[FFmpeg-devel] CVE Number forensics [Help welcome]
Michael Niedermayer
michael at niedermayer.cc
Sun Mar 2 05:38:27 EET 2025
Hi all
As you probably know, there are CVE numbers missing from our security page
(because they have never been reported to us or we somehow missed them)
tools/compare-cvelists.sh
lists them
ATM 110
If someone wants to help, you just need google,
git branch --contains
maybe the internet archieve
various CVE lists
the goal is to find which commit fixed which of these issues and then
in which release these commits first appeard (git branch --contains)
then just add them to src/security and post a patch
ive added 6 today, can you beat me and do more ?
(no need to be a software developer even)
thx
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
If you think the mosad wants you dead since a long time then you are either
wrong or dead since a long time.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20250302/8e9be89b/attachment.sig>
More information about the ffmpeg-devel
mailing list