[FFmpeg-cvslog] [ffmpeg-web] branch master updated. 65327cd web/security: update for 2.3, 2.2 and 0.10 branches

gitolite ffmpeg-cvslog at ffmpeg.org
Sun Aug 17 16:22:11 CEST 2014


The branch, master has been updated
       via  65327cd6a6466fa3664094e15cdc3c912d58ed61 (commit)
       via  f77885da8146de675db54b612add5ee96566a998 (commit)
      from  85efe31d04c4a61c153e33cb7d9254f95c8290d6 (commit)


- Log -----------------------------------------------------------------
commit 65327cd6a6466fa3664094e15cdc3c912d58ed61
Author:     Michael Niedermayer <michaelni at gmx.at>
AuthorDate: Sun Aug 17 16:19:25 2014 +0200
Commit:     Michael Niedermayer <michaelni at gmx.at>
CommitDate: Sun Aug 17 16:19:25 2014 +0200

    web/security: update for 2.3, 2.2 and 0.10 branches

diff --git a/src/security b/src/security
index efa4649..4cd492e 100644
--- a/src/security
+++ b/src/security
@@ -1,6 +1,23 @@
 <p>Please report vulnerabilities to <a href="mailto:ffmpeg-security at ffmpeg.org">ffmpeg-security at ffmpeg.org</a></p>
 
 <h2>FFmpeg 2.3</h2>
+
+<h3>2.3.3</h3>
+<p>
+Fixes following vulnerabilities:
+</p>
+<pre>
+CVE-2014-5271 60bfa9154d0084bc8b007b984051a6bb82d9652c  / 52b81ff4635c077b2bc8b8d3637d933b6629d803
+</pre>
+
+<h3>2.3.2</h3>
+<p>
+Fixes following vulnerabilities:
+</p>
+<pre>
+CVE-2014-5272, 83956309cc16b47fbf8548e8c5bcf67b8cd4b65f / 3539d6c63a16e1b2874bb037a86f317449c58770
+</pre>
+
 <h3>2.3</h3>
 <p>
 Fixes following vulnerabilities:
@@ -11,6 +28,16 @@ CVE-2014-4610, d6af26c55c1ea30f85a7d9edbc373f53be1743ee
 </pre>
 
 <h2>FFmpeg 2.2</h2>
+
+<h3>2.2.7</h3>
+<p>
+Fixes following vulnerabilities:
+</p>
+<pre>
+CVE-2014-5272, 0397d434054ab9a80fbf8e2357538ca29d4fe427 / 3539d6c63a16e1b2874bb037a86f317449c58770
+CVE-2014-5271, 1ad1723c24cd2683df6d00a83b6f28d3ff45fb96 / 52b81ff4635c077b2bc8b8d3637d933b6629d803
+</pre>
+
 <h3>2.2.4</h3>
 <p>
 Fixes following vulnerabilities:
@@ -575,6 +602,19 @@ CVE-2012-5361, msvr12-017
 
 <h2>FFmpeg 0.10</h2>
 
+<h3>0.10.15</h3>
+<p>
+Fixes following vulnerabilities:
+</p>
+<pre>
+CVE-2013-0848, a1804df66a4064aa30554a11e4fd6cdac3ed89c0
+CVE-2013-0852, a465ed5707f5cbc9713d5e9629d424cd2d46e038
+CVE-2013-0860, c79cf0129edafc388ba1c47cd7b6a620557e48de
+CVE-2013-3672, e17dc0a254ac8d3c33887a114a66e2b659ba0bc5
+CVE-2013-3674, 3aebdffb010df025728d6c2af89642f9634aa806
+CVE-2013-7020, b5d7b80a7e43779ca2962ba56442579c2a7e927d
+</pre>
+
 <h3>0.10.14</h3>
 <p>
 Fixes following vulnerabilities:

commit f77885da8146de675db54b612add5ee96566a998
Author:     Michael Niedermayer <michaelni at gmx.at>
AuthorDate: Sun Aug 17 15:49:40 2014 +0200
Commit:     Michael Niedermayer <michaelni at gmx.at>
CommitDate: Sun Aug 17 15:49:40 2014 +0200

    web/download: add FFmpeg 2.3.3

diff --git a/src/download b/src/download
index ca744eb..909a233 100644
--- a/src/download
+++ b/src/download
@@ -1,10 +1,10 @@
 
 <div id="download">
   <div class="btn-download-wrapper">
-    <a href="http://ffmpeg.org/releases/ffmpeg-2.3.2.tar.bz2" class="btn btn-success">
+    <a href="http://ffmpeg.org/releases/ffmpeg-2.3.3.tar.bz2" class="btn btn-success">
       <i class="fa fa-cloud-download"></i>
       Download
-      <small>ffmpeg-2.3.2.tar.bz2</small>
+      <small>ffmpeg-2.3.3.tar.bz2</small>
     </a>
     <br>
     <a href="#releases">More releases</a>
@@ -255,10 +255,10 @@
 
 
   <a name="release_2.3"></a><h3>
-    FFmpeg 2.3.2 "Mandelbrot"</h3>
+    FFmpeg 2.3.3 "Mandelbrot"</h3>
 
   <p>
-    2.3.2 was released on 2014-08-11. It is the latest stable FFmpeg release
+    2.3.3 was released on 2014-08-17. It is the latest stable FFmpeg release
     from the 2.3 release branch, which was cut from master on 2014-07-16.
     Amongst lots of other changes, it includes all changes from
     ffmpeg-mt, libav master of 2014-07-15, libav 10.2 as of 2014-07-15.
@@ -278,15 +278,15 @@ libpostproc    52.  3.100</pre>
 
   <div class="row">
     <div class="col-md-4">
-      <a class="btn btn-success" href="releases/ffmpeg-2.3.2.tar.bz2">Download bzip2 tarball</a>
-      <small><a href="releases/ffmpeg-2.3.2.tar.bz2.asc">PGP signature</a></small>
+      <a class="btn btn-success" href="releases/ffmpeg-2.3.3.tar.bz2">Download bzip2 tarball</a>
+      <small><a href="releases/ffmpeg-2.3.3.tar.bz2.asc">PGP signature</a></small>
     </div> <!-- col -->
     <div class="col-md-4">
-      <a class="btn btn-success" href="releases/ffmpeg-2.3.2.tar.gz">Download gzip tarball</a>
-      <small><a href="releases/ffmpeg-2.3.2.tar.gz.asc">PGP signature</a></small>
+      <a class="btn btn-success" href="releases/ffmpeg-2.3.3.tar.gz">Download gzip tarball</a>
+      <small><a href="releases/ffmpeg-2.3.3.tar.gz.asc">PGP signature</a></small>
     </div> <!-- col -->
     <div class="col-md-4 text-right">
-      <small><a href="http://git.videolan.org/?p=ffmpeg.git;a=shortlog;h=n2.3.2">Changelog</a></small>
+      <small><a href="http://git.videolan.org/?p=ffmpeg.git;a=shortlog;h=n2.3.3">Changelog</a></small>
       <a class="btn btn-success" href="http://git.videolan.org/?p=ffmpeg.git;a=blob;f=RELEASE_NOTES;hb=489d066">Release Notes</a>
     </div> <!-- col -->
   </div> <!-- row -->

-----------------------------------------------------------------------

Summary of changes:
 src/download |   18 +++++++++---------
 src/security |   40 ++++++++++++++++++++++++++++++++++++++++
 2 files changed, 49 insertions(+), 9 deletions(-)


hooks/post-receive
-- 



More information about the ffmpeg-cvslog mailing list