Libav 9.7 - Changelog

What's new in Libav 9.7:

June 17th, 2013

· 4xm: fix several programming errors to avoid crashes, etc.
· apetag: use int64_t for filesize
· jpegls: Fix invalid writes to memory
· ljpeg: use the correct number of components in YUV
· mjpeg: Validate sampling factors
· mjpegdec: properly report unsupported disabled features
· mjpegdec: validate parameters in mjpeg_decode_scan_progressive_ac
· mpegvideo: allocate sufficiently large scratch buffer for interlaced vid
· pixdesc: mark gray8 as pseudopal
· smacker: fix several programming errors to avoid crashes, etc.
· tiff: do not overread the source buffer
· vmd: drop incomplete chunks and spurious samples
· vmdav: convert to bytestream2 to avoid invalid reads and writes
· wavpack: check packet size early
· wavpack: use bytestream2 in wavpack_decode_block
· wavpack: validate samples size parsed in wavpack_decode_block=

What's new in Libav 9.6:

May 14th, 2013

· aac: check the maximum number of channels to avoid invalid writes
· indeo3: fix off by one in MV validity check
· id3v2: check for end of file while unescaping tags to avoid invalid writes, reported by Google Security Team
· afifo: fix request_samples on the last frame in certain cases
· hls, segment: fix splitting for audio-only streams
· wav: Always seek to an even offset, Bug #500, LP: #1174737
· swscale: Use alpha from the right row in yuva2rgba_c, Bug #504
· indeo3: use unaligned reads on reference blocks, Bug #503
· oma: properly forward errors in oma_read_packet
· af_asyncts: fix offset calculation
· proresdec: support mixed interlaced/non-interlaced content

What's new in Libav 9.4:

March 26th, 2013

· atrac3: avoid oversized shifting in decode_bytes()
· eamad: allocate a dummy reference frame when the real one is missing
· ffv1: fix calculating slice dimensions for version 2
· flacdec: simplify bounds checking in flac_probe()
· h264: check for luma and chroma bit dept being equal (CVE-2013-2277)
· hqdn3d: Fix out of array read in LOWPASS
· iff: validate CMAP palette size (CVE-2013-2495)
· ivi_common: do not call MC for intra frames when dc_transform is unset
· libmp3lame: use the correct remaining buffer size when flushing
· lzo: fix overflow checking in copy_backptr()
· mp3dec: Fix VBR bit rate parsing
· png: use av_mallocz_array() for the zlib zalloc function
· roqvideodec: fix a potential infinite loop in roqvideo_decode_frame()
· shorten: fix various programming mistakes
· vf_gradfun: fix uninitialized variable use
· vf_hqdn3d: fix uninitialized variable use
· vmdaudio: fix invalid reads when packet size is not a multiple of chunk size
· wmadec: require block_align to be set
· wmaprodec: require block_align to be set
· wmaprodec: return an error, not 0, when the input is too small
· xxan: fix invalid memory access in xan_decode_frame_type0()

What's new in Libav 9.3:

March 4th, 2013

· h264: fix deadlocks with broken/fuzzed files
· flvdec: make decoder more robust
· vorbisdec: fix buffer overflow (CVE-2013-0894)
· ac3dec: validate channel output mode against channel count
· doc: minor improvements

What's new in Libav 9.2:

February 25th, 2013

· loco: check that there is data left after decoding a plane.
· mov: use the format context for logging.
· lagarith: avoid infinite loop in lag_rac_refill() with corrupted files
· flicvideo: avoid an infinite loop in byte run compression
· av_memcpy_backptr: avoid an infinite loop for back = 0
· mlpdec: do not try to allocate a zero-sized output buffer.
· qtrle: add more checks against pixel_ptr being negative.
· 4xm: check the return value of read_huffman_tables().
· cavs: initialize various context tables, avoids crashes with corrupted files
· x86/H.264: Don't use redzone in AVX h264_deblock on Win64
· VQA video: check chunk sizes before reading chunks
· RoQ video decoder: check dimensions validity
· QDM2: check array index before use, fix out of array accesses
· mpegvideo: Do REBASE_PICTURE with byte pointers
· SVQ3: unbreak decoding
· libopencore-amrwb: Make AMR-WB ifdeffery more precise
· libopencore-amr: Conditionally compile decoder and encoder bits
· arm: Fall back to runtime cpu feature detection via /proc/cpuinfo
· xxan: properly handle odd heights
· msrledec: check bounds before constructing a possibly invalid pointer,
· qtrle: fix the topmost line for 1bit
· aasc: fix output for msrle compression
· yop: check for input overreads
· yop: check that extradata is large enough
· fraps: fix off-by one bug for version 1
· vf_delogo: fix copying the input frame
· vf_delogo: fix an uninitialized read
· dnxhdenc: fix invalid reads in dnxhd_mb_var_thread()
· ATRAC3: use correct loop variable in add_tonal_components()
· MLP: store the channel layout for each substream
· MLP decoder: TrueHD: use Libav channel order
· x86: ac3: Fix HAVE_MMXEXT condition to only refer to external assembly
· arm: vp8: Fix the plain-armv6 version of vp8_luma_dc_wht
· lavr: call mix_function_init() in ff_audio_mix_set_matrix()
· rtpenc_chain: Use the original AVFormatContext for getting payload type
· rtp: Make sure the output format pointer is set
· rtp: Make sure priv_data is set before reading it
· videodsp_armv5te: remove #if HAVE_ARMV5TE_EXTERNAL
· get_bits: change the failure condition in init_get_bits
· mpegvideo: fix loop condition in draw_line()
· fate: update ref after rv30_loop_filter fix
· RV30: fix masking in rv30_loop_filter()
· libcdio: support recent cdio-paranoia
· Theora: Skip zero-sized headers
· H.264: add 3 pixels below for subpixel filter wait position
· H.264: fix ff_generate_sliding_window_mmcos() prototype
· H.264: don't clobber mmco opcode tables for non-first slice headers
· libx264: use the library specific default rc_initial_buffer_occupancy
· lavc: set the default rc_initial_buffer_occupancy
· lavc: introduce the convenience function init_get_bits8
· lavc: check for overflow in init_get_bits
· configure: enable pic for shared libs on AArch64
· zmbv: Reset the decoder on keyframe errors
· VC1 decoder: prevent a crash due missing pred_flag parameter
· matroska: Fix use after free
· VP3: Fix double free in vp3_decode_end()

