[FFmpeg-cvslog] [ffmpeg-web] branch master updated. 8705986 web/security: add CVEs for current releases

ffmpeg-git at ffmpeg.org ffmpeg-git at ffmpeg.org
Wed Jul 18 17:55:12 EEST 2018


The branch, master has been updated
       via  87059868ec04033702e1859400e593f171f775b4 (commit)
      from  a3ac68cecfe5ffe164b37301d87243a08071aed9 (commit)


- Log -----------------------------------------------------------------
commit 87059868ec04033702e1859400e593f171f775b4
Author:     Michael Niedermayer <michael at niedermayer.cc>
AuthorDate: Wed Jul 18 16:52:40 2018 +0200
Commit:     Michael Niedermayer <michael at niedermayer.cc>
CommitDate: Wed Jul 18 16:52:40 2018 +0200

    web/security: add CVEs for current releases

diff --git a/src/security b/src/security
index acc10cf..69ca21b 100644
--- a/src/security
+++ b/src/security
@@ -2,6 +2,18 @@
 
 <h2>FFmpeg 4.0</h2>
 
+<h3>4.0.2</h3>
+<p>
+Fixes following vulnerabilities:
+</p>
+<pre>
+CVE-2018-13300, 76105382244e79d072e7b993c7caf584151b0694 / 95556e27e2c1d56d9e18f5db34d6f756f3011148
+CVE-2018-13301, 679d749eaba9e5a8b8a9ea22500ab559f5be8940 / 2aa9047486dbff12d9e040f917e5f799ed2fd78b
+CVE-2018-13302, 20c5fb972101fa25dedaf35a9c0ce2bf02fa6b52 / ed22dc22216f74c75ee7901f82649e1ff725ba50
+CVE-2018-13303, 0003ace83b18f68c981c8ad401bee75315edf9f5 / 00e8181bd97c834fe60751b0c511d4bb97875f78
+CVE-2018-13304, 5fd1dce39a70340b9fd508154e48985902602e25 / bd27a9364ca274ca97f1df6d984e88a0700fb235
+</pre>
+
 <h3>4.0.1</h3>
 <p>
 Fixes following vulnerabilities:
@@ -24,6 +36,19 @@ CVE-2018-7557, 7414d0bda7763f9bd69c26c068e482ab297c1c96
 
 <h2>FFmpeg 3.4</h2>
 
+<h3>3.4.3</h3>
+<p>
+Fixes following vulnerabilities:
+</p>
+<pre>
+CVE-2018-7557,  ae49cc73f265a155e5c4b1715570aab3d9741b4d / 7414d0bda7763f9bd69c26c068e482ab297c1c96
+CVE-2018-7751,  3fa6e594a0f2575ddb6b2183961fde42ab5ab37b / a6cba062051f345e8ebfdff34aba071ed73d923f
+CVE-2018-10001, 51035698bde9c13da7eedc1f6eb47d190bbc949d / 47b7c68ae54560e2308bdb6be4fb076c73b93081
+CVE-2018-12458, bd1fd3ff4b0437153a6c4717f59ce31a7bba8ca0 / e1182fac1afba92a4975917823a5f644bee7e6e8
+CVE-2018-13300, 3a04f518ac283194bb13d8aff7d9fa963d551547 / 95556e27e2c1d56d9e18f5db34d6f756f3011148
+CVE-2018-13302, 36c779bffe2ceef48a0fa4d7a6691c6895faf9e2 / ed22dc22216f74c75ee7901f82649e1ff725ba50
+</pre>
+
 <h3>3.4.2</h3>
 <p>
 Fixes following vulnerabilities:
@@ -54,6 +79,16 @@ CVE-2017-17081, 127a362630e11fe724e2e63fc871791fdcbcfa64
 
