and a buffer overflow in the Sierra VMD decoder
- CVE-2011-4364, and a safety fix in the SVQ1 decoder (CVE-2011-4579).
- CVE-2011-4352, a bug in the VP3 decoder, is not known to affect this
- release.
- Distributors and system integrators are encouraged to update and share
- their patches against this branch.
- * 0.5.8 Jan 12, 2012
- General notes
- -------------
- This mostly maintenance-only release that addresses a number a number of
- bugs such as security and compilation issues that have been brought to
- our attention. Among other (rather minor) fixes, this release features
- fixes for the VP3 decoder (CVE-2011-3892), vorbis decoder, and matroska
- demuxer (CVE-2011-3893 and CVE-2011-3895).
- Distributors and system integrators are encouraged
- to update and share their patches against this branch. For a full list
- of changes please see the Changelog file.
- * 0.5.9 May 11, 2012
- General notes
- -------------
- This maintenance-only release that addresses a number a number of
- security issues that have been brought to our attention. Among other
- (rather minor) fixes, this release features fixes for the DV decoder
- (CVE-2011-3929 and CVE-2011-3936), nsvdec (CVE-2011-3940), Atrac3
- (CVE-2012-0853), mjpegdec (CVE-2011-3947) and the VQA video decoder
- (CVE-2012-0947).
- Distributors and system integrators are encouraged
- to update and share their patches against this branch. For a full list
- of changes please see the Changelog file.
- * 0.5.10 Jun 09, 2012
- General notes
- -------------
- This mostly maintenance-only release addresses a number of bugs such as
- security and compilation issues that have been brought to our
- attention. Among other fixes, this release includes security updates for
- the DPCM codecs (CVE-2011-3951), H.264 (CVE-2012-0851), ADPCM
- (CVE-2012-0852), and the KMVC decoder (CVE-2011-3952).
- Distributors and system integrators are encouraged to update and share
- their patches against this branch. For a full list of changes please see
- the Changelog file or the Git commit history.
- * 0.5.11 Feb 17, 2013
- General notes
- -------------
- This maintenance-only release addresses a number of bugs such as
- security and compilation issues that have been brought to our
- attention. Among other fixes, this release includes security updates for
- the mpeg12 codecs (CVE-2012-2803), H.264, VP5/VP6 (CVE-2012-2783,
- CVE-2012-2783), shorten (CVE-2012-0858), CAVS (CVE-2012-2777 and
- CVE-2012-2784), AVS (CVE-2012-2801) and a number of additional safe but
- important bugs in other decoders. Additionally, reported bugs in the
- yuv4mpeg (Bug 373) and BMP decoder (Bug 367) have been addressed.
- Distributors and system integrators are encouraged to update and share
- their patches against this branch. For a full list of changes please
- see the Changelog file or the Git commit history.
|