[FFmpeg-cvslog] [ffmpeg-web] branch master updated. 8704d12 web/security: add CVEs to 2.5, 2.4.4, 2.3.5, 2.1.6
gitolite
ffmpeg-cvslog at ffmpeg.org
Mon Dec 8 14:53:31 CET 2014
The branch, master has been updated
via 8704d1247627a085cc7cd339a5a19e1cbc16e06c (commit)
from 5e6ad7e618b59b6500ae171ee5f8297f2aa227f9 (commit)
- Log -----------------------------------------------------------------
commit 8704d1247627a085cc7cd339a5a19e1cbc16e06c
Author: Michael Niedermayer <michaelni at gmx.at>
AuthorDate: Mon Dec 8 14:48:29 2014 +0100
Commit: Michael Niedermayer <michaelni at gmx.at>
CommitDate: Mon Dec 8 14:49:51 2014 +0100
web/security: add CVEs to 2.5, 2.4.4, 2.3.5, 2.1.6
Signed-off-by: Michael Niedermayer <michaelni at gmx.at>
diff --git a/src/security b/src/security
index 16d0040..6d68fb8 100644
--- a/src/security
+++ b/src/security
@@ -1,7 +1,40 @@
<p>Please report vulnerabilities to <a href="mailto:ffmpeg-security at ffmpeg.org">ffmpeg-security at ffmpeg.org</a></p>
+<h2>FFmpeg 2.5</h2>
+
+<h3>2.5</h2>
+<p>
+Fixes following vulnerabilities:
+</p>
+<pre>
+CVE-2014-8541, 5c378d6a6df8243f06c87962b873bd563e58cd39
+CVE-2014-8542, 105654e376a736d243aef4a1d121abebce912e6b
+CVE-2014-8543, 8b0e96e1f21b761ca15dbb470cd619a1ebf86c3e
+CVE-2014-8544, e1c0cfaa419aa5d320540d5a1b3f8fd9b82ab7e5
+CVE-2014-8545, 3e2b745020c2dbf0201fe7df3dad9e7e0b2e1bb6
+CVE-2014-8546, e7e5114c506957f40aafd794e06de1a7e341e9d5
+CVE-2014-8547, 8f1457864be8fb9653643519dea1c6492f1dde57
+CVE-2014-8548, c727401aa9d62335e89d118a5b4e202edf39d905
+CVE-2014-8549, 550f3e9df3410b3dd975e590042c0d83e20a8da3
+CVE-2014-9316, 0eecf40935b22644e6cd74c586057237ecfd6844
+CVE-2014-9317, 79ceaf827be0b070675d4cd0a55c3386542defd8
+CVE-2014-9318, 1d3a3b9f8907625b361420d48fe05716859620ff
+CVE-2014-9319, ea38e5a6b75706477898eb1e6582d667dbb9946c
+</pre>
+
<h2>FFmpeg 2.4</h2>
+<h3>2.4.4</h2>
+<p>
+Fixes following vulnerabilities:
+</p>
+<pre>
+CVE-2014-9316, 8524009161b0430ba961a4e6fcd8125a695edd7c / 0eecf40935b22644e6cd74c586057237ecfd6844
+CVE-2014-9317, f2595a6c38eeed80cd228c5db142873c95f6b4d3 / 79ceaf827be0b070675d4cd0a55c3386542defd8
+CVE-2014-9318, 12e064d6c2ae66bd501872ab4fc2033588419f85 / 1d3a3b9f8907625b361420d48fe05716859620ff
+CVE-2014-9319, 4b8f3c5bf34e517f8a50c5b5152985b8ef725c6b / ea38e5a6b75706477898eb1e6582d667dbb9946c
+</pre>
+
<h3>2.4.2</h2>
<p>
Fixes following vulnerabilities:
@@ -20,6 +53,21 @@ CVE-2014-8549, 84d26ab6eb07e22ad6ffcd8109ca1d1a0cd57bce / 550f3e9df3410b3dd975e5
<h2>FFmpeg 2.3</h2>
+<h3>2.3.5</h3>
+<p>
+Fixes following vulnerabilities:
+</p>
+<pre>
+CVE-2014-8542, e2c5f88237e74694c56a5954e579de055166f9c6 / 105654e376a736d243aef4a1d121abebce912e6b
