ffmpeg seems to be the one of the two forks, which is most widely used by
Linux distributions and in general. Also Google is using it for e.g. Chrome
and has engineers working on finding and fixing security issues in it.
https://bugzilla.gnome.org/show_bug.cgi?id=751607
version 9.8:
- kmvc: Clip pixel position to valid range
- kmvc: Use fixed sized arrays in the context
- indeo: Reject negative array indexes
- indeo: Check for reference when inheriting motion vectors
- indeo: Properly forward the error codes
- mjpeg: Check the unescaped size for overflows
- wmapro: Error out on impossible scale factor offsets
- wmapro: Check the min_samples_per_subframe
- wmapro: Return early on unsupported condition
- wmapro: Check num_vec_coeffs against the actual available buffer
- wmapro: Make sure there is room to store the current packet
- lavc: Move put_bits_left in put_bits.h
- 4xm: Do not overread the source buffer in decode_p_block
- 4xm: Check bitstream_size boundary before using it
version 9.7:
Most of the following fixes resulted from test samples that the Google
Security Team has kindly made available to us:
- 4xm: fix several programming errors to avoid crashes, etc.
- apetag: use int64_t for filesize
- jpegls: Fix invalid writes to memory
- ljpeg: use the correct number of components in YUV
- mjpeg: Validate sampling factors
- mjpegdec: properly report unsupported disabled features
- mjpegdec: validate parameters in mjpeg_decode_scan_progressive_ac
- mpegvideo: allocate sufficiently large scratch buffer for interlaced vid
- pixdesc: mark gray8 as pseudopal
- smacker: fix several programming errors to avoid crashes, etc.
- tiff: do not overread the source buffer
- vmd: drop incomplete chunks and spurious samples
- vmdav: convert to bytestream2 to avoid invalid reads and writes
- wavpack: check packet size early
- wavpack: use bytestream2 in wavpack_decode_block
- wavpack: validate samples size parsed in wavpack_decode_block
This reverts commit 4964bd753c.
No idea what this fixes, for me it breaks make dist, which fails
with:
make[2]: Entering directory `/home/tpm/gst/0.11/gst-ffmpeg/gst-libs/ext'
GIT_DIR=libav/.git git checkout-index --prefix=../libav-dist/libav/ -a
touch libav-dist/libav/config.mak
touch: cannot touch `libav-dist/libav/config.mak': No such file or directory
after a clean build.
Just use svn export instead of trying to be smart about which files
we need.
This makes the resulting gst-ffmpeg tarball a bit bigger, but at least
we know we have everything needed to build gst-ffmpeg
The 0.5 ffmpeg branch includes libswscale directly, not as an external,
breaking the dist (and warning in autogen.sh) about not being able to
update its revision.
Add some code to not update the svn external if the
FFMPEG_EXTERNALS_REVISION variable is empty.
Also, in autogen.sh check that the current FFmpeg checkout is from the
right branch according to ffmpegrev, and check it out again if
it's not.