[FFmpeg-devel] [PATCH 2/3] web: security: Try to make output and source prettier

Alexander Strasser eclipse7 at gmx.net
Mon Apr 2 23:39:47 CEST 2012


Signed-off-by: Alexander Strasser <eclipse7 at gmx.net>
---
 src/security |   28 ++++++++++++++++++++--------
 1 files changed, 20 insertions(+), 8 deletions(-)

diff --git a/src/security b/src/security
index c1f7cb2..f07b349 100644
--- a/src/security
+++ b/src/security
@@ -2,22 +2,34 @@
 
 <h2>0.10</h2>
 <h3>FFmpeg 0.10</h3>
+<p>
+Fixes following vulnerabilities:
 <pre>
-   Fixes  CVE-2011-3929, CVE-2011-3934, CVE-2011-3935, CVE-2011-3936,
-          CVE-2011-3937, CVE-2011-3940, CVE-2011-3941, CVE-2011-3944,
-          CVE-2011-3945, CVE-2011-3946, CVE-2011-3947, CVE-2011-3949,
-          CVE-2011-3950, CVE-2011-3951, CVE-2011-3952
+CVE-2011-3929, CVE-2011-3934, CVE-2011-3935, CVE-2011-3936,
+CVE-2011-3937, CVE-2011-3940, CVE-2011-3941, CVE-2011-3944,
+CVE-2011-3945, CVE-2011-3946, CVE-2011-3947, CVE-2011-3949,
+CVE-2011-3950, CVE-2011-3951, CVE-2011-3952
+</pre>
 and several others that do not have a CVE number.
 Many of these issues can be exploited when a remote file is
 played back and some are probable arbitrary code execution vulnerabilities.
-FFmpeg 0.10 is unaffected by: CVE-2011-3930, CVE-2011-3931, CVE-2011-3932,
-CVE-2011-3933, CVE-2011-3938, CVE-2011-3939, CVE-2011-3942, CVE-2011-3943,
+</p>
+
+<p>
+FFmpeg 0.10 is unaffected by:
+<pre>
+CVE-2011-3930, CVE-2011-3931, CVE-2011-3932, CVE-2011-3933,
+CVE-2011-3938, CVE-2011-3939, CVE-2011-3942, CVE-2011-3943,
 CVE-2011-3948.
 </pre>
+</p>
 
 <h2>0.9</h2>
 <h3>FFmpeg 0.9.1</h3>
-<pre>Fixes CVE-2011-3893, CVE-2011-3895,
+<p>
+Fixes following vulnerabilities:
+<pre>
+CVE-2011-3893, CVE-2011-3895,
 
 CVE-2012-0847 FFmpeg ae21776207e8a2bbe268e7c9e203f7599dd87ddb lavfi:
 add missing check in avfilter_filter_samples()
@@ -58,7 +70,7 @@ Fix invalid free()
 CVE-2012-0859 FFmpeg 6fcf2bb8af0e7d6bb179e71e67e5fab8ef0d2ec2 vorbis:
 Fix last quarter of CVE-2011-3893
 </pre>
-<p>and more security issues that
+and more security issues that
 have no CVE number. Many of these issues can be exploited when a remote file is
 played back and a few are probable arbitrary code execution vulnerabilities</p>
 
-- 
1.7.5.4


More information about the ffmpeg-devel mailing list