Source release 16.3.0

CHANGELOG.md

@@ -2,6 +2,60 @@
 
 [TOC]
 
+## 16.3.0 (2020-07-24)
+
+Features:
+  - CE CDM 16.3.0 updates the included version of OEMCrypto and its tests to
+    v16.3. CE CDM 16.3.0 *requires* OEMCrypto v16.3 or later. Widevine will not
+    be supporting OEMCrypto v16.2 any longer. Upgrading to CE CDM 16.3.0 and
+    OEMCrypto v16.3 is required for all partners using the 16.x release series.
+    - OEMCrypto v16.3 includes several updates to the ODK code. Don't forget to
+      update your OEMCrypto integrations.
+  - The algorithms that drive the usage tables in the CE CDM are more robust,
+    particularly in cases involving deleting entries and/or the table becoming
+    fragmented.
+
+Bugfixes:
+  - Fixed a `validate_nonce` error when using `load_refresh_keys` with certain
+    license services.
+  - Fixed an issue where clear subsamples that don't make up a full sample might
+    be accepted when the later encrypted subsamples would be rejected.
+  - Fixed an issue preventing `device_files.cpp` from compiling with certain C++
+    STL implementations.
+  - Fixed an issue where nonce-free offline licenses (such as those used by
+    ATSC 3.0) would fail to load in the v16 ODK.
+  - Fixed issues where compiling with recent GCC releases and with stringent
+    warning checks enabled would trigger warnings that were treated as errors,
+    failing compilation.
+  - Fixed an issue where the OEMCrypto tests were deriving keys too eagerly,
+    causing OEMCrypto implementations with very strict state-progression checks
+    to fail.
+  - Fixed an issue that was causing the following tests to fail when used with
+    recent license service builds:
+    - `CdmTest.RemoveUsageRecord`
+    - `CdmTest.RemoveThreeUsageRecords`
+    - `CdmTest.RemoveIncomplete`
+    - `CdmTest.RemoveUsageRecordIncomplete`
+    - `CdmRemoveTest/CdmTestWithRemoveParam.Remove/false, where GetParam() = false`
+    - `CdmRemoveTest/CdmTestWithRemoveParam.Remove/true, where GetParam() = true`
+  - Fixed an issue with accessing the usage table when OEMCrypto had reached the
+    maximum number of open sessions.
+  - Fixed an error that could occur if an offline license's file persisted after
+    its usage entry had been removed.
+  - Fixed a buffer overrun in the test code.
+  - Fixed a memory leak in the test code.
+  - Fixed a buffer overrun in the OEMCrypto Reference implementation. We will again
+    remind you that the OEMCrypto Reference implementation is *not* intended for production use.
+  - The test `DecryptNoAnalogToClearAPI13` was no longer valid and has been
+    removed.
+  - Fixed an issue where offline licenses with a rental duration and no PST
+    would instantly expire because they were treated as having been rented
+    in 1970.
+  - Fixed a rare issue that could occur with Device IDs between 33 and 64 bytes
+    long, inclusive.
+  - The CE CDM now correctly handles the case when OEMCrypto reports an
+    unlimited usage table capacity.
+
 ## 16.2.0 (2020-04-10)
 
 **Note:** CE CDM 16.2.0 is the first release of the CE CDM 16 series. It is