[FFmpeg-user] 2.8.14 security updates
Reindl Harald
h.reindl at thelounge.net
Tue May 15 23:14:49 EEST 2018
Am 15.05.2018 um 22:02 schrieb Bryan Duff:
> Is 2.8.14 up-to-date as far as known security issues (e.g CVE's) are
> concerned?
>
> Looking at CVE's for ffmpeg, some will say "3.x.y and before" - does that
> mean that they only affect 3.x? If not and they affect 2.8.14, then there
> are a decent number that affect 2.8.14 (15 of them?)
>
> For example, https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9608
> has commits in the 3.2, 3.3, and master branches, so I'm guessing 2.8 is
> not affected. Just trying to make sure
while this list don't give a damn about anything then current master -
2.8.14 - seriously?
nobody can asnser that for sure because recent is 4.0 and it's imposible
by common sense to backport everything besides hope
3.0 was 2016-02-15
this is more than two years!
2.8 was 2015-09-09
in doubt the answer is simply "no"
More information about the ffmpeg-user
mailing list