summaryrefslogtreecommitdiff
path: root/media/libvorbis/CHANGES
diff options
context:
space:
mode:
Diffstat (limited to 'media/libvorbis/CHANGES')
-rw-r--r--media/libvorbis/CHANGES185
1 files changed, 185 insertions, 0 deletions
diff --git a/media/libvorbis/CHANGES b/media/libvorbis/CHANGES
new file mode 100644
index 0000000000..ba0c3ca01a
--- /dev/null
+++ b/media/libvorbis/CHANGES
@@ -0,0 +1,185 @@
+libvorbis 1.3.7 (2020-07-04) -- "Xiph.Org libVorbis I 20200704 (Reducing Environment)"
+
+* Fix CVE-2018-10393 - out-of-bounds read encoding very low sample rates.
+* Fix CVE-2017-14160 - out-of-bounds read encoding very low sample rates.
+* Fix CVE-2018-10392 - out-of-bounds access encoding invalid channel count.
+* Fix handling invalid bytes per sample arguments.
+* Fix handling invalid channel count arguments.
+* Fix invalid free on seek failure.
+* Fix negative shift reading blocksize.
+* Fix accepting unreasonable float32 values.
+* Fix tag comparison depending on locale.
+* Fix unnecessarily linking libm.
+* Fix memory leak in test_sharedbook.
+* Update Visual Studio projects for ogg library filename change.
+* Distribute CMake build files with the source package.
+* Remove unnecessary configure --target switch.
+* Add gitlab CI support.
+* Add OSS-Fuzz support.
+* Build system and integration updates.
+
+libvorbis 1.3.6 (2018-03-16) -- "Xiph.Org libVorbis I 20180316 (Now 100% fewer shells)"
+
+* Fix CVE-2018-5146 - out-of-bounds write on codebook decoding.
+* Fix CVE-2017-14632 - free() on unitialized data
+* Fix CVE-2017-14633 - out-of-bounds read
+* Fix bitrate metadata parsing.
+* Fix out-of-bounds read in codebook parsing.
+* Fix residue vector size in Vorbis I spec.
+* Appveyor support
+* Travis CI support
+* Add secondary CMake build system.
+* Build system fixes
+
+libvorbis 1.3.5 (2015-03-03) -- "Xiph.Org libVorbis I 20150105 (⛄⛄⛄⛄)"
+
+* Tolerate single-entry codebooks.
+* Fix decoder crash with invalid input.
+* Fix encoder crash with non-positive sample rates.
+# Fix issues in vorbisfile's seek bisection code.
+* Spec errata.
+* Reject multiple headers of the same type.
+* Various build fixes and code cleanup.
+
+libvorbis 1.3.4 (2014-01-22) -- "Xiph.Org libVorbis I 20140122 (Turpakäräjiin)"
+
+* Reduce codebook footprint in library code.
+* Various build and documentation fixes.
+
+libvorbis 1.3.3 (2012-02-03) -- "Xiph.Org libVorbis I 20120203 (Omnipresent)"
+
+* vorbis: additional proofing against invalid/malicious
+ streams in decode (see SVN for details).
+* vorbis: fix a memory leak in vorbis_commentheader_out().
+* updates, corrections and clarifications in the Vorbis I specification
+ document
+* win32: fixed project configuration which referenced two CRT versions
+ in output binaries.
+* build warning fixes
+
+libvorbis 1.3.2 (2010-11-01) -- "Xiph.Org libVorbis I 20101101 (Schaufenugget)"
+
+ * vorbis: additional proofing against invalid/malicious
+ streams in floor, residue, and bos/eos packet trimming
+ code (see SVN for details).
+ * vorbis: Added programming documentation tree for the
+ low-level calls
+ * vorbisfile: Correct handling of serial numbers array
+ element [0] on non-seekable streams
+ * vorbisenc: Back out an [old] AoTuV HF weighting that was
+ first enabled in 1.3.0; there are a few samples where I
+ really don't like the effect it causes.
+ * vorbis: return correct timestamp for granule positions
+ with high bit set.
+ * vorbisfile: the [undocumented] half-rate decode api made no
+ attempt to keep the pcm offset tracking consistent in seeks.
+ Fix and add a testing mode to seeking_example.c to torture
+ test seeking in halfrate mode. Also remove requirement that
+ halfrate mode only work with seekable files.
+ * vorbisfile: Fix a chaining bug in raw_seeks where seeking
+ out of the current link would fail due to not
+ reinitializing the decode machinery.
