[FFmpeg-cvslog] [ffmpeg-web] branch master updated. 2162d12 web/security: add CVEs for 6.1, 6.0.1, 5.1.4
ffmpeg-git at ffmpeg.org
ffmpeg-git at ffmpeg.org
Sat Nov 11 03:02:02 EET 2023
The branch, master has been updated
via 2162d124d031788560f80b6d8539be0a77a4589c (commit)
via f3212cab096623d95f1c467b59bbe19bf1a9ca51 (commit)
from 5d6b55c9c298aa0578c532911be3437a9f3ef34a (commit)
- Log -----------------------------------------------------------------
commit 2162d124d031788560f80b6d8539be0a77a4589c
Author: Michael Niedermayer <michael at niedermayer.cc>
AuthorDate: Sat Nov 11 01:59:32 2023 +0100
Commit: Michael Niedermayer <michael at niedermayer.cc>
CommitDate: Sat Nov 11 01:59:32 2023 +0100
web/security: add CVEs for 6.1, 6.0.1, 5.1.4
diff --git a/src/security b/src/security
index 1739d45..fa2c372 100644
--- a/src/security
+++ b/src/security
@@ -1,8 +1,28 @@
<p>Please report vulnerabilities to <a href="mailto:ffmpeg-security at ffmpeg.org">ffmpeg-security at ffmpeg.org</a></p>
+<h2>FFmpeg 6.1</h2>
+
+<h3>6.1</h3>
+<p>
+Fixes following vulnerabilities:
+</p>
+<pre>
+CVE-2023-47342, e4d5ac8d7d2a08658b3db7dd821246fe6b35381f
+CVE-2023-47344, f7ac3512f5b5cb8eb149f37300b43461d8e93af3
+</pre>
+
+
<h2>FFmpeg 6.0</h2>
+<h3>6.0.1</h3>
+<p>
+Fixes following vulnerabilities:
+</p>
+<pre>
+CVE-2023-47342, 07e3223dd0213cc5f0b65e98a6e1b1500d09ece0 / e4d5ac8d7d2a08658b3db7dd821246fe6b35381f
+</pre>
+
<h3>6.0</h3>
<p>
Fixes following vulnerabilities:
@@ -17,6 +37,14 @@ CVE-2022-48434, cc867f2c09d2b69cee8a0eccd62aff002cbbfe11
<h2>FFmpeg 5.1</h2>
+<h3>5.1.4</h3>
+<p>
+Fixes following vulnerabilities:
+</p>
+<pre>
+CVE-2023-47342, 5e71da4ef9636966b7ec5f8910cf0e6dd4e941e6 / e4d5ac8d7d2a08658b3db7dd821246fe6b35381f
+</pre>
+
<h3>5.1.3</h3>
<p>
Fixes following vulnerabilities:
commit f3212cab096623d95f1c467b59bbe19bf1a9ca51
Author: Michael Niedermayer <michael at niedermayer.cc>
AuthorDate: Sat Nov 11 01:56:54 2023 +0100
Commit: Michael Niedermayer <michael at niedermayer.cc>
CommitDate: Sat Nov 11 01:57:25 2023 +0100
web/download: add FFmpeg 6.1
diff --git a/src/download b/src/download
index 5ef70ea..833420c 100644
--- a/src/download
+++ b/src/download
@@ -303,6 +303,42 @@ gpg: Good signature from "FFmpeg release signing key <ffmpeg-devel at ffmpeg.org
and much faster bug fixes such as additional features and security patches.
</p>
+ <h3 id="release_6.1">FFmpeg 6.1 "Heaviside"</h3>
+
+ <p>
+ 6.1 was released on 2023-11-11. It is the latest stable FFmpeg release
+ from the 6.1 release branch, which was cut from master on 2023-10-29.
+ </p>
+ <p>It includes the following library versions:
+ </p>
+ <pre>
+libavutil 58. 29.100
+libavcodec 60. 31.102
+libavformat 60. 16.100
+libavdevice 60. 3.100
+libavfilter 9. 12.100
+libswscale 7. 5.100
+libswresample 4. 12.100
+libpostproc 57. 3.100</pre>
+ <div class="row">
+ <div class="col-md-3">
+ <a class="btn btn-success" href="releases/ffmpeg-6.1.tar.xz">Download xz tarball</a>
+ <small><a href="releases/ffmpeg-6.1.tar.xz.asc">PGP signature</a></small>
+ </div> <!-- col -->
+ <div class="col-md-3">
+ <a class="btn btn-success" href="releases/ffmpeg-6.1.tar.bz2">Download bzip2 tarball</a>
+ <small><a href="releases/ffmpeg-6.1.tar.bz2.asc">PGP signature</a></small>
+ </div> <!-- col -->
+ <div class="col-md-3">
+ <a class="btn btn-success" href="releases/ffmpeg-6.1.tar.gz">Download gzip tarball</a>
+ <small><a href="releases/ffmpeg-6.1.tar.gz.asc">PGP signature</a></small>
+ </div> <!-- col -->
+ <div class="col-md-3 text-right">
+ <small><a href="https://git.ffmpeg.org/gitweb/ffmpeg.git/shortlog/n6.1">Changelog</a></small>
+ <a class="btn btn-success" href="https://git.ffmpeg.org/gitweb/ffmpeg.git/blob/refs/heads/release/6.1:/RELEASE_NOTES">Release Notes</a>
+ </div> <!-- col -->
+ </div> <!-- row -->
+
<h3 id="release_6.0">FFmpeg 6.0.1 "Von Neumann"</h3>
<p>
-----------------------------------------------------------------------
Summary of changes:
src/download | 36 ++++++++++++++++++++++++++++++++++++
src/security | 28 ++++++++++++++++++++++++++++
2 files changed, 64 insertions(+)
hooks/post-receive
--
More information about the ffmpeg-cvslog
mailing list