[FFmpeg-cvslog] [ffmpeg-web] branch master updated. bfe73eb web/security: Add CVEs found on the oss security list and some forgotten ones

ffmpeg-git at ffmpeg.org ffmpeg-git at ffmpeg.org
Sat Dec 10 18:06:38 EET 2016


The branch, master has been updated
       via  bfe73ebe61fd2f7c8293743dd73a5d983c669d41 (commit)
      from  07127e905489dcc22eb1cb27ec58464b1fc38ccf (commit)


- Log -----------------------------------------------------------------
commit bfe73ebe61fd2f7c8293743dd73a5d983c669d41
Author:     Michael Niedermayer <michael at niedermayer.cc>
AuthorDate: Sat Dec 10 16:57:38 2016 +0100
Commit:     Michael Niedermayer <michael at niedermayer.cc>
CommitDate: Sat Dec 10 17:06:06 2016 +0100

    web/security: Add CVEs found on the oss security list and some forgotten ones
    
    Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>

diff --git a/src/security b/src/security
index e6a69ae..87ceb74 100644
--- a/src/security
+++ b/src/security
@@ -8,17 +8,40 @@ Fixes following vulnerabilities:
 </p>
 <pre>
 CVE-2016-5199, 347cb14b7cba7560e53f4434b419b9d8800253e7
+CVE-2016-7122, e4e4a9cad7f21593d4bcb1f2404ea0d373c36c43
+CVE-2016-7450, a5af1240fce845f645440364c1335e0f8e44ee6c
+CVE-2016-7502, 0e318f110bcd6bb8e7de9127f2747272e60f48d7
+CVE-2016-7555, b98dafe04564d5fe3e5bf5073d871dd93a4a62de
+CVE-2016-7562, 69449da436169e7facaa6d1f3bcbc41cf6ce2754
+CVE-2016-7785, 14bac7e00d72eac687612d9b125e585011a56d4f
+CVE-2016-7905, 2679ad4773aa356e7c3da5c68bc81f02a194617f
+CVE-2016-8595, 987690799dd86433bf98b897aaa4c8d93ade646d
 </pre>
 
 
 <h2>FFmpeg 3.1</h2>
 
+<h3>3.1.5</h3>
+<p>
+Fixes following vulnerabilities:
+</p>
+<pre>
+CVE-2016-8595, 08eef74a39d73bec80d4a12f0eaca6a3602a2024 / 987690799dd86433bf98b897aaa4c8d93ade646
+</pre>
+
 <h3>3.1.4</h3>
 <p>
 Fixes following vulnerabilities:
 </p>
 <pre>
 CVE-2016-5199, 7a3dc2f7b6c2fbe62aeed7839e736db395a6f76a / 347cb14b7cba7560e53f4434b419b9d8800253e7
+CVE-2016-7122, ed38046c5c2e3b310980be32287179895c83e0d8 / e4e4a9cad7f21593d4bcb1f2404ea0d373c36c43
+CVE-2016-7450, ac8ac46641adef208485baebc3734463bf0bd266 / a5af1240fce845f645440364c1335e0f8e44ee6c
+CVE-2016-7502, 9d738e6968757d4e70c8e07e0b720ac0004accc4 / 0e318f110bcd6bb8e7de9127f2747272e60f48d7
+CVE-2016-7555, 8834e080c20d3d23c3ffe779371359f9b9b835ec / b98dafe04564d5fe3e5bf5073d871dd93a4a62de
+CVE-2016-7562, 496267f8e9ec218351e4359e1fde48722d4fc804 / 69449da436169e7facaa6d1f3bcbc41cf6ce2754
+CVE-2016-7785, c8c5f66b42edc37474baa5cb51460cbf6f33075b / 14bac7e00d72eac687612d9b125e585011a56d4f
+CVE-2016-7905, 622ccbd8ab894e3ac6cdf607e3d4f39e406786e9 / 2679ad4773aa356e7c3da5c68bc81f02a194617f
 </pre>
 
