Changes between 3.0.21 and 3.0.22:
----------------------------------
Core:
* Assume subpictures are in SDR by default
Windows:
* Add Windows ARM64 builds (Minimum Windows 10 RS5 17763 / 1809)
* Fix support for Windows XP SP3
* Allow renaming/moving/deleting of playing file on Windows
* Restrict SystemParametersInfo calls to Windows XP
Decoders:
* Fix Opus channel mapping
* Fix hardware decoding with VideoToolbox of XVID MPEG-4 video
* Add dav1d-all-layers option
* Fix DVD CEA-608 captions parsing
* Fix ProRes 4:4:4:4
* Disable decoding using libdca, libmpeg2 and liba52 by default in favor of libavcodec
Demuxers:
* Add support for DMX audio music (MUS) files
* Handle mkv-use-chapter-codec option
* Add A_ATRAC/AT1 support in matroska
* Prevent FLAC seeking logic get stuck
* Handle pictures in FLAC
* Fix VOB/AOB LPCM/MLP detection failing occasionally
* Cut QNap title on first invalid character
* Fix display of certain JPEG files
* Fix playback of very short ASF files (duration less than 1s)
* Multiple fixes in MPEG-TS
* Fix crashes in multiple demuxers (reported by rub.de, oss-fuzz and others)
Input:
* Fix SFTP seeking for large files on 32-bit OS
Interface:
* Qt: Add option to use dark palette
* Qt: Add compilation support for newer versions of Qt5
* Qt: Fix scrolling on volume slider
* macOS: fix crashes when drag'n drop items in the playlist
* KDE: fix MPRIS state when started from file
Service Discovery:
* UPnP: remove SAT>IP channel list fallback
Video Output:
* Use a better stretch mode in wingdi
* Fetch missing device information when running in UWP
Video Filter:
* Add AMD GPU Frame Rate Doubler (Direct3D11)
* Improve visualization of low frequencies in spectrogram
Contrib:
* Update amf to 1.4.34
* Update dav1d to 1.5.1
* Update FFmpeg to 4.4.5
* Update freetype to 2.13.1
* Update gettext to 0.22.5
* Update gcrypt to 1.10.1
* Update glew to 2.1.0
* Update gmp to 6.3.0
* Udpate gnutls to 3.8.10
* Update harfbuzz to 11.5.0
* Update iconv to 1.17
* Update libarchive to 3.8.0 including support for RAR 5.0
* Update libass to 0.17.3
* Update libbluray to 1.4.0
* Update libmatroska to 1.7.0
* Update libogg to 1.3.6
* Update libpng to 1.6.50
* Update libvpx to 1.15.2
* Update lua to 5.1.5
* Update openjpeg to 2.5.0
* Update orc to 0.4.33
* Update srt to 1.5.3
* Update taglib to 1.13.1
* Update zlib to 1.3.1
* and more 3rd party updates
* libmpeg2, libdca and liba52 are no longer build by default
* build ragel inside harfbuzz if necessary
Misc:
* gnutls: remove manual DH prime bits setting
* Avoid very large fonts in portrait mode
* Update of most translations
Many thanks to the Sovereign Tech Agency (
Home | Sovereign Tech Agency), and
especially their Sovereign Tech Fund program, for helping VLC sustainability and safety.
Thanks to oss-fuzz as well for their help and resources to find issues.
Thanks to their support, 3.0.22 becomes the VLC release with the most security fixes ever!
Security:
* Heap Buffer Overflow READ in TY, NSV, CVDsub, SPU, Subrip, TX3G, MPJEG demuxers and decoders
* Heap Buffer Overflow Write in RLE, MP4, TX3G demuxers and decoders
* Assert failure in AVI, MP4 demuxers and Core
* Null dereferences in CSS, Flac and VTT modules
* Use-after Free in SVG decoder
* Crash in Subtitles core, in jpeg2 inside TS
* Multiple crashes and OOB in CEA-708 subtitles
* OOB read on Oggspot, MP4
* Multiple leaks in MKV, ASF/WMV, CAF and PS demuxers, Ogg, Theora, Vorbis,
WebVTT and SVCD decoders
* Busy loop in WebVTT
(The list above is not exhaustive)
