[FFmpeg-devel] backport fixes for CVE-2019-9718 and CVE-2019-9721
Michael Niedermayer
michael at niedermayer.cc
Wed Mar 20 19:42:37 EET 2019
On Tue, Mar 19, 2019 at 11:28:01PM +0100, Dominik 'Rathann' Mierzejewski wrote:
> Hello,
> please backport fixes for CVE-2019-9718 and CVE-2019-9721 to 3.4
> and 4.0 branches. The relevant commits seem to be:
> 1f00c97bc3475c477f3c468cf2d924d5761d0982
> 894995c41e0795c7a44f81adc4838dedc3932e65
>
> Thanks in advance.
these will be backported with the next point releases from these branches
Ill try to do these releases rather sooner than later
>
> Were the CVE IDs not known at the time these were pushed to master?
I am pretty sure they where not known because if they where they would
have been included.
> Not having them in the commit log made it more difficult to find them.
>
> Regards,
> Dominik
> --
> Fedora https://getfedora.org | RPM Fusion http://rpmfusion.org
> There should be a science of discontent. People need hard times and
> oppression to develop psychic muscles.
> -- from "Collected Sayings of Muad'Dib" by the Princess Irulan
> _______________________________________________
> ffmpeg-devel mailing list
> ffmpeg-devel at ffmpeg.org
> https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
Opposition brings concord. Out of discord comes the fairest harmony.
-- Heraclitus
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: not available
URL: <http://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20190320/03c9e587/attachment.sig>
More information about the ffmpeg-devel
mailing list