[videolan-announce] VLC media player 1.0.6 source
Rémi Denis-Courmont
rem at videolan.org
Fri Apr 23 09:23:40 CEST 2010
Dear subscribers,
The VLC development team is proud to introduce a new version of its
'Goldeneye' branch. This release bridges the gap between version 1.0.5
and the upcoming 1.1.0 VLC release. It fixes several vulnerabilities
which were uncovered during the development of VLC 1.1.0. It also
introduces a number of additional stability and other fixes.
Binaries for Windows and Mac OS are not yet on the pipe.
The full change list is below.
Best regards,
Summary changes:
----------------
Access:
* Fix crash on FTP URI with no file path
Decoders/Packetizers:
* Fix overflows in A/52, DTS, MPEG Audio and subtitles support
Demuxers:
* Update LUA script for Youtube pages
* Fix crashes in AVI, ASF and Matroska files
* Fix crashes on malformatted ZIP archives
* Fix crashes and leaks in the FFmpeg/avformat plugin
* Fix crash on invalid XSPF playlist
X11 port:
* Partial Xlib threading fixes
More complete fixes are available in VLC 1.1.0. Please update!
Interfaces:
* Fix crash (use after free) in Qt4 bookmarks
* Fix a few crashes in Qt4 playlist
Translations:
* Simplified Chinese, Estonian, French, Japanese, Korean, Spanish, Swedish
and Walloon translations updated
* Sinhala translation started
Removed modules:
* RTMP input and output are removed due to security problems. Please
update
to VLC 1.1.0 which provides an FFmpeg-based RTMP input if needed.
Detailed changes:
-----------------
Christophe Mutricy (2):
RTMP: Don't trust the length given by the stream
Avoid integer overflow
David González (3):
l10n: Spanish update
l10n: Spanish update
l10n: nsis spanish update
Dean Lee (2):
l10n: Chinese update
l10n: Chinese update
Erwan Tulou (1):
demux(avi): fix crash occuring when trying to open some avi files
Felix Paul Kühne (6):
contribs: use package 23 for the 1.0.5 release on OS X
contribs: updated binary package with proper libass
contribs: updated contrib package for Mac OS X including the recent
x264,
libdvdcss and ffmpeg
changes
Updated Swedish translation by Daniel Nylander
French l10n: fixed typo
contribs: updated to latest binary package for OS X
Francois Cartegnie (1):
Fix segfault in preparser
Fumio Nakayama (2):
l10n: Japanese update
l10n: Japanese translation for .desktop
Gaëtan Rousseaux (1):
l10n: Walloon update
H.Shalitha Vikum (1):
l10n: Initial Sinhala translation
Ilkka Ollakka (2):
x264.c: handle dts/pts from libx264 on X264_BUILD >= 83 onward
x264.c: compile fix
Jakob Leben (2):
Qt: fix deleting playlist items by key press
Playlist: fix faulty duration sorting due to integer overflow
Jean-Baptiste Kempf (2):
On the road again to 1.0.6
Fix typo copy-pasting
Laurent Aimar (17):
Fixed invalid accesses in decoder with corrupted subtitles streams.
Fixed memleak if no data are read or poke (zip).
Cosmetics (zip).
Fixed read(NULL, size) in zipstream.
Fixed segfault with corrupted zip file.
Simplified and fixed mmst/u pausing (close #2673).
Fixed an assert with still frame in dvdnav.
Fixed a few memleaks in AVI demuxer.
Fixed segfault with corrupted AVI ODML index.
Fixed signed integer overflow when loading AVI ODML index.
Fixed division by 0 with invalid files in avformat wrapper.
Fixed invalid read in ASF_ReadObject_Index (asf).
Cosmetics.
Fixed segfault when seeking in ASF with broken index.
Fixed segfault with corrupted mkv files with compressed data.
Fixed segfault with incomplete mkv files.
Prevent a potential integer overflow (mkv).
Mihkel (1):
l10n: Estonian update
Pierre Ynard (2):
rtp sout: fix DCCP socket leak
lua: update the youtube script to the new version of their website
(cherry picked from
commit eda3dd800526984cd54024f72a0c69a3446eb333)
Ricardo Pérez López (1):
.desktop Spanish translation
Rémi Denis-Courmont (37):
XSPF export: XML-encode the location
fr: improve translation of "dump"
RTP out: fix race condition in SDP generation from RTSP DESCRIBE
Missing initializer (cherry picked from commit
5c89f557dd29eb3d2c268edbd29ec718de989e12)
UIs: call XInitThreads if using X11
ParseExecute: robustify and cleanup
Distribute and install the CUE parser
FTP: handle ftp://HOST correctly
Typo, use after free (fixes: #3372)
XSPF: fix NULL dereference on empty <location>
MSN: fix assertion (fixes #2930)
Cosmetic
Qt4: bookmarks: don't give an anonymous temporary object to qtu
dvdnav: fix race between still image timeout and other interaction
Fixed potential memleaks in avformat wrapper.
On the way to 1.0.6
Pulse: uses Xlib, needs XInitThreads()
Call XInitThreads in non-1.1 Xlib-dependent plugins
RTMP: totally broken, disabled for the time being
Disable A52, DTS and MPEG Audio dummy decoder plugins
News for 1.0.6
Fixed potential segfault with corrupted streams (audio codecs).
Avoid warnings
Happy new year *cough* *cough*
Win32: handle WSAEINTR correctly, should fix #3101
Revert "Avoid warnings"
Restore liba52 and libdca functionality
Fix A/52 decoding when liba52 is not present
Mostly restore libmad functionality
Update NEWS
vlc_readdir: thread-safety fix
skins: use readdir_r() instead of readdir() (cherry picked from
commit
4bf419574b51ced5dea893f9e247fe38a2a0d163)
Bump libvlccore revision
NAME_MAX requires <limits.h> (cherry picked from commit
1bad2ec163eaee9bcbf9402494bc3355bf3e3006)
build the static VLC binary with $(make core) (cherry picked from
commit
f1a2b56f7efc2530e76d9b5b203328fefe536c7d)
live555: fix use-after-free in TCP rollover on MS-RTSP (cherry
picked
from commit
3725a9efb8dc096397b34331ff4bfbc01bc45405)
Sync PO files
Rémi Duraffort (8):
Typo. (cherry picked from commit
252c9d11a2dfd168cd9186eeaa880d206d5c97d7)
growl: fix pontential use after free (var_delcallbacl called to
late).
(cherry picked from
commit 0c33ffc1b394a41b099dbc7e949ba705d8d44e54)
Growl: cosmetics. (cherry picked from commit
ed6f4ee4beb8dc649bc561fd450800581f7c0132)
Growl: fix bad memset. (cherry picked from commit
7b7d26d88a500582c22f47a8c5e6d001967dd491)
Grow: fix crash when the password is NULL. (cherry picked from
commit
5ef889a45334e524519e976d7a7ff80679b614f8)
growl: fix a buffer overflow. (cherry picked from commit
6af8bf05b784b6dc9743c8f353ef187d41f1fe7e)
Growl: fix a second buffer overflow. (cherry picked from commit
49f13e0e08beffc1d44ceb356d6e8c027119f41e)
Growl: cosmetics. (cherry picked from commit
1f3432f3c21a72734a9db4029ce6541bcad34f76)
airplanez (2):
l10n: Korean update
l10n: Korean update
Éric Lassauge (1):
l10n: French update
--
Rémi Denis-Courmont
--
Rémi Denis-Courmont
http://www.remlab.net
http://fi.linkedin.com/in/remidenis
More information about the videolan-announce
mailing list