[FFmpeg-cvslog] [ffmpeg-web] branch master updated. 639b5a1 web/security: add some missing CVEs

gitolite ffmpeg-cvslog at ffmpeg.org
Thu Mar 13 00:42:56 CET 2014


The branch, master has been updated
       via  639b5a1390d1df2b7acc64034831dd237cd2ec7b (commit)
       via  ad92fbcdad04f4104071f81277733a1fa521abe8 (commit)
       via  e4152c4fd0e52f85dffdba1773ffdaf382acfa44 (commit)
      from  49f7722fcc031137b00d4ded84ecfea739ed5e5e (commit)


- Log -----------------------------------------------------------------
commit 639b5a1390d1df2b7acc64034831dd237cd2ec7b
Author:     Michael Niedermayer <michaelni at gmx.at>
AuthorDate: Thu Mar 13 00:17:53 2014 +0100
Commit:     Michael Niedermayer <michaelni at gmx.at>
CommitDate: Thu Mar 13 00:32:06 2014 +0100

    web/security: add some missing CVEs

diff --git a/src/security b/src/security
index ebacaa5..d993ca4 100644
--- a/src/security
+++ b/src/security
@@ -172,6 +172,8 @@ Fixes following vulnerabilities:
 CVE-2013-2495, 3dbc0ff9c3e6f6e0d08ea3d42cb33761bae084ba
 CVE-2013-2496, e398990eb87785e20e065cd3f14d1dbb69df4392
 CVE-2013-0870, 14c8ee00ffd9d45e6e0c6f11a957ce7e56f7eb3a
+CVE-2012-5150, ae3d41636942cbc0236bad21ad06c65f4eb0f096
+CVE-2013-0894, 2c16bf2de07c68513072bf3cc96401d2c6291a3e
 </pre>
 
 
@@ -185,6 +187,7 @@ CVE-2014-2099, 0c58c165ab51260ba2e6cb606b8057a7c9783ef3 / c919e1ca2ecfc47d796382
 CVE-2014-2097, 74821341b9aca0be0938f1eabe3aabc1d3a004e8 / f58eab151214d2d35ff0973f2b3e51c5eb372da4
 CVE-2014-2098, b0b02a210109473cbc8d3bb8d7a6bcf4eb6ebb68 / ec9578d54d09b64bf112c2bf7a34b1ef3b93dbd3
 CVE-2014-2263, 694c3a13c9489c6e05f88486b489dd0746d114fc / 842b6c14bcfc1c5da1a2d288fd65386eb8c158ad
+CVE-2012-5150, ca2e3f113188e5835533d54000c314721b8445db / ae3d41636942cbc0236bad21ad06c65f4eb0f096
 </pre>
 
 <h3>1.1.8</h3>
@@ -238,6 +241,7 @@ Fixes following vulnerabilities:
 <pre>
 CVE-2013-2495, f719e6566c08dc1e18cf1caf07ba8c0e93cd7283 / 3dbc0ff9c3e6f6e0d08ea3d42cb33761bae084ba
 CVE-2013-2496, e398990eb87785e20e065cd3f14d1dbb69df4392 / b9a1efa6f4d4cda20ce796614ff5b0c523df5672
+CVE-2013-0894, 494ddd377ada76ed555f7a3f49391455daa099c9 / 11dcecfcca0eca1a571792c4fa3c21fb2cfdddd
 </pre>
 
 <h3>1.1.3</h3>
@@ -488,6 +492,9 @@ CVE-2012-2801, 1df49142bab1b7bccd11392aa9e819e297d21a6e
 CVE-2012-2802, 2c22701c371c2f3dea21fcdbb97c981939fb77af
 CVE-2012-2803, 951cbea56fdc03ef96d07fbd7e5bed755d42ac8a
 CVE-2012-2804, 4a80ebe491609e04110a1dd540a0ca79d3be3d04
+CVE-2012-5359, msvr12-017
+CVE-2012-5360, msvr12-017
+CVE-2012-5361, msvr12-017
 </pre>
 
