--- src/download | 24 ++++++++++----------- src/news | 68 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 80 insertions(+), 12 deletions(-)
diff --git a/src/download b/src/download index 39bb278..bd68b03 100644 --- a/src/download +++ b/src/download @@ -249,24 +249,24 @@ filing bugs: <a href="releases/libav-0.8.release">Release Notes</a> </p> -<a name="release_0.7"></a><h2>Libav 0.7.6 "The Big Bump"</h2> +<a name="release_0.7"></a><h2>Libav 0.7.7 "The Big Bump"</h2> <p> -0.7.6 was released on 2012-06-09. It is the latest point release from the 0.7 branch, +0.7.7 was released on 2013-02-02. It is the latest point release from the 0.7 branch, which was cut on 2011-06-20. </p> <p> -<a href="releases/libav-0.7.6.tar.xz">Download XZ tarball</a> -<a href="releases/libav-0.7.6.tar.xz.md5">MD5</a> -<a href="releases/libav-0.7.6.tar.xz.sha1">SHA1</a> -<a href="releases/libav-0.7.6.tar.xz.asc">PGP signature</a><br /> -<a href="releases/libav-0.7.6.tar.gz">Download gzip tarball</a> -<a href="releases/libav-0.7.6.tar.gz.md5">MD5</a> -<a href="releases/libav-0.7.6.tar.gz.sha1">SHA1</a> -<a href="releases/libav-0.7.6.tar.gz.asc">PGP signature</a><br /> -<a href="releases/libav-0.7.6.changelog">Changelog</a><br /> -<a href="releases/libav-0.7.6.release">Release Notes</a> +<a href="releases/libav-0.7.7.tar.xz">Download XZ tarball</a> +<a href="releases/libav-0.7.7.tar.xz.md5">MD5</a> +<a href="releases/libav-0.7.7.tar.xz.sha1">SHA1</a> +<a href="releases/libav-0.7.7.tar.xz.asc">PGP signature</a><br /> +<a href="releases/libav-0.7.7.tar.gz">Download gzip tarball</a> +<a href="releases/libav-0.7.7.tar.gz.md5">MD5</a> +<a href="releases/libav-0.7.7.tar.gz.sha1">SHA1</a> +<a href="releases/libav-0.7.7.tar.gz.asc">PGP signature</a><br /> +<a href="releases/libav-0.7.7.changelog">Changelog</a><br /> +<a href="releases/libav-0.7.7.release">Release Notes</a> </p> <a name="release_0.6"></a><h2> diff --git a/src/news b/src/news index 558c330..4c3d812 100644 --- a/src/news +++ b/src/news @@ -1,5 +1,73 @@ <h1>News</h1> +<a name="0.7.7"></a><h3>February 2, 2013</h3> + +<p> +Today, we update our latest release series 0.7 with the release +<a href="download.html#release_0.7">Libav 0.7.7</a>. As usual, this release +includes a number of functional corrections and security fixes, such as: +</p> + +<ul> +<li> aacdec: Fix an off-by-one overwrite when switching to LTP profile from MAIN (CVE-2012-5144) </li> +<li> alsdec: check opt_order (CVE-2012-2775) </li> +<li> alsdec: fix number of decoded samples in first sub-block in BGMC mode (CVE-2012-2790) </li> +<li> avidec: use actually read size instead of requested size (CVE-2012-2788) </li> +<li> avsdec: Set dimensions instead of relying on the demuxer (CVE-2012-2801) </li> +<li> cavsdec: check for changing w/h (CVE-2012-2777 and CVE-2012-2784) </li> +<li> dfa: check that the caller set width/height properly (CVE-2012-2786) </li> +<li> dfa: improve boundary checks in decode_dds1() (CVE-2012-2798) </li> +<li> indeo4/5: check empty tile size in decode_mb_info() (CVE-2012-2800) </li> +<li> indeo5: Make sure we have had a valid gop header (CVE-2012-2779) </li> +<li> indeo5: check tile size in decode_mb_info() (CVE-2012-2794) </li> +<li> ivi_common: check that scan pattern is set before using it (CVE-2012-2791) </li> +<li> lagarith: check count before writing zeros (CVE-2012-2793) </li> +<li> mpeg12: do not decode extradata more than once (CVE-2012-2803) </li> +<li> rv34: error out on size changes with frame threading (CVE-2012-2772) </li> +<li> vp56: release frames on error (CVE-2012-2783) </li> +<li> wmaprodec: check num_vec_coeffs for validity (CVE-2012-2789) </li> +</ul> + +<p> +Additional, further bugfixes have been made to the following codecs: +</p> + +<ul> +<li> h264 </li> +<li> vc1 </li> +<li> nuv </li> +<li> imgconvert </li> +<li> vorbisenc </li> +<li> flacenc </li> +</ul> + +<p> +Other noteworthy changes include: +</p> + +<ul> +<li> fix segfault in avformat_open_input() </li> +<li> rtsp: Recheck the reordering queue if getting a new packet </li> +<li> fix uninitialized reads and memory leaks on malformed ogg files </li> +</ul> + +<p> +We intend to discontinue updates for the 0.7 release branch unless there +is significant demand for an 0.7.8 release. If such an release becomes +necessary in the future, please do not hesitate to get in contact with +us, preferably via email or via an bugzilla entry. +</p> + +<p> +Distributors and system integrators are encouraged to update and share their +patches against our release branches. +</p> + +<p> +<em>Enjoy!</em> +</p> + + <a name="0.8.5"></a><h3>January 13, 2013</h3> <p> -- 1.7.9.5 _______________________________________________ libav-devel mailing list [email protected] https://lists.libav.org/mailman/listinfo/libav-devel