 <h3>3.1.3</h3>
@@ -55,6 +78,12 @@ Fixes following vulnerabilities:
 </p>
 <pre>
 CVE-2016-5199, 9259b7f38e008720096532cd4e666a9889f3c578 / 347cb14b7cba7560e53f4434b419b9d8800253e7
+CVE-2016-7450, 9357aa67572ce630267144ecd923c643a0982617 / a5af1240fce845f645440364c1335e0f8e44ee6c
+CVE-2016-7502, 63f951601e75051085b85e8034989ee8a7dcff1d / 0e318f110bcd6bb8e7de9127f2747272e60f48d7
+CVE-2016-7555, fb7617df4eb13659fa20cb535888c10eac0fdb77 / b98dafe04564d5fe3e5bf5073d871dd93a4a62de
+CVE-2016-7562, e5bf7ab3e7c6432da47958105ac59ee2681d3198 / 69449da436169e7facaa6d1f3bcbc41cf6ce2754
+CVE-2016-7785, 77d5a237ef6803e3b5a138fdee10bf1f62e4a7d7 / 14bac7e00d72eac687612d9b125e585011a56d4f
+CVE-2016-7905, 8c43f320574d201fe1b696b133c08368f5f18508 / 2679ad4773aa356e7c3da5c68bc81f02a194617f
 </pre>
 
 <h3>3.0.3</h3>
@@ -64,11 +93,23 @@ Fixes following vulnerabilities:
 <pre>
 CVE-2016-6164, a5680d83af26d4e6cfb9fe2eb8f51247bf36a41f / 8a3221cc67a516dfc1700bdae3566ec52c7ee823
 CVE-2016-6881, ca92adafb0effac6c51a12f90a593ba7e8b3ee90 / a453bbb68f3eec202673728988bba3bc76071761
+CVE-2016-7122, 1d90326f95a791db515f69a01a5f6ef867896d15 / e4e4a9cad7f21593d4bcb1f2404ea0d373c36c43
 </pre>
 
 
 <h2>FFmpeg 2.8</h2>
 
+<h3>2.8.9</h3>
+<p>
+Fixes following vulnerabilities:
+</p>
+<pre>
+CVE-2016-7502, 69b00a7fb6faa1b19b5687a5762ff4f94d5ff9aa / 0e318f110bcd6bb8e7de9127f2747272e60f48d7
+CVE-2016-7785, a772613100514842008271c8d0e5d63a6979f9bf / 14bac7e00d72eac687612d9b125e585011a56d4f
+CVE-2016-7905, 239f75d6c3dfbe4def80a12913d5737dd5a5bbcc / 2679ad4773aa356e7c3da5c68bc81f02a194617f
+CVE-2016-7562, ab737ab31d4f126ed5a13a6a0498824141925108 / 69449da436169e7facaa6d1f3bcbc41cf6ce275
+</pre>
+
 <h3>2.8.8</h3>
 <p>
 Fixes following vulnerabilities:
@@ -76,6 +117,8 @@ Fixes following vulnerabilities:
 <pre>
 CVE-2016-6164, 054db631200c9940bc72e4dec2cb3c75e613abaf / 8a3221cc67a516dfc1700bdae3566ec52c7ee823
 CVE-2016-6881, e965fedf7e94b7e50cd11be00fa729ee8faeb21b / a453bbb68f3eec202673728988bba3bc76071761
+CVE-2016-7122, 8ddeae57ae727966ac7588cf34ff56558fe3ffd1 / e4e4a9cad7f21593d4bcb1f2404ea0d373c36c43
+CVE-2016-7450, f8dcc9e7189709c68829b0fa7a98941fdf916d68 / a5af1240fce845f645440364c1335e0f8e44ee6c
 </pre>
 
 <h3>2.8.6</h3>

-----------------------------------------------------------------------

Summary of changes:
 src/security | 43 +++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 43 insertions(+)


hooks/post-receive
-- 



More information about the ffmpeg-cvslog mailing list