web/security: update for 2.3, 1.0.10, 0.5.*
[ffmpeg-web.git] / src / security
1 <p>Please report vulnerabilities to <a href="mailto:ffmpeg-security@ffmpeg.org">ffmpeg-security@ffmpeg.org</a></p>
2
3 <h2>FFmpeg 2.3</h2>
4 <h3>2.3</h3>
5 <p>
6 Fixes following vulnerabilities:
7 </p>
8 <pre>
9 CVE-2014-4609, d6af26c55c1ea30f85a7d9edbc373f53be1743ee
10 CVE-2014-4610, d6af26c55c1ea30f85a7d9edbc373f53be1743ee
11 </pre>
12
13 <h2>FFmpeg 2.2</h2>
14 <h3>2.2.4</h3>
15 <p>
16 Fixes following vulnerabilities:
17 </p>
18 <pre>
19 CVE-2014-4609, 7d9c059a3525aa9f3e257b4c13df2b8c30409f3c / d6af26c55c1ea30f85a7d9edbc373f53be1743ee
20 CVE-2014-4610, 7d9c059a3525aa9f3e257b4c13df2b8c30409f3c / d6af26c55c1ea30f85a7d9edbc373f53be1743ee
21 </pre>
22
23 <h3>2.2</h3>
24 <p>
25 Fixes following vulnerabilities:
26 </p>
27 <pre>
28 CVE-2014-2263, 842b6c14bcfc1c5da1a2d288fd65386eb8c158ad
29 CVE-2014-2099, c919e1ca2ecfc47d796382973ba0e48b8f6f92a2
30 CVE-2014-2098, ec9578d54d09b64bf112c2bf7a34b1ef3b93dbd3
31 CVE-2014-2097, f58eab151214d2d35ff0973f2b3e51c5eb372da4
32 </pre>
33
34 <h2>FFmpeg 2.1</h2>
35
36 <h3>2.1.5</h3>
37 <p>
38 Fixes following vulnerabilities:
39 </p>
40 <pre>
41 CVE-2014-4609, 9c358c6e3b3422b209c3fea18313bd33229c0858 / d6af26c55c1ea30f85a7d9edbc373f53be1743ee
42 CVE-2014-4610, 9c358c6e3b3422b209c3fea18313bd33229c0858 / d6af26c55c1ea30f85a7d9edbc373f53be1743ee
43 </pre>
44
45 <h3>2.1.4</h3>
46 <p>
47 Fixes following vulnerabilities:
48 </p>
49 <pre>
50 CVE-2014-2099, 4cc18ee5da110087b5661ef0269ef59742e90a82 / c919e1ca2ecfc47d796382973ba0e48b8f6f92a2
51 CVE-2014-2098, f91ef98c9d740d6c1410d5cf206bda80c2416808 / ec9578d54d09b64bf112c2bf7a34b1ef3b93dbd3
52 CVE-2014-2097, 8c6a976feeea8ee0ccdb31fbddb0d9c98b44ae0d / f58eab151214d2d35ff0973f2b3e51c5eb372da4
53 CVE-2014-2263, 4a28a3ddc4eb7322409f062f422c676f93d95ac1 / 842b6c14bcfc1c5da1a2d288fd65386eb8c158ad
54 </pre>
55
56 <h3>2.1</h3>
57 <p>
58 Fixes following vulnerabilities:
59 </p>
60 <pre>
61 CVE-2013-7008, 29ffeef5e73b8f41ff3a3f2242d356759c66f91f
62 CVE-2013-7009, 3819db745da2ac7fb3faacb116788c32f4753f34
63 CVE-2013-7010, 454a11a1c9c686c78aa97954306fb63453299760
64 CVE-2013-7011, 547d690d676064069d44703a1917e0dab7e33445
65 CVE-2013-7012, 780669ef7c23c00836a24921fcc6b03be2b8ca4a
66 CVE-2013-7013, 821a5938d100458f4d09d634041b05c860554ce0
67 CVE-2013-7014, 86736f59d6a527d8bc807d09b93f971c0fe0bb07
68 CVE-2013-7015, 880c73cd76109697447fbfbaa8e5ee5683309446
