Author: Reinhard Tartler
Revision Date: 2009-07-25 09:15:12 UTC

* do not forcefully enable objenjpeg, it is not avaiable in this build
  anyway
* don't build against faac in any case, it is deemed non-free

Author: Reinhard Tartler
Revision Date: 2009-07-25 09:15:12 UTC

* do not forcefully enable objenjpeg, it is not avaiable in this build
  anyway
* don't build against faac in any case, it is deemed non-free

Author: Reinhard Tartler
Revision Date: 2009-07-25 09:15:12 UTC

* do not forcefully enable objenjpeg, it is not avaiable in this build
  anyway
* don't build against faac in any case, it is deemed non-free

Author: Reinhard Tartler
Revision Date: 2009-07-25 09:15:12 UTC

* do not forcefully enable objenjpeg, it is not avaiable in this build
  anyway
* don't build against faac in any case, it is deemed non-free

Author: Reinhard Tartler
Revision Date: 2009-07-25 09:15:12 UTC

* do not forcefully enable objenjpeg, it is not avaiable in this build
  anyway
* don't build against faac in any case, it is deemed non-free

Author: Reinhard Tartler
Revision Date: 2009-07-25 09:15:12 UTC

* do not forcefully enable objenjpeg, it is not avaiable in this build
  anyway
* don't build against faac in any case, it is deemed non-free

Author: Reinhard Tartler
Revision Date: 2009-07-25 09:15:12 UTC

* do not forcefully enable objenjpeg, it is not avaiable in this build
  anyway
* don't build against faac in any case, it is deemed non-free

Author: Reinhard Tartler
Revision Date: 2009-07-25 09:15:12 UTC

* do not forcefully enable objenjpeg, it is not avaiable in this build
  anyway
* don't build against faac in any case, it is deemed non-free

Author: Reinhard Tartler
Revision Date: 2009-07-25 09:15:12 UTC

* do not forcefully enable objenjpeg, it is not avaiable in this build
  anyway
* don't build against faac in any case, it is deemed non-free

Author: Reinhard Tartler
Revision Date: 2009-07-25 09:15:12 UTC

* do not forcefully enable objenjpeg, it is not avaiable in this build
  anyway
* don't build against faac in any case, it is deemed non-free

Author: Reinhard Tartler
Revision Date: 2009-07-25 09:15:12 UTC

* do not forcefully enable objenjpeg, it is not avaiable in this build
  anyway
* don't build against faac in any case, it is deemed non-free

Author: Marc Deslauriers
Revision Date: 2010-04-08 09:12:45 UTC

* SECURITY UPDATE: Fix a multitude of security issues
  - debian/patches/CVE-2009-46XX/security-issue03.patch: check stream
    existence before assignment
  - debian/patches/CVE-2009-46XX/security-issue04.patch: check submap
    indexes
  - debian/patches/CVE-2009-46XX/security-issue05.patch: check classbook
    value
  - debian/patches/CVE-2009-46XX/security-issue06.patch: add checks for
    per-packet mode indexes and per-header mode mapping indexes
  - debian/patches/CVE-2009-46XX/security-issue07.patch: check masterbook
    index and subclass book index.
  - debian/patches/CVE-2009-46XX/security-issue08.patch: check
    res_setup->books
  - debian/patches/CVE-2009-46XX/security-issue09.patch: check
    begin/end/partition_size
  - debian/patches/CVE-2009-46XX/security-issue10.patch: check validity
    of channels & samplerate
  - debian/patches/CVE-2009-46XX/security-issue11.patch: fix book_idx
    check
  - debian/patches/CVE-2009-46XX/security-issue12.patch: sanity checks
    for magnitude and angle
  - debian/patches/CVE-2009-46XX/security-issue13.patch: fix = -> == typo
  - debian/patches/CVE-2009-46XX/security-issue14.patch: check dimensions
    against 0 too
  - debian/patches/CVE-2009-46XX/security-issue15.patch: fix
    init_get_bits() buffer size
  - debian/patches/CVE-2009-46XX/security-issue17.patch: make sure that
    all memory allocations succeed
  - debian/patches/CVE-2009-46XX/security-issue18.patch: fix possible
    buffer over-read in vorbis_comment
  - debian/patches/CVE-2009-46XX/security-issue19.patch: set data_size to
    0 to avoid having it uninitialized
  - debian/patches/CVE-2009-46XX/security-issue20.patch: disable parsing
    for ogg streams where no ogg header was found
  - debian/patches/CVE-2009-46XX/security-issue22.patch: check codec_id
    and codec_type, make sure priv_data is freed and codec is set to NULL
  - CVE-2009-4632
  - CVE-2009-4633
  - CVE-2009-4634
  - CVE-2009-4635
  - CVE-2009-4637
  - CVE-2009-4639
  - CVE-2009-4640

