libvdpau versions 1.1 and earlier, when used in setuid or setgid applications, contain vulnerabilities related to environment variable handling that could allow an attacker to execute arbitrary code or overwrite arbitrary files. See CVE-2015-5198, CVE-2015-5199, and CVE-2015-5200 for more details. This release uses the secure_getenv() function, when available, to fix these problems. On platforms where secure_getenv() is not available, libvdpau will use a fallback implementation. If you use the NVIDIA .run installer packages, please see https://devtalk.nvidia.com/default/topic/873035 for additional information. This release also adds tracing of HEVC picture structures to libvdpau_trace.