69 CVE-2013-7016, 8bb11c3ca77b52e05a9ed1496a65f8a76e6e2d8f
70 CVE-2013-7017, 912ce9dd2080c5837285a471d750fa311e09b555
71 CVE-2013-7018, 9a271a9368eaabf99e6c2046103acb33957e63b7
72 CVE-2013-7019, a1b9004b768bef606ee98d417bceb9392ceb788d
73 CVE-2013-7020, b05cd1ea7e45a836f7f6071a716c38bb30326e0f
74 CVE-2013-7021, cdd5df8189ff1537f7abe8defe971f80602cc2d2
75 CVE-2013-7022, e07ac727c1cc9eed39e7f9117c97006f719864bd
76 CVE-2013-7023, f31011e9abfb2ae75bb32bc44e2c34194c8dc40a
77 CVE-2013-7024, fe448cd28d674c3eff3072552eae366d0b659ce9
78 </pre>
79
80 <h2>FFmpeg 2.0</h2>
81
82 <h3>2.0.5</h3>
83 <p>
84 Fixes following vulnerabilities:
85 </p>
86 <pre>
87 CVE-2014-4609, 083d0b7b2d928185d7cadff7b4f558c8d8557939 / d6af26c55c1ea30f85a7d9edbc373f53be1743ee
88 CVE-2014-4610, 083d0b7b2d928185d7cadff7b4f558c8d8557939 / d6af26c55c1ea30f85a7d9edbc373f53be1743ee
89 </pre>
90
91 <h3>2.0.4</h3>
92 <p>
93 Fixes following vulnerabilities:
94 </p>
95 <pre>
96 CVE-2014-2098, 13ce3673684e0fe69964f71660747e674c1f524c / ec9578d54d09b64bf112c2bf7a34b1ef3b93dbd3
97 CVE-2014-2099, bc1c8ec5e65098fd2ccd8456f667151dfc9cda42 / c919e1ca2ecfc47d796382973ba0e48b8f6f92a2
98 CVE-2014-2097, d0d0924947a40df52b06cafd86fc293949edbfc2 / f58eab151214d2d35ff0973f2b3e51c5eb372da4
99 CVE-2014-2263, 5e7e43c33ea45550137f5dd2b9f81deef2acbfcd / 842b6c14bcfc1c5da1a2d288fd65386eb8c158ad
100 </pre>
101
102 <h3>2.0.3</h3>
103 <p>
104 Fixes following vulnerabilities:
105 </p>
106 <pre>
107 CVE-2013-7008, cd7d575e90ceada5a9914d029124388d4993cc9e / 29ffeef5e73b8f41ff3a3f2242d356759c66f91f
108 CVE-2013-7012, b545d11d498c5a79d5cb2b8d7a9339467648e10d / 780669ef7c23c00836a24921fcc6b03be2b8ca4a
109 CVE-2013-7019, 47f8497837ebbb6877ab9d199f66f655017b769c / a1b9004b768bef606ee98d417bceb9392ceb788d
110 CVE-2013-7024, 93f26b79926cf311784ce939ba570cf282e15b5c / fe448cd28d674c3eff3072552eae366d0b659ce9
111 </pre>
112
113 <h3>2.0.2</h3>
114 <p>
115 Fixes following vulnerabilities:
116 </p>
117 <pre>
118 CVE-2013-7009, acac6b0d6951f86d5db8aaeaeb970743d1907852 / 3819db745da2ac7fb3faacb116788c32f4753f34
119 CVE-2013-7010, 54bdb5fc8642b8384a181a10eace584cfee5494e / 454a11a1c9c686c78aa97954306fb63453299760
120 CVE-2013-7011, c7ee4bc016e56abb69fa728e124294e786fb7c01 / 547d690d676064069d44703a1917e0dab7e33445
121 CVE-2013-7013, 0a64b25c77320577a54203b2c7e5f3da4ae36e40 / 821a5938d100458f4d09d634041b05c860554ce0
122 CVE-2013-7014, a4522ae516b58175c447b65cb44536db08f82552 / 86736f59d6a527d8bc807d09b93f971c0fe0bb07