 <h2>FFmpeg 0.10</h2>
@@ -522,6 +529,7 @@ Fixes following vulnerabilities:
 <pre>
 CVE-2013-0868, b07c791252707c88f610daa668eae3ddc6fbccc7 / 0dfc01c2bbf4b71bb56201bc4a393321e15d1b31
                ba4b57e8024a9635b4eaf7f3cc08837b065bd4c9 / f67a0d115254461649470452058fa3c28c0df294
+CVE-2013-0894, e050af9a809bd4e223c89e280ebd94da0e1034b5 / 11dcecfcca0eca1a571792c4fa3c21fb2cfddddc
 c3d7c805bc9c1ed584e92649cd8fa8cbb7010967 / c83002a4f8042ccfa0688a9a18e8fa0369c1fda8
 </pre>
 
@@ -622,6 +630,14 @@ played back and a few are probable arbitrary code execution vulnerabilities</p>
 
 
 <h2>FFmpeg 0.8</h2>
+<h3>0.8.15</h3>
+<p>
+Fixes following vulnerabilities:
+</p>
+<pre>
+CVE-2013-0894, d86a5ce03f6993aaf7a28f2c2b29a788d7ea76ab / 11dcecfcca0eca1a571792c4fa3c21fb2cfddddc
+</pre>
+
 <h3>0.8.11</h3>
 <p>
 Fixes following vulnerabilities:
@@ -645,6 +661,14 @@ Several security issues that dont have CVE numbers.
 <p>Fixes CVE-2011-4364 among others</p>
 
 <h2>FFmpeg 0.7</h2>
+<h3>0.7.16</h3>
+<p>
+Fixes following vulnerabilities:
+</p>
+<pre>
+CVE-2013-0894, d86a5ce03f6993aaf7a28f2c2b29a788d7ea76ab / 11dcecfcca0eca1a571792c4fa3c21fb2cfddddc
+</pre>
+
 <h3>0.7.12</h3>
 <p>
 Fixes following vulnerabilities:
@@ -689,3 +713,13 @@ Several security issues that dont have CVE numbers.
 
 <h3>0.5.4</h3>
 <p>Fixes CVE-2010-3908, CVE-2011-0722, CVE-2010-4704, CVE-2011-0480, CVE-2011-0723</p>
+
+<h3>0.5</h3>
+<p>
+Fixes following vulnerabilities:
+</p>
+<pre>
+CVE-2008-4610 00bbe27631ddce543e00d5fbdee445c39fc84d7f
+CVE-2008-4867 4df7beb3686caf2df345d2e10564aa8cf6c24a65
+CVE-2009-0385 0838cfdc8a10185604db5cd9d6bffad71279a0e8
+</pre>

commit ad92fbcdad04f4104071f81277733a1fa521abe8
Author:     Michael Niedermayer <michaelni at gmx.at>
AuthorDate: Wed Mar 12 21:17:09 2014 +0100
Commit:     Michael Niedermayer <michaelni at gmx.at>
CommitDate: Wed Mar 12 21:17:09 2014 +0100

    web/security: fix formating discrepancies

diff --git a/src/security b/src/security
index ed3b12a..ebacaa5 100644
--- a/src/security
+++ b/src/security
@@ -9,9 +9,9 @@
 Fixes following vulnerabilities:
 </p>
 <pre>
-CVE-2014-2099, 4cc18ee5da110087b5661ef0269ef59742e90a82  / c919e1ca2ecfc47d796382973ba0e48b8f6f92a2
-CVE-2014-2098, f91ef98c9d740d6c1410d5cf206bda80c2416808  / ec9578d54d09b64bf112c2bf7a34b1ef3b93dbd3
-CVE-2014-2097, 8c6a976feeea8ee0ccdb31fbddb0d9c98b44ae0d  / f58eab151214d2d35ff0973f2b3e51c5eb372da4
+CVE-2014-2099, 4cc18ee5da110087b5661ef0269ef59742e90a82 / c919e1ca2ecfc47d796382973ba0e48b8f6f92a2
+CVE-2014-2098, f91ef98c9d740d6c1410d5cf206bda80c2416808 / ec9578d54d09b64bf112c2bf7a34b1ef3b93dbd3
+CVE-2014-2097, 8c6a976feeea8ee0ccdb31fbddb0d9c98b44ae0d / f58eab151214d2d35ff0973f2b3e51c5eb372da4
 CVE-2014-2263, 4a28a3ddc4eb7322409f062f422c676f93d95ac1 / 842b6c14bcfc1c5da1a2d288fd65386eb8c158ad
 </pre>
 
