[FFmpeg-cvslog] [ffmpeg-web] branch master updated. 552c0d9 web/security: Add CVE-2017-7862 and CVE-2017-7866

ffmpeg-git at ffmpeg.org ffmpeg-git at ffmpeg.org
Sun Dec 31 20:22:04 EET 2017 

The branch, master has been updated
       via  552c0d90f6667550065f8e71121a61f0b21aaf26 (commit)
      from  60d3f37b88703060228077cc0df1a215a810b2f5 (commit)


- Log -----------------------------------------------------------------
commit 552c0d90f6667550065f8e71121a61f0b21aaf26
Author:     Michael Niedermayer <michael at niedermayer.cc>
AuthorDate: Sun Dec 31 17:54:01 2017 +0100
Commit:     Michael Niedermayer <michael at niedermayer.cc>
CommitDate: Sun Dec 31 17:54:01 2017 +0100

    web/security: Add CVE-2017-7862 and CVE-2017-7866

diff --git a/src/security b/src/security
index f4af63a..f4e61ae 100644
--- a/src/security
+++ b/src/security
@@ -87,6 +87,15 @@ CVE-2017-9996, 973a66108b8e01ceb85cf2d6922a5cbb47f6a657 / e1b60aad77c27ed5d4dfc1
 CVE-2017-9996, a483e46b794539d21b1ec0f3e521f681a54a86d2 / 1e42736b95065c69a7481d0cf55247024f54b660
 </pre>
 
+<h3>3.3</h3>
+<p>
+Fixes following vulnerabilities:
+</p>
+<pre>
+CVE-2017-7862, 8c2ea3030af7b40a3c4275696fb5c76cdb80950a
+CVE-2017-7866, e371f031b942d73e02c090170975561fabd5c264
+</pre>
+
 
 <h2>FFmpeg 3.2</h2>
 
@@ -158,6 +167,15 @@ Fixes following vulnerabilities:
 <pre>
 CVE-2017-5024, ed2572b9c8f885e2a4764d2e34604442a71899a1 / 2d453188c2303da641dafb048dc1806790526dfd
 CVE-2017-5025, cf8e004a51b08c6e8ceaeebca85ab84c7ed0b4cf / fd30e4d57fe5841385f845440688505b88c0f4a9
+CVE-2017-7862, a1a14982ec5b9954637cdc9ce8daf01d211e5c79 / 8c2ea3030af7b40a3c4275696fb5c76cdb80950a
+</pre>
+
+<h3>3.2.3</h3>
+<p>
+Fixes following vulnerabilities:
+</p>
+<pre>
+CVE-2017-7866, bd6c1d5149fbc4f2a0200ad99e7f56f4fb7d518a / e371f031b942d73e02c090170975561fabd5c264
 </pre>
 
 <h3>3.2.2</h3>
@@ -249,6 +267,8 @@ Fixes following vulnerabilities:
 <pre>
 CVE-2017-5024, 02a5e88ebc725b09f675bfcbbd4db1133e41708e / 2d453188c2303da641dafb048dc1806790526dfd
 CVE-2017-5025, b6efd022b77349f2797afe756b791e82ec4a1d96 / fd30e4d57fe5841385f845440688505b88c0f4a9
+CVE-2017-7862, 68e9caf16f4421478634c1c2ffc4706393304db3 / 8c2ea3030af7b40a3c4275696fb5c76cdb80950a
+CVE-2017-7866, 00bbf3063c9ef8033c23612dc25a9928beb3aa3d / e371f031b942d73e02c090170975561fabd5c264
 </pre>
 
 <h3>3.1.6</h3>
@@ -331,6 +351,15 @@ Fixes following vulnerabilities:
 <pre>
 CVE-2017-5024, dc1e099bf281e69d162bde02bd87112bbcb1ab5c / 2d453188c2303da641dafb048dc1806790526dfd
 CVE-2017-5025, 4f7064c9da35cd8156f6aee4a25e9b4e7f4ae607 / fd30e4d57fe5841385f845440688505b88c0f4a9
+CVE-2017-7862, bb504aa5eb7eb32dbb62545772285e794af85651 / 8c2ea3030af7b40a3c4275696fb5c76cdb80950a
+</pre>
+
+<h3>3.0.6</h3>
+<p>
+Fixes following vulnerabilities:
+</p>
+<pre>
+CVE-2017-7866, 99c78466ff27311b2a06d874cb7bbd8b1cefc597 / e371f031b942d73e02c090170975561fabd5c264
 </pre>
 
 <h3>3.0.5</h3>
@@ -391,6 +420,8 @@ Fixes following vulnerabilities:
 <pre>
 CVE-2017-5024, 4adc99ecb6e9aec301fdd79ec097d433346045b6 / 2d453188c2303da641dafb048dc1806790526dfd
 CVE-2017-5025, 8be3724e55b2c55337c14c9cb7a69c5a85d42a65 / fd30e4d57fe5841385f845440688505b88c0f4a9
+CVE-2017-7862, 142c1737e325d324c46d9450dbce711720e84430 / 8c2ea3030af7b40a3c4275696fb5c76cdb80950a
+CVE-2017-7866, 1febd817b1d84a520dd2bc96ceacdfe7fb8a0dd2 / e371f031b942d73e02c090170975561fabd5c264
 </pre>
 
 <h3>2.8.10</h3>
@@ -792,6 +823,8 @@ CVE-2017-14223, f8c52dfa1583f0d2c039bad8c9422d2fd190a039 / afc9c683ed9db01edb357
 CVE-2017-17081, 27f8d386829689c346ff0cef00d3af57b9fb8903 / 58cf31cee7a456057f337b3102a03206d833d5e8
 CVE-2017-5024, 01308b492a0e713eee078514d7b3143650dc5886 / 2d453188c2303da641dafb048dc1806790526dfd
 CVE-2017-5025, bb7fd512391ef891a85edccd446954b6a7198fd2 / fd30e4d57fe5841385f845440688505b88c0f4a9
+CVE-2017-7862, cdbaa022f4c814eb074b05dbeaa88d8af5ed6c2b / 8c2ea3030af7b40a3c4275696fb5c76cdb80950a
+CVE-2017-7866, 62244f37d116af28949787d160f80f5210083e55 / e371f031b942d73e02c090170975561fabd5c264
 CVE-2017-9991, a579264bc9f3014adcc9defae0086594a16d7f00 / 441026fcb13ac23aa10edc312bdacb6445a0ad06
 CVE-2017-9992, 5204a50013705ad3882413ff65edcfceb2e86fab / f52fbf4f3ed02a7d872d8a102006f29b4421f360
 CVE-2017-9993, 7e6b64a7d9a2dd64e652b3e42a741b673cda3a26 / 189ff4219644532bdfa7bab28dfedaee4d6d4021

-----------------------------------------------------------------------

Summary of changes:
 src/security | 33 +++++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)


hooks/post-receive
--

More information about the ffmpeg-cvslog mailing list