123 CVE-2013-7015, deb8d0d6a121a155b5e396ea5b8da5567ac263f0 / 880c73cd76109697447fbfbaa8e5ee5683309446
124 CVE-2013-7016, e2eb0d23269043357cdab90a9fca4fca2895d2ac / 8bb11c3ca77b52e05a9ed1496a65f8a76e6e2d8f
125 CVE-2013-7017, a1b32533aa7f31224f8f0be05d2cf020159e2e90 / 912ce9dd2080c5837285a471d750fa311e09b555
126 CVE-2013-7018, 3e817d91ef6b8b1681b4d4e5e4bdbd54a720e3de / 9a271a9368eaabf99e6c2046103acb33957e63b7
127 CVE-2013-7020, 2fd824b4662a73d3023824034ab7f5692bcc3af2 / b05cd1ea7e45a836f7f6071a716c38bb30326e0f
128 CVE-2013-7021, db99c4156711488a3df04e105b977e6f65d4279a / cdd5df8189ff1537f7abe8defe971f80602cc2d2
129 CVE-2013-7022, 2b06f5f8f15a4464c74405cd7da57da2d6be5d36 / e07ac727c1cc9eed39e7f9117c97006f719864bd
130 CVE-2013-7023, 9b02aa25937ff0990b7d8558f04293384d682eb1 / f31011e9abfb2ae75bb32bc44e2c34194c8dc40a
131 </pre>
132
133 <h3>2.0.1</h3>
134 <p>
135 Fixes following vulnerabilities:
136 </p>
137 <pre>
138 CVE-2013-4263, 1bf2461765c58aad5829ea45a2885d11f50b73f0 / e43a0a232dbf6d3c161823c2e07c52e76227a1bc
139 CVE-2013-4264, acf511de34e0b79fff0183e06ed37f1aa8dc3d94 / 2960576378d17d71cc8dccc926352ce568b5eec1
140 CVE-2013-4265, 211374e52a933a2b3f21a4d6e66e9f1b0623e44e / c94f9e854228e0ea00e1de8769d8d3f7cab84a55
141 </pre>
142
143 <h3>2.0</h3>
144 <p>
145 Fixes following vulnerabilities:
146 </p>
147 <pre>
148 CVE-2013-3670, c1f2c4c3b49277d65b71ccdd3b6b2878f1b593eb
149 CVE-2013-3671, 7edb984dd051b6919d7d8471c70499273f31b0fa
150 CVE-2013-3672, 8d3c99e825317b7efda5fd12e69896b47c700303
151 CVE-2013-3673, d23b8462b5a4a9da78ed45c4a7a3b35d538df909
152 CVE-2013-3674, ad002e1a13a8df934bd6cb2c84175a4780ab8942
153 CVE-2013-3675, 9dd04f6d8cdd1c10c28b2cb4252c1a41df581915
154 </pre>
155
156
157 <h2>FFmpeg 1.2</h2>
158 <h3>1.2.7</h3>
159 <p>
160 Fixes following vulnerabilities:
161 </p>
162 <pre>
163 CVE-2014-4609 eada99a854f8684c92dba3ce5554a9bdd8304a16 / d6af26c55c1ea30f85a7d9edbc373f53be1743ee
164 CVE-2014-4610 eada99a854f8684c92dba3ce5554a9bdd8304a16 / d6af26c55c1ea30f85a7d9edbc373f53be1743ee
165 </pre>
166
167 <h3>1.2.6</h3>
168 <p>
169 Fixes following vulnerabilities:
170 </p>
171 <pre>
172 CVE-2014-2099, ab31a9ee4af5cfc0bab6b318512819fb706d0ff2 / c919e1ca2ecfc47d796382973ba0e48b8f6f92a2
173 CVE-2014-2098, 11b14d0e63f882171e579f05a0af3b2679dd021a / ec9578d54d09b64bf112c2bf7a34b1ef3b93dbd3
174 CVE-2014-2097, ca9d302519b690af1318c4c5ef6aeff118548819 / f58eab151214d2d35ff0973f2b3e51c5eb372da4
