[FFmpeg-devel] Is ffmpeg 2.8.11 vulnerable to clusterfuzz 4999324687663104?
Michael Niedermayer
michael at niedermayer.cc
Wed Apr 26 15:34:51 EEST 2017
On Tue, Apr 25, 2017 at 04:37:57PM -0700, Pal Azzo wrote:
> Hi,
>
> I'm having trouble decoding this clusterfuzz report:
> https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=713
>
> Was trying to figure out if 2.8.11 is vulnerable. It's not clear which
> commit was the fix, but it looks like none of the commits in the regression
> range made it to the 2.8 branch. Was that because 2.8 was never vulnerable
> to it?
I dont think anyone ever succeeded reproducing this issue, in fact
it was marked automatically as fixed hours after being detected
Was someone able to reproduce this ?
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
You can kill me, but you cannot change the truth.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: Digital signature
URL: <http://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20170426/c8a81eed/attachment.sig>
More information about the ffmpeg-devel
mailing list