[FFmpeg-cvslog] [ffmpeg-web] branch master updated. 0d3eb9e web/security: add CVE-2018-10001 entry to FFmpeg 4.0

ffmpeg-git at ffmpeg.org ffmpeg-git at ffmpeg.org
Tue Nov 6 02:19:13 EET 2018 

The branch, master has been updated
       via  0d3eb9e802c1ee63bf627dfc9e688bbe118eaa4e (commit)
       via  916bc717c793c61548da06f636c78f683404ecee (commit)
      from  45cc0cafbbd06f5b33adf6d8fd907da218bce93d (commit)


- Log -----------------------------------------------------------------
commit 0d3eb9e802c1ee63bf627dfc9e688bbe118eaa4e
Author:     Michael Niedermayer <michael at niedermayer.cc>
AuthorDate: Tue Nov 6 01:17:23 2018 +0100
Commit:     Michael Niedermayer <michael at niedermayer.cc>
CommitDate: Tue Nov 6 01:17:23 2018 +0100

    web/security: add CVE-2018-10001 entry to FFmpeg 4.0

diff --git a/src/security b/src/security
index df42c5b..748a447 100644
--- a/src/security
+++ b/src/security
@@ -64,6 +64,7 @@ Fixes following vulnerabilities:
 CVE-2018-6912, 76cc0f0f673353cd4746cd3b83838ae335e5d9ed
 CVE-2018-7751, a6cba062051f345e8ebfdff34aba071ed73d923f
 CVE-2018-7557, 7414d0bda7763f9bd69c26c068e482ab297c1c96
+CVE-2018-10001, 47b7c68ae54560e2308bdb6be4fb076c73b93081
 </pre>
 
 <h2>FFmpeg 3.4</h2>

commit 916bc717c793c61548da06f636c78f683404ecee
Author:     Michael Niedermayer <michael at niedermayer.cc>
AuthorDate: Tue Nov 6 01:16:50 2018 +0100
Commit:     Michael Niedermayer <michael at niedermayer.cc>
CommitDate: Tue Nov 6 01:16:50 2018 +0100

    web: add FFmpeg 4.1

diff --git a/src/download b/src/download
index 1b2508c..d4ef0d0 100644
--- a/src/download
+++ b/src/download
@@ -1,10 +1,10 @@
 
 <div id="download">
   <div class="btn-download-wrapper">
-    <a href="https://ffmpeg.org/releases/ffmpeg-4.0.3.tar.bz2" class="btn btn-success">
+    <a href="https://ffmpeg.org/releases/ffmpeg-4.1.tar.bz2" class="btn btn-success">
       <i class="fa fa-cloud-download"></i>
       Download
-      <small>ffmpeg-4.0.3.tar.bz2</small>
+      <small>ffmpeg-4.1.tar.bz2</small>
     </a>
     <br>
     <a href="#releases">More releases</a>
@@ -269,6 +269,43 @@
     and much faster bug fixes such as additional features and security patches.
   </p>
 
+  <h3 id="release_4.1">FFmpeg 4.1 "al-Khwarizmi"</h3>
+
+  <p>
+    4.1 was released on 2018-11-06. It is the latest stable FFmpeg release
+    from the 4.1 release branch, which was cut from master on 2018-11-02.
+  </p>
+  <p>It includes the following library versions:
+  </p>
+  <pre>
+libavutil      56. 22.100
+libavcodec     58. 35.100
+libavformat    58. 20.100
+libavdevice    58.  5.100
+libavfilter     7. 40.101
+libswscale      5.  3.100
+libswresample   3.  3.100
+libpostproc    55.  3.100</pre>
+
+  <div class="row">
+    <div class="col-md-3">
+      <a class="btn btn-success" href="releases/ffmpeg-4.1.tar.xz">Download xz tarball</a>
+      <small><a href="releases/ffmpeg-4.1.tar.xz.asc">PGP signature</a></small>
+    </div> <!-- col -->
+    <div class="col-md-3">
+      <a class="btn btn-success" href="releases/ffmpeg-4.1.tar.bz2">Download bzip2 tarball</a>
+      <small><a href="releases/ffmpeg-4.1.tar.bz2.asc">PGP signature</a></small>
+    </div> <!-- col -->
+    <div class="col-md-3">
+      <a class="btn btn-success" href="releases/ffmpeg-4.1.tar.gz">Download gzip tarball</a>
+      <small><a href="releases/ffmpeg-4.1.tar.gz.asc">PGP signature</a></small>
+    </div> <!-- col -->
+    <div class="col-md-3 text-right">
+      <small><a href="https://git.ffmpeg.org/gitweb/ffmpeg.git/shortlog/n4.1">Changelog</a></small>
+      <a class="btn btn-success" href="https://git.ffmpeg.org/gitweb/ffmpeg.git/blob/refs/heads/release/4.1:/RELEASE_NOTES">Release Notes</a>
+    </div> <!-- col -->
+  </div> <!-- row -->
+
   <h3 id="release_4.0">FFmpeg 4.0.3 "Wu"</h3>
 
   <p>
diff --git a/src/security b/src/security
index 5f143a8..df42c5b 100644
--- a/src/security
+++ b/src/security
@@ -1,5 +1,27 @@
 <p>Please report vulnerabilities to <a href="mailto:ffmpeg-security at ffmpeg.org">ffmpeg-security at ffmpeg.org</a></p>
 
+
+<h2>FFmpeg 4.1</h2>
+
+<h3>4.1</h3>
+<p>
+Fixes following vulnerabilities:
+</p>
+<pre>
+CVE-2018-12458, e1182fac1afba92a4975917823a5f644bee7e6e8
+CVE-2018-12459, 2fc108f60f98cd00813418a8754a46476b404a3c
+CVE-2018-12460, b3332a182f8ba33a34542e4a0370f38b914ccf7d
+CVE-2018-13300, 95556e27e2c1d56d9e18f5db34d6f756f3011148
+CVE-2018-13301, 2aa9047486dbff12d9e040f917e5f799ed2fd78b
+CVE-2018-13302, ed22dc22216f74c75ee7901f82649e1ff725ba50
+CVE-2018-13303, 00e8181bd97c834fe60751b0c511d4bb97875f78
+CVE-2018-13304, bd27a9364ca274ca97f1df6d984e88a0700fb235
+CVE-2018-13305, d08d4a8c7387e758d439b0592782e4cfa2b4d6a4
+CVE-2018-14394, 3a2d21bc5f97aa0161db3ae731fc2732be6108b8
+CVE-2018-14395, fa19fbcf712a6a6cc5a5cfdc3254a97b9bce6582
+CVE-2018-15822, 6b67d7f05918f7a1ee8fc6ff21355d7e8736aa10
+</pre>
+
 <h2>FFmpeg 4.0</h2>
 
 <h3>4.0.3</h3>

-----------------------------------------------------------------------

Summary of changes:
 src/download | 41 +++++++++++++++++++++++++++++++++++++++--
 src/security | 23 +++++++++++++++++++++++
 2 files changed, 62 insertions(+), 2 deletions(-)


hooks/post-receive
--

More information about the ffmpeg-cvslog mailing list