@@ -113,9 +113,9 @@ CVE-2013-3675, 9dd04f6d8cdd1c10c28b2cb4252c1a41df581915
 Fixes following vulnerabilities:
 </p>
 <pre>
-ab31a9ee4af5cfc0bab6b318512819fb706d0ff2 CVE-2014-2099, / c919e1ca2ecfc47d796382973ba0e48b8f6f92a2
-11b14d0e63f882171e579f05a0af3b2679dd021a CVE-2014-2098, / ec9578d54d09b64bf112c2bf7a34b1ef3b93dbd3
-ca9d302519b690af1318c4c5ef6aeff118548819 CVE-2014-2097, / f58eab151214d2d35ff0973f2b3e51c5eb372da4
+CVE-2014-2099, ab31a9ee4af5cfc0bab6b318512819fb706d0ff2 / c919e1ca2ecfc47d796382973ba0e48b8f6f92a2
+CVE-2014-2098, 11b14d0e63f882171e579f05a0af3b2679dd021a / ec9578d54d09b64bf112c2bf7a34b1ef3b93dbd3
+CVE-2014-2097, ca9d302519b690af1318c4c5ef6aeff118548819 / f58eab151214d2d35ff0973f2b3e51c5eb372da4
 CVE-2014-2263, a57d29a50c7a65cd75d55db78ffb24d326aec38f / 842b6c14bcfc1c5da1a2d288fd65386eb8c158ad
 </pre>
 

commit e4152c4fd0e52f85dffdba1773ffdaf382acfa44
Author:     Michael Niedermayer <michaelni at gmx.at>
AuthorDate: Wed Mar 12 21:16:21 2014 +0100
Commit:     Michael Niedermayer <michaelni at gmx.at>
CommitDate: Wed Mar 12 21:16:21 2014 +0100

    web/security: add CVE-2014-2263

diff --git a/src/security b/src/security
index 7fa2251..ed3b12a 100644
--- a/src/security
+++ b/src/security
@@ -12,6 +12,7 @@ Fixes following vulnerabilities:
 CVE-2014-2099, 4cc18ee5da110087b5661ef0269ef59742e90a82  / c919e1ca2ecfc47d796382973ba0e48b8f6f92a2
 CVE-2014-2098, f91ef98c9d740d6c1410d5cf206bda80c2416808  / ec9578d54d09b64bf112c2bf7a34b1ef3b93dbd3
 CVE-2014-2097, 8c6a976feeea8ee0ccdb31fbddb0d9c98b44ae0d  / f58eab151214d2d35ff0973f2b3e51c5eb372da4
+CVE-2014-2263, 4a28a3ddc4eb7322409f062f422c676f93d95ac1 / 842b6c14bcfc1c5da1a2d288fd65386eb8c158ad
 </pre>
 
 <h3>2.1</h3>
@@ -48,6 +49,7 @@ Fixes following vulnerabilities:
 CVE-2014-2098, 13ce3673684e0fe69964f71660747e674c1f524c / ec9578d54d09b64bf112c2bf7a34b1ef3b93dbd3
 CVE-2014-2099, bc1c8ec5e65098fd2ccd8456f667151dfc9cda42 / c919e1ca2ecfc47d796382973ba0e48b8f6f92a2
 CVE-2014-2097, d0d0924947a40df52b06cafd86fc293949edbfc2 / f58eab151214d2d35ff0973f2b3e51c5eb372da4
+CVE-2014-2263, 5e7e43c33ea45550137f5dd2b9f81deef2acbfcd / 842b6c14bcfc1c5da1a2d288fd65386eb8c158ad
 </pre>
 
 <h3>2.0.3</h3>
@@ -114,6 +116,7 @@ Fixes following vulnerabilities:
 ab31a9ee4af5cfc0bab6b318512819fb706d0ff2 CVE-2014-2099, / c919e1ca2ecfc47d796382973ba0e48b8f6f92a2
 11b14d0e63f882171e579f05a0af3b2679dd021a CVE-2014-2098, / ec9578d54d09b64bf112c2bf7a34b1ef3b93dbd3
 ca9d302519b690af1318c4c5ef6aeff118548819 CVE-2014-2097, / f58eab151214d2d35ff0973f2b3e51c5eb372da4
+CVE-2014-2263, a57d29a50c7a65cd75d55db78ffb24d326aec38f / 842b6c14bcfc1c5da1a2d288fd65386eb8c158ad
 </pre>
 
