-
Notifications
You must be signed in to change notification settings - Fork 3
/
CHANGES
185 lines (151 loc) · 7.21 KB
/
CHANGES
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
libvorbis 1.3.7 (2020-07-04) -- "Xiph.Org libVorbis I 20200704 (Reducing Environment)"
* Fix CVE-2018-10393 - out-of-bounds read encoding very low sample rates.
* Fix CVE-2017-14160 - out-of-bounds read encoding very low sample rates.
* Fix CVE-2018-10392 - out-of-bounds access encoding invalid channel count.
* Fix handling invalid bytes per sample arguments.
* Fix handling invalid channel count arguments.
* Fix invalid free on seek failure.
* Fix negative shift reading blocksize.
* Fix accepting unreasonable float32 values.
* Fix tag comparison depending on locale.
* Fix unnecessarily linking libm.
* Fix memory leak in test_sharedbook.
* Update Visual Studio projects for ogg library filename change.
* Distribute CMake build files with the source package.
* Remove unnecessary configure --target switch.
* Add gitlab CI support.
* Add OSS-Fuzz support.
* Build system and integration updates.
libvorbis 1.3.6 (2018-03-16) -- "Xiph.Org libVorbis I 20180316 (Now 100% fewer shells)"
* Fix CVE-2018-5146 - out-of-bounds write on codebook decoding.
* Fix CVE-2017-14632 - free() on unitialized data
* Fix CVE-2017-14633 - out-of-bounds read
* Fix bitrate metadata parsing.
* Fix out-of-bounds read in codebook parsing.
* Fix residue vector size in Vorbis I spec.
* Appveyor support
* Travis CI support
* Add secondary CMake build system.
* Build system fixes
libvorbis 1.3.5 (2015-03-03) -- "Xiph.Org libVorbis I 20150105 (⛄⛄⛄⛄)"
* Tolerate single-entry codebooks.
* Fix decoder crash with invalid input.
* Fix encoder crash with non-positive sample rates.
# Fix issues in vorbisfile's seek bisection code.
* Spec errata.
* Reject multiple headers of the same type.
* Various build fixes and code cleanup.
libvorbis 1.3.4 (2014-01-22) -- "Xiph.Org libVorbis I 20140122 (Turpakäräjiin)"
* Reduce codebook footprint in library code.
* Various build and documentation fixes.
libvorbis 1.3.3 (2012-02-03) -- "Xiph.Org libVorbis I 20120203 (Omnipresent)"
* vorbis: additional proofing against invalid/malicious
streams in decode (see SVN for details).
* vorbis: fix a memory leak in vorbis_commentheader_out().
* updates, corrections and clarifications in the Vorbis I specification
document
* win32: fixed project configuration which referenced two CRT versions
in output binaries.
* build warning fixes
libvorbis 1.3.2 (2010-11-01) -- "Xiph.Org libVorbis I 20101101 (Schaufenugget)"
* vorbis: additional proofing against invalid/malicious
streams in floor, residue, and bos/eos packet trimming
code (see SVN for details).
* vorbis: Added programming documentation tree for the
low-level calls
* vorbisfile: Correct handling of serial numbers array
element [0] on non-seekable streams
* vorbisenc: Back out an [old] AoTuV HF weighting that was
first enabled in 1.3.0; there are a few samples where I
really don't like the effect it causes.
* vorbis: return correct timestamp for granule positions
with high bit set.
* vorbisfile: the [undocumented] half-rate decode api made no
attempt to keep the pcm offset tracking consistent in seeks.
Fix and add a testing mode to seeking_example.c to torture
test seeking in halfrate mode. Also remove requirement that
halfrate mode only work with seekable files.
* vorbisfile: Fix a chaining bug in raw_seeks where seeking
out of the current link would fail due to not
reinitializing the decode machinery.