+ * vorbisfile: improve seeking strategy. Reduces the
+ necessary number of seek callbacks in an open or seek
+ operation by well over 2/3.
+
+libvorbis 1.3.1 (2010-02-26) -- "Xiph.Org libVorbis I 20100325 (Everywhere)"
+
+ * tweak + minor arithmetic fix in floor1 fit
+ * revert noise norm to conservative 1.2.3 behavior pending
+ more listening testing
+
+libvorbis 1.3.0 (2010-02-25) -- unreleased staging snapshot
+
+ * Optimized surround support for 5.1 encoding at 44.1/48kHz
+ * Added encoder control call to disable channel coupling
+ * Correct an overflow bug in very low-bitrate encoding on 32 bit
+ machines that caused inflated bitrates
+ * Numerous API hardening, leak and build fixes
+ * Correct bug in 22kHz compand setup that could cause a crash
+ * Correct bug in 16kHz codebooks that could cause unstable pure
+ tones at high bitrates
+
+libvorbis 1.2.3 (2009-07-09) -- "Xiph.Org libVorbis I 20090709"
+
+ * correct a vorbisfile bug that prevented proper playback of
+ Vorbis files where all audio in a logical stream is in a
+ single page
+ * Additional decode setup hardening against malicious streams
+ * Add 'OV_EXCLUDE_STATIC_CALLBACKS' define for developers who
+ wish to avoid unused symbol warnings from the static callbacks
+ defined in vorbisfile.h
+
+libvorbis 1.2.2 (2009-06-24) -- "Xiph.Org libVorbis I 20090624"
+
+ * define VENDOR and ENCODER strings
+ * seek correctly in files bigger than 2 GB (Windows)
+ * fix regression from CVE-2008-1420; 1.0b1 files work again
+ * mark all tables as constant to reduce memory occupation
+ * additional decoder hardening against malicious streams
+ * substantially reduce amount of seeking performed by Vorbisfile
+ * Multichannel decode bugfix
+ * build system updates
+ * minor specification clarifications/fixes
+
+libvorbis 1.2.1 (unreleased) -- "Xiph.Org libVorbis I 20080501"
+
+ * Improved robustness with corrupt streams.
+ * New ov_read_filter() vorbisfile call allows filtering decoded
+ audio as floats before converting to integer samples.
+ * Fix an encoder bug with multichannel streams.
+ * Replaced RTP payload format draft with RFC 5215.
+ * Bare bones self test under 'make check'.
+ * Fix a problem encoding some streams between 14 and 28 kHz.
+ * Fix a numerical instability in the edge extrapolation filter.
+ * Build system improvements.
+ * Specification correction.
+
+libvorbis 1.2.0 (2007-07-25) -- "Xiph.Org libVorbis I 20070622"
+
+ * new ov_fopen() convenience call that avoids the common
+ stdio conflicts with ov_open() and MSVC runtimes.
+ * libvorbisfile now handles multiplexed streams
+ * improve robustness to corrupt input streams
+ * fix a minor encoder bug
+ * updated RTP draft
+ * build system updates
+ * minor corrections to the specification
+
+libvorbis 1.1.2 (2005-11-27) -- "Xiph.Org libVorbis I 20050304"
+
+ * fix a serious encoder bug with gcc 4 optimized builds
+ * documentation and spec fixes
+ * updated VS2003 and XCode builds
+ * new draft RTP encapsulation spec
+
+libvorbis 1.1.1 (2005-06-27) -- "Xiph.Org libVorbis I 20050304"
+
+ * bug fix to the bitrate management encoder interface
+ * bug fix to properly set packetno field in the encoder
+ * new draft RTP encapsulation spec
+ * library API documentation improvements
+
+libvorbis 1.1.0 (2004-09-22) -- "Xiph.Org libVorbis I 20040629"
+
+ * merges tuning improvements from Aoyumi's aoTuV with fixups
+ * new managed bitrate (CBR) mode support
+ * new vorbis_encoder_ctl() interface
+ * extensive documentation updates
+ * application/ogg mimetype is now official
+ * autotools cleanup from Thomas Vander Stichele
+ * SymbianOS build support from Colin Ward at CSIRO
+ * various bugfixes
+ * various packaging improvements
+
+libvorbis 1.0.1 (2003-11-17) -- "Xiph.Org libVorbis I 20030909"
+
+ * numerous bug fixes
+ * specification corrections
+ * new crosslap and halfrate APIs for game use
+ * packaging and build updates
+
+libvorbis 1.0.0 (2002-07-19) -- "Xiph.Org libVorbis I 20020717"
+
+ * first stable release
+