hi
I prepared a new version of MPlayer 1.0~rc1-13 ;
here is the discussion of the changelog;
item are in decreasing order of importance
I also divided the changes in two families:
* typical sid -> etch stuff (RC bugs, "it crashes" bugs, I18N)
* other stuff
********* changelog
****** typical sid -> etch stuff
---- grave
* fix for CVE-2007-1246 and similar (Closes: #414075)
thanks Kees Cook & Moritz Jodeitand & R Togni
patches for files
loader/dmo/DMO_VideoDecoder.c from SVN 22204
loader/dshow/DS_VideoDecoder.c from SVN 22205
this bug was marked as "grave" because of its possible
security implications (it was also fixed in xine-lib)
(not there are any exploits around, AFAIK)
---- important
* patch for ia64 unaligned access crash,
thanks to Bryan Stillwell for debugging &
Reimar Döffinger for the patch (Closes: #409431).
(this was confirmed to solve the problem)
---- i18n
* [INTL] Japanese po-debconf templates translation,
thanks to Kobayashi Noritada (Closes: #413120).
* [INTL] Dutch po-debconf translation, thanks cobaco (Closes: #413880)
* [INTL] Russian po-debconf translation, thanks Yuri Kozlov (Closes: #414251)
---- some typo corrected
* [INTL] fix small typo in English template, thanks cobaco (closes: #412393)
* [INTL] devices.html -> video.html , thanks cobaco (closes: #412392)
* [INTL] ~/.mplayer/mplayer.conf -> ~/.mplayer/config ,
thanks Jacobo Tarrio (closes: #408055)
(note that in the "real" changelog, I misstyped the bug numbers :->
Kobayashi Noritada closed them "by hand" later on)
(I also claimed in the changelog that I solved
* [INTL] True Type -> TrueType , thanks cobaco (closes: #412394)
but then I found another "True Type" around :-( )
******* extra stuff
* mplayer-doc: add doc-base documentation indexes,
thanks to Martintxo (Closes: #405945).
-----
the script binary_codecs.sh had many bugs; I had prepared
a new one, that solves
* binary_codecs.sh: check MD5 on downloaded stuff (Closes: #405371).
* binary_codecs.sh: check if bzip2 is there, and bail out
graciously otherwise; if untarring fails, allow for retry.
Fixes "binary_codecs.sh doesn't install already downloaded codecs",
thanks to Ingo Bressler for problem analysis (Closes: #413063).
* binary_codecs.sh: do not use fping (my code lost part of URLs) (closes: #399144)
* binary_codecs.sh: warn that essential-ppc codecs need libstdc++5, thanks to
Bin Zhang (Closes: #404473) for pointing out.
I tested it a few times, it seems OK
(anyway, this script is just an extra gadget (an helper to install
binary codecs)... it is not used at install time, or invoked by the
'mplayer' binary etc etc)
---- no-big-deal stuff
* enable smb:// support (Closes: #412079).
* mplayer.postinst: when vo=x11 or vo=fbdev, zoom=1 is set as well,
thanks to Robert Millan (Closes: #412252).
---- my favourite patch :-)
* -stop-xscreensaver option disables gnome-screensaver as well
(but only if cursor is inside mplayer window) , thanks Adam Tlałka
and Reimar Döffinger (Closes: #404975).
this is an annoying problem that was bugging me as well ; I had read
many proposed solutions in mplayer-dev-eng ; I had cooked up a simple
least-intrusive patch to solve it; I was testing it when the CVE-related
bug was notified.
******** Conclusions
All in all, this new version fixes 16 bugs (on a total of ~ 40)...
so it is a good jump in package quality.
All bugs&patches (but the last one) in the the "extra stuff" section
do not affect the core code, so they are safe to be sent into
Etch ; the last one had me undecided for two days (during which
I did many tests) and then I decided that it seemed safe enough
to be included
(and, btw: the option -stop-xscreensaver is not the default:
many people will never really exercise the new code)
---
Oh, an important reminder: if you look at the interdiff, ignore
anything in debian/patches : those files are there for documentation
and future reference, but are not automatically applied or removed at
build time (I plan to do this after Etch is released)
a.
--
Andrea Mennucc
"The EULA sounds like it was written by a team of lawyers who want to tell
me what I can't do, and the GPL sounds like it was written by a human
being who wants me to know what I can do."
Anonymous, http://www.securityfocus.com/columnists/420
Attachment:
signature.asc
Description: Digital signature