- Heap overflow in Quicktime atom parsing. (CVE-2008-5234 vector 1)
- Multiple buffer overflows. (CVE-2008-5236)
- Multiple integer overflows. (CVE-2008-5237)
- Unchecked read function results. (CVE-2008-5239)
- Unchecked malloc using untrusted values. (CVE-2008-5240 vectors 3 & 4)
- Buffer indexing using an untrusted value. (CVE-2008-5243)
- Clean up the Makefile
- Enable the Xv motion compensation support
- Remove the JACK sound support
- Remove the now unnecessary multi-packaging
- Remove an unnecessary patch for the Sun sound code
- Comment out some files in the PLIST that do not pertain to OpenBSD
- Add WavPack support
from Brad (taking MAINTAINER).
This release contains a security fix (buffer overflow in the NSF demuxer,
CVE-2008-1878). There are also a few bug fixes, and a new JACK output
plugin.
ok jakemsr@
- use some CONFIGURE_ENV instead of patching
- rearrange/update CONFIGURE_ARGS
- many patches no longer relevant
- add CD audio support
input, tetsing and prodding from brad@
