Merge remote-tracking branch 'qatar/release/0.6' into release/0.6

* qatar/release/0.6:
  Release notes for 0.6.6
  Update changelog for 0.6.6 release

Merged-by: Michael Niedermayer <michaelni@gmx.at>

2 files changed, 53 insertions, 0 deletions

diff --git a/Changelog b/Changelog
index a3fa790211..6f753216f5 100644
--- a/Changelog
+++ b/Changelog
@@ -1,6 +1,41 @@
 Entries are sorted chronologically from oldest to youngest within each release,
 releases are sorted from youngest to oldest.
 
+version 0.6.6:
+- id3v2: fix skipping extended header in id3v2.4
+- nsvdec: Fix use of uninitialized streams
+- nsvdec: Be more careful with av_malloc()
+- nsvdec: Propagate errors
+- dv: check stype
+- dv: Fix null pointer dereference due to ach=0
+- dv: Fix small stack overread related to CVE-2011-3929 and CVE-2011-3936.
+- atrac3: Fix crash in tonal component decoding
+- mjpegbdec: Fix overflow in SOS
+- kgv1dec: Increase offsets array size so it is large enough
+- motionpixels: decode only the 111 complete frames for fate
+- motionpixels: Clip YUV values after applying a gradient
+- celp filters: Do not read earlier than the start of the 'out' vector
+- vqavideo: return error if image size is not a multiple of block size (CVE-2012-0947)
+- dpcm: ignore extra unpaired bytes in stereo streams (CVE-2011-3951)
+- aacsbr: prevent out of bounds memcpy() (CVE-2012-0850)
+- h264: Add check for invalid chroma_format_idc (CVE-2012-0851)
+- adpcm: ADPCM Electronic Arts has always two channels (CVE-2012-0852)
+- shorten: remove VLA and check for buffer overflow
+- shorten: Prevent block size from increasing
+- shorten: Fix out of bound writes in fix_bitshift()
+- shorten: check for realloc failure (CVE-2012-0858)
+- shorten: Use separate pointers for the allocated memory for decoded samples (CVE-2012-0858)
+- kmvc: Check palsize (CVE-2011-3952)
+- qdm2: clip array indices returned by qdm2_get_vlc()
+- configure: properly check for mingw-w64 through installed headers
+- mingw32: properly check if vfw capture is supported by the system headers
+- mingw32: merge checks for mingw-w64 and mingw32-runtime >= 3.15 into one
+- dxva2: define required feature selection macros
+- png: check bit depth for PAL8/Y400A pixel formats
+- ea: check chunk_size for validity
+- tqi: Pass errors from the MB decoder
+
+
 version 0.6.5:
 - vorbis: An additional defense in the Vorbis codec. (CVE-2011-3895)
 - vorbisdec: Fix decoding bug with channel handling.
diff --git a/RELEASE b/RELEASE
index cd18270ca4..746ddb480e 100644
--- a/RELEASE
+++ b/RELEASE
@@ -192,3 +192,21 @@ demuxer (CVE-2011-3893 and CVE-2011-3895).
 Distributors and system integrators are encouraged
 to update and share their patches against this branch.  For a full list
 of changes please see the Changelog file.
+
+
+* 0.6.6
+
+General notes
+-------------
+
+This mostly maintenance-only release that addresses a number a number of
+bugs such as security and compilation issues that have been brought to
+our attention. Among other fixes, this release features includes
+security updates for the, DV decoder (CVE-2011-3929 and CVE-2011-3936),
+VQA Video Decoder (CVE-2012-0947), DPCM codecs (CVE-2011-3951), AAC SBR
+(CVE-2012-0850), H.264 (CVE-2012-0851), ADPCM (CVE-2012-0852), Shorten
+(CVE-2012-0858), and the KMVC decoder (CVE-2011-3952).
+
+Distributors and system integrators are encouraged
+to update and share their patches against this branch.  For a full list
+of changes please see the Changelog file or the git commit history.