 <h2>FFmpeg 3.3</h2>
 
+<h3>3.3.8</h3>
+<p>
+Fixes following vulnerabilities:
+</p>
+<pre>
+CVE-2018-12458, d1bac7f77772a68e164385d7018f2c2562e0d219 / e1182fac1afba92a4975917823a5f644bee7e6e8
+CVE-2018-13300, 672ada0f179b3ef45e52987d8c96716d23aa0722 / 95556e27e2c1d56d9e18f5db34d6f756f3011148
+CVE-2018-13302, 78b1fbca3404459dcf8a1c34b5c7f9a5825ad61f / ed22dc22216f74c75ee7901f82649e1ff725ba5
+</pre>
+
 <h3>3.3.7</h3>
 <p>
 Fixes following vulnerabilities:
@@ -62,6 +97,7 @@ Fixes following vulnerabilities:
 CVE-2018-6621, 0322f781777d4413bd57815ee9b5a7d6a0cfe716 / 118e1b0b3370dd1c0da442901b486689efd1654b
 CVE-2018-6392, d74839d793ebf8c6c7c4a2a8a22ae2bd695d2c41 / 3f621455d62e46745453568d915badd5b1e5bcd5
 CVE-2018-7557, bafb13dc0fd60f49f613bf4c52ce88b91176755c / 7414d0bda7763f9bd69c26c068e482ab297c1c96
+CVE-2018-10001,15d4dc0da1e9f2450b5f9e748e1704fc0e6ef3a4 / 47b7c68ae54560e2308bdb6be4fb076c73b93081
 </pre>
 
 <h3>3.3.6</h3>
@@ -150,6 +186,20 @@ CVE-2017-7866, e371f031b942d73e02c090170975561fabd5c264
 
 <h2>FFmpeg 3.2</h2>
 
+<h3>3.2.11</h3>
+<p>
+Fixes following vulnerabilities:
+</p>
+<pre>
+CVE-2018-6392,  c4ba170cad2ccdd896ea6fd3a890980008606541 / 3f621455d62e46745453568d915badd5b1e5bcd5
+CVE-2018-6621,  22aa37c0fedf14531783189a197542a055959b6c / 118e1b0b3370dd1c0da442901b486689efd1654b
+CVE-2018-7557,  9c0593576454992e5739729623ca3ed1fe93d12e / 7414d0bda7763f9bd69c26c068e482ab297c1c96
+CVE-2018-10001, 7050970d066b853f82b0891fd7b57c19b4fd9095 / 47b7c68ae54560e2308bdb6be4fb076c73b93081
+CVE-2018-12458, d6f8960812b0a4ceac299a9000a1e921c74e431a / e1182fac1afba92a4975917823a5f644bee7e6e8
+CVE-2018-13300, e6d3fd942f772f54ab6a5ca619cdaadef26b7702 / 95556e27e2c1d56d9e18f5db34d6f756f3011148
+CVE-2018-13302, 92972f19168f323cfe133a42abf130a5f159bfd6 / ed22dc22216f74c75ee7901f82649e1ff725ba50
+</pre>
+
 <h3>3.2.10</h3>
 <p>
 Fixes following vulnerabilities:
@@ -513,6 +563,16 @@ CVE-2016-7122, 1d90326f95a791db515f69a01a5f6ef867896d15 / e4e4a9cad7f21593d4bcb1
 
 <h2>FFmpeg 2.8</h2>
 
+<h3>2.8.15</h3>
+<p>
+Fixes following vulnerabilities:
+</p>
+<pre>
+CVE-2018-7557,  e724bd1dd9efea3abb8586d6644ec07694afceae / 7414d0bda7763f9bd69c26c068e482ab297c1c96
+CVE-2018-12458, 6bbef938839adc55e8e048bc9cc2e0fafe2064df / e1182fac1afba92a4975917823a5f644bee7e6e8
+CVE-2018-13302, a80b8a01cc934b3417cea5c50a9f607d77f223ec / ed22dc22216f74c75ee7901f82649e1ff725ba50
+</pre>
+
 <h3>2.8.14</h3>
 <p>
 Fixes following vulnerabilities:

-----------------------------------------------------------------------

Summary of changes:
 src/security | 60 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 60 insertions(+)


hooks/post-receive
-- 



More information about the ffmpeg-cvslog mailing list