[FFmpeg-cvslog] [ffmpeg-web] branch master updated. 3654fb7 web/security: Add more CVE# for 4.3 and 4.4

ffmpeg-git at ffmpeg.org ffmpeg-git at ffmpeg.org
Sat Jun 12 17:50:57 EEST 2021


The branch, master has been updated
       via  3654fb726cc93f0974ded1b66ff2338ad0d55b83 (commit)
      from  8ccd75e40f7366d17a2bc6787cc4e86c79a242ab (commit)


- Log -----------------------------------------------------------------
commit 3654fb726cc93f0974ded1b66ff2338ad0d55b83
Author:     Michael Niedermayer <michael at niedermayer.cc>
AuthorDate: Sat Jun 12 16:43:05 2021 +0200
Commit:     Michael Niedermayer <michael at niedermayer.cc>
CommitDate: Sat Jun 12 16:49:23 2021 +0200

    web/security: Add more CVE# for 4.3 and 4.4
    
    The existence of these CVE numbers have been reported to us by Tony Tascioglu
    
    Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>

diff --git a/src/security b/src/security
index b5033c0..935823b 100644
--- a/src/security
+++ b/src/security
@@ -7,11 +7,16 @@
 Fixes following vulnerabilities:
 </p>
 <pre>
-CVE-2020-14212, 0b3bd001ac1745d9d008a2d195817df57d7d1d14
 CVE-2020-13904, 9dfb19baeb86a8bb02c53a441682c6e9a6e104cc
 CVE-2020-13904, b5e39880fb7269b1b3577cee288e06aa3dc1dfa2
-CVE-2020-35965, b0a8b40294ea212c1938348ff112ef1b9bf16bb3
+CVE-2020-14212, 0b3bd001ac1745d9d008a2d195817df57d7d1d14
+CVE-2020-20450, 5400e4a50c61e53e1bc50b3e77201649bbe9c510, ticket/7993
+CVE-2020-21041, 5d9f44da460f781a1604d537d0555b78e29438ba, ticket/7989
+CVE-2020-22038, 7c32e9cf93b712f8463573a59ed4e98fd10fa013, ticket/8285
+CVE-2020-22042, 426c16d61a9b5056a157a1a2a057a4e4d13eef84, ticket/8267
+CVE-2020-24020, 584f396132aa19d21bb1e38ad9a5d428869290cb, ticket/8718
 CVE-2020-35965, 3e5959b3457f7f1856d997261e6ac672bba49e8b
+CVE-2020-35965, b0a8b40294ea212c1938348ff112ef1b9bf16bb3
 </pre>
 
 <h2>FFmpeg 4.3</h2>
@@ -30,11 +35,35 @@ CVE-2020-14212, dd273d359e45ab69398ac0dc41206d5f1a9371bf / 0b3bd001ac1745d9d008a
 Fixes following vulnerabilities:
 </p>
 <pre>
-CVE-2019-13312, def04022f4a7058f99e669bfd978d431d79aec18
+CVE-2019-13312, def04022f4a7058f99e669bfd978d431d79aec18, CVE-2020-20445, CVE-2020-20446
 CVE-2019-13390, aef24efb0c1e65097ab77a4bf9264189bdf3ace3
 CVE-2019-15942, af70bfbeadc0c9b9215cf045ff2a6a31e8ac3a71
 CVE-2019-17542, 02f909dc24b1f05cfbba75077c7707b905e63cd2
 CVE-2020-12284, 1812352d767ccf5431aa440123e2e260a4db2726
+CVE-2020-20448, 55279d699fa64d8eb1185d8db04ab4ed92e8dea2
+CVE-2020-20448, 8802e329c8317ca5ceb929df48a23eb0f9e852b2, ticket/7990
+CVE-2020-20451, 21265f42ecb265debe9fec1dbfd0cb7de5a8aefb, ticket/8094
+CVE-2020-22016, 58aa0ed8f10753ee90f4a4a1f4f3da803cf7c145, ticket/8183
+CVE-2020-22017, d4d6b7b0355f3597cad3b8d12911790c73b5f96d, ticket/8309
+CVE-2020-22020, ce5274c1385d55892a692998923802023526b765, ticket/8239
+CVE-2020-22022, 07050d7bdc32d82e53ee5bb727f5882323d00dba, ticket/8264
+CVE-2020-22023, 0b567238741854b41f84f7457686b044eadfe29c, ticket/8244
+CVE-2020-22024, 723d69f99cd26db9687ed2d24d06afaff624daf3, ticket/8310
+CVE-2020-22026, 58bb9d3a3a6ede1c6cfb82bf671a5f138e6b2144, ticket/8317
+CVE-2020-22027, e787f8fd7ee99ba0c3e0f086ce2ce59eea7ed86c, ticket/8242
+CVE-2020-22028, f069a9c2a65bc20c3462127623127df6dfd06c5b, ticket/8274
+CVE-2020-22029, a7fd1279703683ebb548ef7baa2f1519994496ae, ticket/8250
+CVE-2020-22030, e1b89c76f66343d1b495165664647317c66764bb, ticket/8276
+CVE-2020-22031, 0e68e8c93f9068596484ec8ba725586860e06fc8, ticket/8243
+CVE-2020-22032, de598f82f8c3f8000e1948548e8088148e2b1f44, ticket/8275
+CVE-2020-22034, 1331e001796c656a4a3c770a16121c15ec1db2ac, ticket/8236
+CVE-2020-22035, 0749082eb93ea02fa4b770da86597450cec84054, ticket/8262
+CVE-2020-22036, 8c3166e1c302c3ba80d9742ae46161c0fa8e2606, ticket/8261
+CVE-2020-22039, a581bb66ea5eb981e2e498ca301df7d1ef15a6a3, ticket/8302
+CVE-2020-22040, 1a0c584abc9709b1d11dbafef05d22e0937d7d19, ticket/8283
+CVE-2020-22041, 3488e0977c671568731afa12b811adce9d4d807f, ticket/8296
+CVE-2020-22043, b288a7eb3d963a175e177b6219c8271076ee8590, ticket/8284
+CVE-2020-22044, 1d479300cbe0522c233b7d51148aea2b29bd29ad, ticket/8295
 </pre>
 
 <h2>FFmpeg 4.2</h2>

-----------------------------------------------------------------------

Summary of changes:
 src/security | 35 ++++++++++++++++++++++++++++++++---
 1 file changed, 32 insertions(+), 3 deletions(-)


hooks/post-receive
-- 



More information about the ffmpeg-cvslog mailing list