175 CVE-2014-2263, a57d29a50c7a65cd75d55db78ffb24d326aec38f / 842b6c14bcfc1c5da1a2d288fd65386eb8c158ad
176 </pre>
177
178 <h3>1.2.5</h3>
179 <p>
180 Fixes following vulnerabilities:
181 </p>
182 <pre>
183 CVE-2013-7008, a8b6721bedce381c855728e98f409ef5dabef304 / 29ffeef5e73b8f41ff3a3f2242d356759c66f91f
184 </pre>
185
186 <h3>1.2.4</h3>
187 <p>
188 Fixes following vulnerabilities:
189 </p>
190 <pre>
191 CVE-2013-7010, a0d13f578b8572a383106b07527fb437f70f3b50 / 454a11a1c9c686c78aa97954306fb63453299760
192 CVE-2013-7011, bb4126e250e0a2d8505d135cd81d8c98b48dd4fc / 547d690d676064069d44703a1917e0dab7e33445
193 CVE-2013-7014, ddce97c7b0e460bafa0e7da72b6c4b8193f23cda / 86736f59d6a527d8bc807d09b93f971c0fe0bb07
194 CVE-2013-7020, 91e19ab9306c347229265cab9ba21f04ee56c888 / b05cd1ea7e45a836f7f6071a716c38bb30326e0f
195 CVE-2013-7021, 0f3cdddf3886ebd5abc8efad72bc193189c815bf / cdd5df8189ff1537f7abe8defe971f80602cc2d2
196 CVE-2013-7023, 95e26d33d76d00b3684485e623cb10644820870f / f31011e9abfb2ae75bb32bc44e2c34194c8dc40a
197 </pre>
198
199 <h3>1.2.3</h3>
200 <p>
201 Fixes following vulnerabilities:
202 </p>
203 <pre>
204 CVE-2013-4263, 64d362fce718d5dfe108c147971ca9558f5bed24 / e43a0a232dbf6d3c161823c2e07c52e76227a1bc
205 CVE-2013-7009, 9d8795e59814b8d2381ca51359cfe3f588f1ca0a / 3819db745da2ac7fb3faacb116788c32f4753f34
206 CVE-2013-7015, 64d440a3b459bf9747cbd134afd29e4463a52c44 / 880c73cd76109697447fbfbaa8e5ee5683309446
207 CVE-2013-7018, 848e5cfc0f7ef0eae410562c3d7f7744a83aae9b / 9a271a9368eaabf99e6c2046103acb33957e63b7
208 </pre>
209
210 <h3>1.2.1</h3>
211 <p>
212 Fixes following vulnerabilities:
213 </p>
214 <pre>
215 CVE-2013-3670, 0baa0a5a02e16ef097ed9f72bc8a7d7b585c7652 / c1f2c4c3b49277d65b71ccdd3b6b2878f1b593eb
216 CVE-2013-3671, cc0dd86580b3257f22a4981a79eb5fa6804182b6 / 7edb984dd051b6919d7d8471c70499273f31b0fa
217 CVE-2013-3672, 7fa6db2545643efb4fe2e0bb501fa50af35a6330 / 8d3c99e825317b7efda5fd12e69896b47c700303
218 CVE-2013-3673, 7ee5e97c46e30fb3d6f9f78cc3313dbc06528b37 / d23b8462b5a4a9da78ed45c4a7a3b35d538df909
219 CVE-2013-3674, 7ef2dbd2392e3e4d430e0173e1e5c4df9f18b6dd / ad002e1a13a8df934bd6cb2c84175a4780ab8942
220 CVE-2013-3675, 524d0d2cfc7bab1b348f85e7c0369859e63781cf / 9dd04f6d8cdd1c10c28b2cb4252c1a41df581915
221 </pre>
222
223 <h3>1.2</h3>
224 <p>
225 Fixes following vulnerabilities:
226 </p>
227 <pre>
228 CVE-2013-2495, 3dbc0ff9c3e6f6e0d08ea3d42cb33761bae084ba
229 CVE-2013-2496, e398990eb87785e20e065cd3f14d1dbb69df4392