+CVE-2014-8543, 01817d508ba59246f203b9299a3cab13d0a78145 / 8b0e96e1f21b761ca15dbb470cd619a1ebf86c3e
+CVE-2014-8544, c3af801c63024c2fcd7a5fbb571b6f8a9c9790dc / e1c0cfaa419aa5d320540d5a1b3f8fd9b82ab7e5
+CVE-2014-8545, 433e15bb873f7ba54d8895de7e74c43205551084 / 3e2b745020c2dbf0201fe7df3dad9e7e0b2e1bb6
+CVE-2014-8546, 693faadd30c569d772cae2c6702895745348c5bd / e7e5114c506957f40aafd794e06de1a7e341e9d5
+CVE-2014-8547, 6fb9bfb1a356aa4f711e7c45bbf79eaa18e4d522 / 8f1457864be8fb9653643519dea1c6492f1dde57
+CVE-2014-8548, 1ac4ae2a32d16c97792f40df660cd8c4a9e049b2 / c727401aa9d62335e89d118a5b4e202edf39d905
+CVE-2014-8549, 5f7e48a113918b59b50b88a80ee0c0dfc39b6fab / 550f3e9df3410b3dd975e590042c0d83e20a8da3
+</pre>
+
<h3>2.3.4</h3>
<p>
Fixes following vulnerabilities:
@@ -101,6 +149,28 @@ CVE-2014-2097, f58eab151214d2d35ff0973f2b3e51c5eb372da4
<h2>FFmpeg 2.1</h2>
+<h3>2.1.6</h3>
+<p>
+Fixes following vulnerabilities:
+</p>
+<pre>
+</pre>
+CVE-2014-5271, 92096acc0a04c108f0393c78592269b748170d0a / 52b81ff4635c077b2bc8b8d3637d933b6629d803
+CVE-2014-5272, f405267493c8baf900195bf7989f371b861041f6 / 3539d6c63a16e1b2874bb037a86f317449c58770
+CVE-2014-8541, 9ec550c364835caaa928c361d009b75f25d774a9 / 5c378d6a6df8243f06c87962b873bd563e58cd39
+CVE-2014-8542, b5298c464f0519b1f7e51f4513021fd004486543 / 105654e376a736d243aef4a1d121abebce912e6b
+CVE-2014-8543, ce9d497755fd3a8a03221ddf3e7624630c3a14c0 / 8b0e96e1f21b761ca15dbb470cd619a1ebf86c3e
+CVE-2014-8544, ceb9d67a0ad1a4076ef349c8756ce8b732d03a34 / e1c0cfaa419aa5d320540d5a1b3f8fd9b82ab7e5
+CVE-2014-8545, 5d852f338d5b7f57126666ba8f8f27b02597686f / 3e2b745020c2dbf0201fe7df3dad9e7e0b2e1bb6
+CVE-2014-8546, 96357894ff9ac019edced85d51cf4a509c12116c / e7e5114c506957f40aafd794e06de1a7e341e9d5
+CVE-2014-8547, 05d7e92e4fdd04fd67ff23d931efcb02f4f4d0de / 8f1457864be8fb9653643519dea1c6492f1dde57
+CVE-2014-8548, bf2605c35610e76bb83175407927ffca226dd6fd / c727401aa9d62335e89d118a5b4e202edf39d905
+CVE-2014-9316, b4ce4f94e781af9d41e557aca3f393bfb93a79cc / 0eecf40935b22644e6cd74c586057237ecfd6844
+CVE-2014-9317, ef8fbb4878dc8059f17b9ba4ab882bcc706a58c3 / 79ceaf827be0b070675d4cd0a55c3386542defd8
+CVE-2014-9318, 6212758c075775a9f3e5eedfa09613a1ec984424 / 1d3a3b9f8907625b361420d48fe05716859620ff
+CVE-2014-9319, 35cfb99c15ddfbeae1f2f702091a7b8122c2d514 / ea38e5a6b75706477898eb1e6582d667dbb9946c
+</pre>
+
<h3>2.1.5</h3>
<p>
Fixes following vulnerabilities:
-----------------------------------------------------------------------
Summary of changes:
src/security | 70 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 70 insertions(+), 0 deletions(-)
hooks/post-receive
--
More information about the ffmpeg-cvslog
mailing list