* vorbisfile: improve seeking strategy. Reduces the
necessary number of seek callbacks in an open or seek
operation by well over 2/3.
libvorbis 1.3.1 (2010-02-26) -- "Xiph.Org libVorbis I 20100325 (Everywhere)"
* tweak + minor arithmetic fix in floor1 fit
* revert noise norm to conservative 1.2.3 behavior pending
more listening testing
libvorbis 1.3.0 (2010-02-25) -- unreleased staging snapshot
* Optimized surround support for 5.1 encoding at 44.1/48kHz
* Added encoder control call to disable channel coupling
* Correct an overflow bug in very low-bitrate encoding on 32 bit
machines that caused inflated bitrates
* Numerous API hardening, leak and build fixes
* Correct bug in 22kHz compand setup that could cause a crash
* Correct bug in 16kHz codebooks that could cause unstable pure
tones at high bitrates
libvorbis 1.2.3 (2009-07-09) -- "Xiph.Org libVorbis I 20090709"
* correct a vorbisfile bug that prevented proper playback of
Vorbis files where all audio in a logical stream is in a
single page
* Additional decode setup hardening against malicious streams
* Add 'OV_EXCLUDE_STATIC_CALLBACKS' define for developers who
wish to avoid unused symbol warnings from the static callbacks
defined in vorbisfile.h
libvorbis 1.2.2 (2009-06-24) -- "Xiph.Org libVorbis I 20090624"
* define VENDOR and ENCODER strings
* seek correctly in files bigger than 2 GB (Windows)
* fix regression from CVE-2008-1420; 1.0b1 files work again
* mark all tables as constant to reduce memory occupation
* additional decoder hardening against malicious streams
* substantially reduce amount of seeking performed by Vorbisfile
* Multichannel decode bugfix
* build system updates
* minor specification clarifications/fixes
libvorbis 1.2.1 (unreleased) -- "Xiph.Org libVorbis I 20080501"
* Improved robustness with corrupt streams.
* New ov_read_filter() vorbisfile call allows filtering decoded
audio as floats before converting to integer samples.
* Fix an encoder bug with multichannel streams.
* Replaced RTP payload format draft with RFC 5215.
* Bare bones self test under 'make check'.
* Fix a problem encoding some streams between 14 and 28 kHz.
* Fix a numerical instability in the edge extrapolation filter.
* Build system improvements.
* Specification correction.
libvorbis 1.2.0 (2007-07-25) -- "Xiph.Org libVorbis I 20070622"
* new ov_fopen() convenience call that avoids the common
stdio conflicts with ov_open() and MSVC runtimes.
* libvorbisfile now handles multiplexed streams
* improve robustness to corrupt input streams
* fix a minor encoder bug
* updated RTP draft
* build system updates
* minor corrections to the specification
libvorbis 1.1.2 (2005-11-27) -- "Xiph.Org libVorbis I 20050304"
* fix a serious encoder bug with gcc 4 optimized builds
* documentation and spec fixes
* updated VS2003 and XCode builds
* new draft RTP encapsulation spec
libvorbis 1.1.1 (2005-06-27) -- "Xiph.Org libVorbis I 20050304"
* bug fix to the bitrate management encoder interface
* bug fix to properly set packetno field in the encoder
* new draft RTP encapsulation spec
* library API documentation improvements
libvorbis 1.1.0 (2004-09-22) -- "Xiph.Org libVorbis I 20040629"
* merges tuning improvements from Aoyumi's aoTuV with fixups
* new managed bitrate (CBR) mode support
* new vorbis_encoder_ctl() interface
* extensive documentation updates
* application/ogg mimetype is now official
* autotools cleanup from Thomas Vander Stichele
* SymbianOS build support from Colin Ward at CSIRO
* various bugfixes
* various packaging improvements
libvorbis 1.0.1 (2003-11-17) -- "Xiph.Org libVorbis I 20030909"
* numerous bug fixes
* specification corrections
* new crosslap and halfrate APIs for game use
* packaging and build updates
libvorbis 1.0.0 (2002-07-19) -- "Xiph.Org libVorbis I 20020717"
* first stable release