230 CVE-2013-0870, 14c8ee00ffd9d45e6e0c6f11a957ce7e56f7eb3a
231 CVE-2012-5150, ae3d41636942cbc0236bad21ad06c65f4eb0f096
232 CVE-2013-0894, 2c16bf2de07c68513072bf3cc96401d2c6291a3e
233 </pre>
234
235
236 <h2>FFmpeg 1.1</h2>
237 <h3>1.1.12</h3>
238 <p>
239 Fixes following vulnerabilities:
240 </p>
241 <pre>
242 CVE-2014-4609, 1f2f6b247aaf780e0a4e780935ead0fb12cd2981 / d6af26c55c1ea30f85a7d9edbc373f53be1743ee
243 CVE-2014-4610, 1f2f6b247aaf780e0a4e780935ead0fb12cd2981 / d6af26c55c1ea30f85a7d9edbc373f53be1743ee
244 </pre>
245
246 <h3>1.1.9</h3>
247 <p>
248 Fixes following vulnerabilities:
249 </p>
250 <pre>
251 CVE-2014-2099, 0c58c165ab51260ba2e6cb606b8057a7c9783ef3 / c919e1ca2ecfc47d796382973ba0e48b8f6f92a2
252 CVE-2014-2097, 74821341b9aca0be0938f1eabe3aabc1d3a004e8 / f58eab151214d2d35ff0973f2b3e51c5eb372da4
253 CVE-2014-2098, b0b02a210109473cbc8d3bb8d7a6bcf4eb6ebb68 / ec9578d54d09b64bf112c2bf7a34b1ef3b93dbd3
254 CVE-2014-2263, 694c3a13c9489c6e05f88486b489dd0746d114fc / 842b6c14bcfc1c5da1a2d288fd65386eb8c158ad
255 CVE-2012-5150, ca2e3f113188e5835533d54000c314721b8445db / ae3d41636942cbc0236bad21ad06c65f4eb0f096
256 </pre>
257
258 <h3>1.1.8</h3>
259 <p>
260 Fixes following vulnerabilities:
261 </p>
262 <pre>
263 CVE-2013-7008, a4b705b4cbb57c1cc32d6e368e0176510ef3c2e3 / 29ffeef5e73b8f41ff3a3f2242d356759c66f91f
264 </pre>
265
266 <h3>1.1.7</h3>
267 <p>
268 Fixes following vulnerabilities:
269 </p>
270 <pre>
271 CVE-2013-7021, 580418bd558505789f1670aeec895bc81668ceb1 / cdd5df8189ff1537f7abe8defe971f80602cc2d2
272 CVE-2013-7023, 0efb4ff86c200fad9da910ed7adaf3bc90793694 / f31011e9abfb2ae75bb32bc44e2c34194c8dc40a
273 </pre>
274
275 <h3>1.1.6</h3>
276 <p>
277 Fixes following vulnerabilities:
278 </p>
279 <pre>
280 CVE-2013-7009, bb263cc33afbab9520f776c03bc846ad316c7e18 / 3819db745da2ac7fb3faacb116788c32f4753f34
281 CVE-2013-7010, 558d0b9483d0eecf9718986516c00b696541c693 / 454a11a1c9c686c78aa97954306fb63453299760
282 CVE-2013-7011, df2fc635439df6d5ab84d50ae96acb0da07f941e / 547d690d676064069d44703a1917e0dab7e33445
283 CVE-2013-7014, a2e7fd406c5b1d9095fe198c72007e4136ef5e93 / 86736f59d6a527d8bc807d09b93f971c0fe0bb07
284 CVE-2013-7015, f508bf7ff1f86d876dc6da43002d2240d4157bf1 / 880c73cd76109697447fbfbaa8e5ee5683309446
285 CVE-2013-7018, 359bfa4c272adf9c3b1c59d123fadb57a9e2f8cb / 9a271a9368eaabf99e6c2046103acb33957e63b7
286 CVE-2013-7020, f78a3868fd3d8f66da68338c0783aa15f98833bf / b05cd1ea7e45a836f7f6071a716c38bb30326e0f