 <h3>1.2.5</h3>
@@ -181,6 +184,7 @@ Fixes following vulnerabilities:
 CVE-2014-2099, 0c58c165ab51260ba2e6cb606b8057a7c9783ef3 / c919e1ca2ecfc47d796382973ba0e48b8f6f92a2
 CVE-2014-2097, 74821341b9aca0be0938f1eabe3aabc1d3a004e8 / f58eab151214d2d35ff0973f2b3e51c5eb372da4
 CVE-2014-2098, b0b02a210109473cbc8d3bb8d7a6bcf4eb6ebb68 / ec9578d54d09b64bf112c2bf7a34b1ef3b93dbd3
+CVE-2014-2263, 694c3a13c9489c6e05f88486b489dd0746d114fc / 842b6c14bcfc1c5da1a2d288fd65386eb8c158ad
 </pre>
 
 <h3>1.1.8</h3>
@@ -311,6 +315,7 @@ Fixes following vulnerabilities:
 CVE-2013-7023, 6f9ae27f5136a29eea18effb033fe9d6f67b892e / f31011e9abfb2ae75bb32bc44e2c34194c8dc40a
 CVE-2014-2098, b9bf17c55ac2b3b06e44a221994563fa894c1347 / ec9578d54d09b64bf112c2bf7a34b1ef3b93dbd3
 CVE-2014-2099, 54b61181ed55ab38034520eb27d18cf8a2d3732e / c919e1ca2ecfc47d796382973ba0e48b8f6f92a2
+CVE-2014-2263, 7ad6b66370e59e7eafb17bd5d43c46e3abf51f04 / 842b6c14bcfc1c5da1a2d288fd65386eb8c158ad
 </pre>
 
 <h3>1.0.8</h3>
@@ -422,6 +427,7 @@ CVE-2013-7021, ceff07dfb94af00233979ccd1cf6587b91a44d5f / cdd5df8189ff1537f7abe8
 CVE-2013-7023, 2289bffa312dc3589efbdf44a0a5f1a26a5b709f / f31011e9abfb2ae75bb32bc44e2c34194c8dc40a
 CVE-2014-2098, c23597ec7eaea16a638729c60866befcd48eda3e / ec9578d54d09b64bf112c2bf7a34b1ef3b93dbd3
 CVE-2014-2099, 3a893335bde2d4ba2fcd839df09afb2b95779856 / c919e1ca2ecfc47d796382973ba0e48b8f6f92a2
+CVE-2014-2263, 12770701856a05b6b3cd706f708f8e9a4e8a1336 / 842b6c14bcfc1c5da1a2d288fd65386eb8c158ad
 </pre>
 
 <h3>0.11.4</h3>
@@ -493,6 +499,7 @@ Fixes following vulnerabilities:
 CVE-2012-2795, ca8c3ec11b8ceb6d753176d5c04145cb83cbbe47 / a0abefb0af64a311b15141062c77dd577ba590a3
 CVE-2014-2098, ae51d93983530a1900ee4e1e4bf43cb28a30efb2 / ec9578d54d09b64bf112c2bf7a34b1ef3b93dbd3
 CVE-2014-2099, f157f18b3473dc5bcef8d21d25ce0cdb6597bafd / c919e1ca2ecfc47d796382973ba0e48b8f6f92a2
+CVE-2014-2263, 68b14c044a4a00d69aeb620bdb57dce533c4190a / 842b6c14bcfc1c5da1a2d288fd65386eb8c158ad
 </pre>
 
 <h3>0.10.9</h3>

-----------------------------------------------------------------------

Summary of changes:
 src/security |   53 +++++++++++++++++++++++++++++++++++++++++++++++------
 1 files changed, 47 insertions(+), 6 deletions(-)


hooks/post-receive
-- 



More information about the ffmpeg-cvslog mailing list