Author: Marc Deslauriers
Revision Date: 2010-04-08 09:13:16 UTC

* SECURITY UPDATE: Fix a multitude of security issues
  - debian/patches/CVE-2009-46XX/security-issue03.patch: check stream
    existence before assignment
  - debian/patches/CVE-2009-46XX/security-issue04.patch: check submap
    indexes
  - debian/patches/CVE-2009-46XX/security-issue05.patch: check classbook
    value
  - debian/patches/CVE-2009-46XX/security-issue06.patch: add checks for
    per-packet mode indexes and per-header mode mapping indexes
  - debian/patches/CVE-2009-46XX/security-issue07.patch: check masterbook
    index and subclass book index.
  - debian/patches/CVE-2009-46XX/security-issue08.patch: check
    res_setup->books
  - debian/patches/CVE-2009-46XX/security-issue09.patch: check
    begin/end/partition_size
  - debian/patches/CVE-2009-46XX/security-issue10.patch: check validity
    of channels & samplerate
  - debian/patches/CVE-2009-46XX/security-issue11.patch: fix book_idx
    check
  - debian/patches/CVE-2009-46XX/security-issue12.patch: sanity checks
    for magnitude and angle
  - debian/patches/CVE-2009-46XX/security-issue13.patch: fix = -> == typo
  - debian/patches/CVE-2009-46XX/security-issue14.patch: check dimensions
    against 0 too
  - debian/patches/CVE-2009-46XX/security-issue15.patch: fix
    init_get_bits() buffer size
  - debian/patches/CVE-2009-46XX/security-issue17.patch: make sure that
    all memory allocations succeed
  - debian/patches/CVE-2009-46XX/security-issue18.patch: fix possible
    buffer over-read in vorbis_comment
  - debian/patches/CVE-2009-46XX/security-issue19.patch: set data_size to
    0 to avoid having it uninitialized
  - debian/patches/CVE-2009-46XX/security-issue20.patch: disable parsing
    for ogg streams where no ogg header was found
  - debian/patches/CVE-2009-46XX/security-issue22.patch: check codec_id
    and codec_type, make sure priv_data is freed and codec is set to NULL
  - CVE-2009-4632
  - CVE-2009-4633
  - CVE-2009-4634
  - CVE-2009-4635
  - CVE-2009-4637
  - CVE-2009-4639
  - CVE-2009-4640

Author: Reinhard Tartler
Revision Date: 2009-07-25 09:15:12 UTC

* do not forcefully enable objenjpeg, it is not avaiable in this build
  anyway
* don't build against faac in any case, it is deemed non-free

Author: Reinhard Tartler
Revision Date: 2009-07-25 09:15:12 UTC

* do not forcefully enable objenjpeg, it is not avaiable in this build
  anyway
* don't build against faac in any case, it is deemed non-free

Author: Loïc Minier
Revision Date: 2009-04-10 21:34:29 UTC

vfp CFLAGS: add "-mfpu=vfp -mfloat-abi=softfp".

Author: Marc Deslauriers
Revision Date: 2009-03-13 11:30:05 UTC

* SECURITY UPDATE: denial of service via a malformed Ogg Media (OGM) file
  - debian/patches/100_security_CVE-2008-4610.diff: properly check return
    codes in libavcodec/vp3.c.
  - CVE-2008-4610
* SECURITY UPDATE: multiple buffer overflows in DTS generation code
  - debian/patches/101_security_CVE-2008-4866.diff: make sure delay is smaller
    than the maximum allowed in libavformat/utils.c and increase maximum
    allowed in libavformat/avformat.h.
  - CVE-2008-4866
* SECURITY UPDATE: buffer overflow caused by an incorrect DCA_MAX_FRAME_SIZE
  value
  - debian/patches/102_security_CVE-2008-4867.diff: set DCA_MAX_FRAME_SIZE to
    a correct value in libavcodec/dca.c.
  - CVE-2008-4867
* SECURITY UPDATE: arbitrary code execution via a malformed 4X movie file
  (LP: #323620)
  - debian/patches/103_security_CVE-2009-0385.diff: validate current_track
    value in libavformat/4xm.c.
  - CVE-2009-0385

Author: Reinhard Tartler
Revision Date: 2008-10-03 16:33:48 UTC

snatch patch from debian: enable ffserver in cmov, altivec and vis
variants. (Closes: #501002)