287 </pre>
288
289 <h3>1.1.5</h3>
290 <p>
291 Fixes following vulnerabilities:
292 </p>
293 <pre>
294 CVE-2013-3670, e9d9fd1137b18c5649342a15c77f67d1c5d0be01 / c1f2c4c3b49277d65b71ccdd3b6b2878f1b593eb
295 CVE-2013-3671, cd2d8aca8468523e34f67e3647a65bdebb155efc / 7edb984dd051b6919d7d8471c70499273f31b0fa
296 CVE-2013-3672, 520c3d23036f6df4af8a6a8c3c0ba4965bca4f98 / 8d3c99e825317b7efda5fd12e69896b47c700303
297 CVE-2013-3673, a4681d1043556718fb20c9026f8d1cec4e7f453f / d23b8462b5a4a9da78ed45c4a7a3b35d538df909
298 CVE-2013-3674, 151c2ca8c797a00927776bb77427dc0c77e641d2 / ad002e1a13a8df934bd6cb2c84175a4780ab8942
299 CVE-2013-3675, dafd8228bc0f7d9a6afd4e84a476b3a73e0a5a4b / 9dd04f6d8cdd1c10c28b2cb4252c1a41df581915
300 </pre>
301
302 <h3>1.1.4</h3>
303 <p>
304 Fixes following vulnerabilities:
305 </p>
306 <pre>
307 CVE-2013-2495, f719e6566c08dc1e18cf1caf07ba8c0e93cd7283 / 3dbc0ff9c3e6f6e0d08ea3d42cb33761bae084ba
308 CVE-2013-2496, e398990eb87785e20e065cd3f14d1dbb69df4392 / b9a1efa6f4d4cda20ce796614ff5b0c523df5672
309 CVE-2013-0894, 494ddd377ada76ed555f7a3f49391455daa099c9 / 11dcecfcca0eca1a571792c4fa3c21fb2cfdddd
310 </pre>
311
312 <h3>1.1.3</h3>
313 <p>
314 Fixes following vulnerabilities:
315 </p>
316 <pre>
317 CVE-2013-2277, 02d1efdd5b61cefb96562ff9b94c03486a8ead15 / bdeb61ccc67911cfc5e20c7cfb1312d0501ca90a
318 CVE-2013-2276, 469cb61193861baf46cce76f98985b026b08cd8d / 8a6449167a6da8cb747cfe3502ae86ffaac2ed48
319 CVE-2013-0872, 7c40a0449b4771a0a09c3c38e081d3869d1f917b / 21cd905cd44a4bbafe8631bbaa6021d328413ce5
320 CVE-2013-0873, 811a504c6bc2586a8ea5d52fbcfee94277123eb5 / 4f1279154ee9baf2078241bf5619774970d18b25
321 CVE-2013-0874, 75211f2b8cfb8b4a3f47c514e55585651eeb2767 / e1219cdaf9fb4bc8cea410e1caf802373c1bfe51
322 CVE-2013-0875, f6687bbb6464532f14b3246cdb7b03f6d04b25cb / 1ac0fa50eff30d413206cffa5f47f7fe6d4849b1
323 CVE-2013-0876, 1400f1a1e46d72dc38d4cee66f611d91c3a1f49b / 5260edee7e5bd975837696c8c8c1a80eb2fbd7c1
324 CVE-2013-0877, 1ea5bbc5940d2ea5ec1eea83cccef331d737f5f6 / 365270aec5c2b9284230abc702b11168818f14cf
325 CVE-2013-0878, f5955d9f6f9ffdb81864c3de1c7b801782a55725 / 796012af6c780b5b13ebca39a491f215515a18fe
326 </pre>
327
328 <h3>1.1.2</h3>
329 <p>
330 Fixes following vulnerabilities:
331 </p>
332 <pre>
333 CVE-2013-0862, f4fb841ad13bab66d4fb0c7ff2a94770df7815d8 / 49b729d3af8464de431362e6c5b3027102bc2f88
334 CVE-2013-0863, 62c9beda0c189db5cb61fa772057e3af9521f293 / 7357ca900efcf829de4cce4cec6ddc286526d417
