[FFmpeg-cvslog] [ffmpeg-web] branch master updated. ae52c3d web: security update for 0.10

gitolite ffmpeg-cvslog at ffmpeg.org
Fri Jan 27 00:26:53 CET 2012 

The branch, master has been updated
       via  ae52c3d1cd8751b977f002a3e0da4d4dd2d46672 (commit)
       via  30895438ec1c20e4003cdae20e06e185477428d5 (commit)
      from  ea3320c4ce9b4b0f3a8fa442c29b53d0f5149821 (commit)


- Log -----------------------------------------------------------------
commit ae52c3d1cd8751b977f002a3e0da4d4dd2d46672
Author:     Michael Niedermayer <michaelni at gmx.at>
AuthorDate: Fri Jan 27 00:20:00 2012 +0100
Commit:     Michael Niedermayer <michaelni at gmx.at>
CommitDate: Fri Jan 27 00:22:28 2012 +0100

    web: security update for 0.10

diff --git a/src/security b/src/security
index b302a04..0e716b7 100644
--- a/src/security
+++ b/src/security
@@ -1,5 +1,15 @@
 <h1>FFmpeg Security</h1>
 
+<h2>0.10</h2>
+<h3>FFmpeg 0.10</h3>
+<p>Fixes  CVE-2011-3929, CVE-2011-3934, CVE-2011-3935, CVE-2011-3936,
+          CVE-2011-3937, CVE-2011-3940, CVE-2011-3941, CVE-2011-3944,
+          CVE-2011-3945, CVE-2011-3946, CVE-2011-3947, CVE-2011-3949,
+          CVE-2011-3950, CVE-2011-3951, CVE-2011-3952
+and several others that do not have a CVE number.
+Many of these issues can be exploited when a remote file is
+played back and some are probable arbitrary code execution vulnerabilities</p>
+
 <h2>0.9</h2>
 <h3>FFmpeg 0.9.1</h3>
 <p>Fixes CVE-2011-3893 and CVE-2011-3895, and about 70 more security issues that

commit 30895438ec1c20e4003cdae20e06e185477428d5
Author:     Michael Niedermayer <michaelni at gmx.at>
AuthorDate: Fri Jan 27 00:07:42 2012 +0100
Commit:     Michael Niedermayer <michaelni at gmx.at>
CommitDate: Fri Jan 27 00:07:42 2012 +0100

    web: add 0.10 to download

diff --git a/src/download b/src/download
index 8429d07..ee9ae73 100644
--- a/src/download
+++ b/src/download
@@ -200,6 +200,24 @@ selected changes from the development branch, which therefore receives much more
 and much faster bug fixes such as additional features and security patches.
 </p>
 
+<a name="release_0.10"></a><h2>
+FFmpeg 0.10 "Freedom"</h2>
+
+<p>
+0.10 was released on 2012-01-26. It is the latest stable FFmpeg release
+from the 0.10 release branch, which was cut from master on 2012-01-26.
+Amongst lots of other changes, it includes all changes from
+ffmpeg-mt, libav master of 2012-01-26, libav 0.8 as of 2012-01-26.
+</p>
+
+<p>
+<a href="releases/ffmpeg-0.10.tar.bz2">Download bzip2 tarball</a>  
+<a href="releases/ffmpeg-0.10.tar.bz2.asc">PGP signature</a><br />
+<a href="releases/ffmpeg-0.10.tar.gz">Download gzip tarball</a>  
+<a href="releases/ffmpeg-0.10.tar.gz.asc">PGP signature</a><br />
+<a href="http://git.videolan.org/?p=ffmpeg.git;a=shortlog;h=n0.10">Changelog</a><br />
+</p>
+
 <a name="release_0.9"></a><h2>
 FFmpeg 0.9.1 "Harmony"</h2>
 

-----------------------------------------------------------------------

Summary of changes:
 src/download |   18 ++++++++++++++++++
 src/security |   10 ++++++++++
 2 files changed, 28 insertions(+), 0 deletions(-)


hooks/post-receive
--

More information about the ffmpeg-cvslog mailing list