This release includes the following changes:
o libssh2_session_set_last_error: Add function
o mac: Add support for HMAC-SHA-256 and HMAC-SHA-512
o WinCNG: support for SHA256/512 HMAC
o kex: Added diffie-hellman-group-exchange-sha256 support
o OS/400 crypto library QC3 support
This release includes the following security advisory:
o diffie_hellman_sha256: convert bytes to bits
CVE-2016-0787: http://www.libssh2.org/adv_20160223.html
This release includes the following bugfixes:
o SFTP: Increase speed and datasize in SFTP read
o openssl: make libssh2_sha1 return error code
o openssl: fix memleak in _libssh2_dsa_sha1_verify()
o cmake: include CMake files in the release tarballs
o Fix builds with Visual Studio 2015
o hostkey.c: Fix compiling error when OPENSSL_NO_MD5 is defined
o GNUmakefile: add support for LIBSSH2_LDFLAG_EXTRAS
o GNUmakefile: add -m64 CFLAGS when targeting mingw64
o kex: free server host key before allocating it (again)
o SCP: add libssh2_scp_recv2 to support large (> 2GB) files on windows
o channel: Detect bad usage of libssh2_channel_process_startup
o userauth: Fix off by one error when reading public key file
o kex: removed dupe entry from libssh2_kex_methods
o _libssh2_error: Support allocating the error message
o hostkey: fix invalid memory access if libssh2_dsa_new fails
o hostkey: align code path of ssh_rsa_init to ssh_dss_init
o libssh2.pc.in: fix the output of pkg-config --libs
o wincng: fixed possible memory leak in _libssh2_wincng_hash
o wincng: fixed _libssh2_wincng_hash_final return value
o add OpenSSL 1.1.0-pre2 compatibility
o agent_disconnect_unix: unset the agent fd after closing it
o sftp: stop reading when buffer is full
o sftp: Send at least one read request before reading
o sftp: Don't return EAGAIN if data was written to buffer
o sftp: Check read packet file offset
o configure: build "silent" if possible
o openssl: add OpenSSL 1.1.0-pre3-dev compatibility
o GNUmakefile: list system libs after user libs
The included patch from upstream fixes the issue described here:
https://bugreports.qt.io/browse/QTBUG-48321
The backing store of certain widgets was being improperly invalidated,
leading to display bugs in, e.g. VLC.
This patch is included in Qt 5.6, so we should remove it when we
upgrade.
This package was failing to build on wendy:
lt-linux-libnuma: linux-libnuma.c:70: main: Assertion `numa_bitmask_equal(bitmask, numa_all_nodes_ptr)' failed.
Since we shouldn't run tests that depend on the hardware
characteristics of the build machine, I've disabled these.
The glibc DNS client side resolver is vulnerable to a stack-based buffer
overflow when the getaddrinfo() library function is used. Software using
this function may be exploited with attacker-controlled domain names,
attacker-controlled DNS servers, or through a man-in-the-middle attack.
https://googleonlinesecurity.blogspot.co.uk/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html
Built and tested locally.
From the changelog:
```
Version 0.7.82, 2016-01-27
+ Matroska: CRC-32 validation
+ Matroska: support of padding/junk at the start of a segment
+ Matroska: trace is activated for all elements (but report is still
based on the first element met)
+ Matroska: add an intermediate level in the trace for the raw stream
parser
x FLV: potential infinite loop fixed
x #B966, DTS: DTS-HD HR 3840 not detected anymore
x AC-3: wrong sample rate with 32 kHz streams
x #B948, EBUCore 1.6: invalid output due to position of
containerEncoding element
x #B957, MPEG-7 output: No XML encoded value output
```
Some of the original URLs were broken now.
It seems that set of mirrors is preferred and faster than the others.
In the x264 case the source isn't there so http://download.videolan.org
is used instead.
It's the same as openalSoft (same package source and version). I suppose it
contained original Creative open-source OpenAL implementation some time ago, but
then it changed and nobody noticed. It's referenced nowhere, anyway.