What's new in Libav 9.1:

January 8th, 2013

· Fix a crash on windows platforms related to automatic stack alignment in libavresample
· Fix memleaks in the ogg demuxer. Related to CVE-2012-2882

What's new in Libav 0.8.4:

October 23rd, 2012

Several bugs and crashes have been fixed in the following codecs:
· h264 (Bug 118), vc1dec (CVE-2012-2796), sipr, bmpdec (bug 367), alsdec
· (CVE-2012-2775), rv34/rv40 (CVE-2012-2772), indeo3/indeo4
· (CVE-2012-2776, CVE-2012-2779, CVE-2012-2787, CVE-2012-2794,
· CVE-2012-2800), vorbisenc, vorbisdec (Bug 277), snow, ac3dec
· (CVE-2012-2802), avsdec (CVE-2012-2801), dfa (CVE-2012-2786,
· CVE-2012-2798), lagrith (CVE-2012-2793), wmaprodec (CVE-2012-2789 &
· Bug 327), avidec (CVE-2012-2788, CVE-2012-2790), cavsdec
· (CVE-2012-2777, CVE-2012-2784), wav (Bug 379), yuff4mpeg (Bug 373),
· mpegaudio, tiffenc, smacker (Bug 265).

· smaller bug fixes in avconv (Bug 352)
· fix lt() and lte() in function evaluator
· fix segfault in avformat_open_input()
· fix segfault in golomb decoder (bug 310)
· fix segfault (double free) in libavfilter
· convert dfa decoder to bytestream2 API to protect from overreads
· bugfix in vf_pad/scale filter (Bug 203 & 245)
· lavc: remove stats_out and stats_in from the options table. (Bug 380)

What's new in Libav 0.9 Beta 1:

October 17th, 2012

· XWD encoder and decoder
· Support for fragmentation in the mov/mp4 muxer
· ISMV (Smooth Streaming) muxer
· CDXL demuxer and decoder
· Apple ProRes encoder
· Sun Rasterfile Encoder
· remove libpostproc
· ID3v2 attached pictures reading and writing
· WMA Lossless decoder
· XBM encoder
· RealAudio Lossless decoder
· ZeroCodec decoder
· drop support for avconv without libavfilter
· add libavresample audio conversion library
· audio filters support in libavfilter and avconv
· add fps filter
· audio split filter
· audio mix filter
· avprobe output is now standard INI or JSON. The old format can still
· be used with -of old.
· Indeo Audio decoder
· channelsplit audio filter
· RTMPT protocol support
· iLBC encoding/decoding via libilbc
· Microsoft Screen 1 decoder
· join audio filter
· audio channel mapping filter
· Microsoft ATC Screen decoder
· RTSP listen mode
· TechSmith Screen Codec 2 decoder
· AAC encoding via libfdk-aac
· Microsoft Expression Encoder Screen decoder
· RTMPS protocol support
· RTMPTS protocol support
· JPEG 2000 encoding support through OpenJPEG
· G.723.1 demuxer and decoder
· RTMPE protocol support
· RTMPTE protocol support
· Canopus Lossless Codec decoder
· avconv -shortest option is now per-output file,
· -pass and -passlogfile are now per-output stream
· Ut Video encoder
· Microsoft Screen 2 decoder
· RTP depacketization of JPEG
· Smooth Streaming live segmenter muxer
· RTP packetization of JPEG
· Opus decoder and encoder using libopus
· remove -same_quant, it hasn't worked for years

What's new in Libav 0.8:

September 12th, 2012

· Several bugs and crashes have been fixed in the following codecs: PNG, Electronic Arts TQI, H.264 (CVE-2012-0851) and H.263 (CVE-2011-3937)