| Release Notes |
| ============= |
| |
| * 0.5 "Bike Shed World Domination" March 3, 2009 |
| |
| General notes |
| ------------- |
| |
| It has been so long since the last release that this should be considered the |
| first FFmpeg release of recent times. Because of the way things have unfolded to |
| date, the notes for this version cannot be entirely conventional. |
| |
| See the Changelog file for a list of significant changes. |
| |
| Please note that our policy on bug reports has not changed. We still only accept |
| bug reports against HEAD of the FFmpeg trunk repository. If you are experiencing |
| any issues with any formally released version of FFmpeg, please try a current |
| version of the development code to check if the issue still exists. If it does, |
| make your report against the development code following the usual bug reporting |
| guidelines. |
| |
| API notes |
| --------- |
| |
| In the next release, it is intended to remove a number of deprecated APIs. We |
| decided to put out a release that includes said APIs for the benefit of third |
| party software. |
| |
| As such, this release: |
| - provides a sync point for said APIs |
| - increases awareness of API changes |
| - allows the next release to detail how to transition from the old to the new |
| |
| The deprecated APIs to be removed are: |
| - imgconvert (to be replaced by libswscale) |
| - vhook (to be replaced by libavfilter) |
| |
| If at all possible, do not use the deprecated APIs. All notes on API changes |
| should appear in doc/APIchanges. |
| |
| |
| |
| * 0.5.1 March 2, 2010 |
| |
| General notes |
| ------------- |
| |
| This point release includes some minor updates to make the 0.5 release series |
| usable for users that need to retain the existing behavior as closely as |
| possible. The changes follow below: |
| |
| Security fixes |
| -------------- |
| |
| Various programming errors in container and codec implementations |
| may lead to denial of service or the execution of arbitrary code |
| if the user is tricked into opening a malformed media file or stream. |
| |
| Affected and updated have been the implementations of the following |
| codecs and container formats: |
| |
| - the Vorbis audio codec |
| - the FF Video 1 codec |
| - the MPEG audio codec |
| - the H264 video codec |
| - the MLP codec |
| - the HuffYUV codec |
| - the ASF demuxer |
| - the Ogg container implementation |
| - the MOV container implementation |
| |
| Symbol Versioning enabled |
| ------------------------- |
| |
| The backported symbol versioning change is enabled on platforms that support |
| it. This allows users to upgrade from 0.5.1 to the upcoming 0.6 release |
| without having to recompile their applications. Please note that distributors |
| have to recompile applications against 0.5.1 before upgrading to 0.6. |
| |
| libx264.c backport |
| ------------------ |
| |
| This release includes a backport to the libx264 wrapper that allows FFmpeg to |
| be compiled against newer versions of libx264 up to API version 85. |
| |
| licensing changes |
| ----------------- |
| |
| Previously both libswscale and our AC-3 decoder had GPLed parts. These have |
| been replaced by fresh LGPL code. x86 optimizations for libswscale remain GPL, |
| but the C code is fully functional. Optimizations for other architectures have |
| been relicensed to LGPL. |
| |
| AMR-NB decoding/encoding and AMR-WB decoding is now possible through the free |
| software OpenCORE libraries as an alternative to the non-free libamr libraries. |
| |
| We found out that libfaac contains non-free parts and is not LGPL as previously |
| claimed. We have changed configure to reflect this. You now have to pass the |
| --enable-nonfree option if you wish to compile with libfaac support enabled. |
| |
| Furthermore the non-free bits in libavcodec/fdctref.c have been rewritten. Note |
| well that they were only used in a test program and never compiled into any |
| FFmpeg library. |
| |
| |
| |
| * 0.5.2 May 25, 2010 |
| |
| General notes |
| ------------- |
| |
| This is a maintenance-only release that addresses a small number of security |
| and portability issues. Distributors and system integrators are encouraged |
| to update and share their patches against this branch. |
| |
| |
| |
| * 0.5.3 Oct 18, 2010 |
| |
| General notes |
| ------------- |
| |
| This is (again) another maintenance-only release that addresses a fix |
| for seekable HTTP and an exploitable bug in the FLIC decoder |
| (cf. CVE-2010-3429 for details). Distributors and system integrators are |
| encouraged to update and share their patches against this branch. |
| |
| |
| |
| * 0.5.4 Mar 17, 2011 |
| |
| General notes |
| ------------- |
| |
| This is the first release that we cut after git migration. It is another |
| maintenance-only release that addresses several security issues that were |
| brought to our attention. In detail, fixes for RV30/40, WMV, Vorbis and |
| VC-1 have been backported from trunk. Distributors and system integrators |
| are encouraged to update and share their patches against this branch. |
| |
| |
| |
| * 0.5.5 Nov 6, 2011 |
| |
| General notes |
| ------------- |
| |
| This maintenance-only release addresses several security issues that |
| were brought to our attention. In detail, fixes for the MJPEG decoder, |
| the CAVS decoder (CVE-2011-3362, CVE-2011-3973, CVE-2011-3974), and the |
| Matroska decoder (MSVR11-011/CVE-2011-3504) and many others have been |
| corrected. Additional, this release contains fixes for compilation with |
| gcc-4.6. Distributors and system integrators are encouraged to update |
| and share their patches against this branch. |
| |
| |
| |
| * 0.5.6 Nov 21, 2011 |
| |
| General notes |
| ------------- |
| |
| This maintenance-only release addresses several security issues that |
| were brought to our attention. |
| |
| |
| |
| * 0.5.7 Dec 25, 2011 |
| |
| General notes |
| ------------- |
| |
| This maintenance-only release addresses several security issues that |
| were brought to our attention. In details, it features fixes for the |
| QDM2 decoder (CVE-2011-4351), DoS in the VP5/VP6 decoders |
| (CVE-2011-4353), and a buffer overflow in the Sierra VMD decoder |
| CVE-2011-4364, and a safety fix in the SVQ1 decoder (CVE-2011-4579). |
| CVE-2011-4352, a bug in the VP3 decoder, is not known to affect this |
| release. |
| |
| Distributors and system integrators are encouraged to update and share |
| their patches against this branch. |
| |
| |
| |
| * 0.5.8 Jan 12, 2012 |
| |
| General notes |
| ------------- |
| |
| This mostly maintenance-only release that addresses a number a number of |
| bugs such as security and compilation issues that have been brought to |
| our attention. Among other (rather minor) fixes, this release features |
| fixes for the VP3 decoder (CVE-2011-3892), vorbis decoder, and matroska |
| demuxer (CVE-2011-3893 and CVE-2011-3895). |
| |
| Distributors and system integrators are encouraged |
| to update and share their patches against this branch. For a full list |
| of changes please see the Changelog file. |
| |
| * 0.5.9 May 11, 2012 |
| |
| General notes |
| ------------- |
| |
| This maintenance-only release that addresses a number a number of |
| security issues that have been brought to our attention. Among other |
| (rather minor) fixes, this release features fixes for the DV decoder |
| (CVE-2011-3929 and CVE-2011-3936), nsvdec (CVE-2011-3940), Atrac3 |
| (CVE-2012-0853), mjpegdec (CVE-2011-3947) and the VQA video decoder |
| (CVE-2012-0947). |
| |
| Distributors and system integrators are encouraged |
| to update and share their patches against this branch. For a full list |
| of changes please see the Changelog file. |