335 CVE-2013-0864, 9547034f9120187e23ad76424dd4d70247e62212 / c10350358da58600884292c08a8690289b81de29
336 CVE-2013-0865, f3d16706060ab6ae6dc78f15359fab3fd87c9495 / ab6c9332bfa1e20127a16392a0b85a4aa4840889
337 CVE-2013-0866, 47e462eecc0a47ad40f59376199f93f227e21d13 / 96f452ac647dae33c53c242ef3266b65a9beafb6
338 CVE-2013-0867, 3ef1538121fa6daeb1767510f1d4ae2c306c9fec / 11c99c78bafa77f679a1a3ba06ad00984b9a4cae
339 CVE-2013-0868, 6baa54924980e1f0e8121e4715d16ed1adcd2a23 / f67a0d115254461649470452058fa3c28c0df294
340                75e88db33013eaa7ab74457f5556df677b4ffb42 / 0dfc01c2bbf4b71bb56201bc4a393321e15d1b31
341 CVE-2013-0869, eaa9d2cd6b8c1e2722d5bfc56ea67fde865200ce / 695af8eed642ff0104834495652d1ee784a4c14d
342 </pre>
343
344 <h3>1.1.1</h3>
345 <p>
346 Fixes following vulnerabilities:
347 </p>
348 <pre>
349 CVE-2013-0860, 68a0477bc0af026db971ddba22541029a9e8715b / 23318a57358358e7a4dc551e830e4503f0638cfe
350 CVE-2013-0861, 43c6b45a53a186a187f7266e4d6bd3c2620519f1 / d270c3202539e8364c46410e15f7570800e33343
351 </pre>
352
353 <h3>1.1</h3>
354 <p>
355 Fixes following vulnerabilities:
356 </p>
357 <pre>
358 CVE-2013-0844, f18c873ab5ee3c78d00fdcc2582b39c133faecb4
359 CVE-2013-0845, 0ceca269b66ec12a23bf0907bd2c220513cdbf16
360 CVE-2013-0846, a7ee6281f7ef1c29284e3a4cadfe0f227ffde1ed
361 CVE-2013-0847, 10416a4d56fa8a89784e4fb62099c3cab17a9952
362 CVE-2013-0848, 6abb9a901fca27da14d4fffbb01948288b5da3ba
363 CVE-2013-0849, 3ae610451170cd5a28b33950006ff0bd23036845
364 CVE-2013-0850, d6c184880ee2e09fd68c0ae217173832cee5afc1
365 CVE-2013-0851, 63ac64864c6e0e84355aa3caa5b92208997a9a8d
366 CVE-2013-0852, c0d68be555f5858703383040e04fcd6529777061
367 CVE-2013-0853, be818df547c3b0ae4fadb50fd210139a8636706a
368 CVE-2013-0854, 1f41cffe1e3e79620f587545bdfcbd7e6e68ed29
369 CVE-2013-0855, 3920d1387834e2bc334aff9f518f4beb24e470bd
370 CVE-2013-0856, fd4f4923cce6a2cbf4f48640b4ac706e614a1594
371 CVE-2013-0857, 2fbb37b51bbea891392ad357baf8f3dff00bac05
372 CVE-2013-0858, 13451f5520ce6b0afde861b2285dda659f8d4fb4
373 CVE-2013-0859, 6d1c5ea04af3e345232aa70c944de961061dab2d
374 CVE-2012-6617, cbe43e62c9ac7d4aefdc13476f6f691bd626525f
375 CVE-2012-6618, 03847eb8259291b4ff1bd840bd779d0699d71f96
376 </pre>
377
378 <h2>FFmpeg 1.0</h2>
379 <h3>1.0.10</h3>
380 <p>
381 Fixes following vulnerabilities:
382 </p>
383 <pre>
384 CVE-2012-5150, 85b1ce977bd5d477cd47d0942e1a09f0a56e6778 / ae3d41636942cbc0236bad21ad06c65f4eb0f096
385 CVE-2013-0894, 0916d0f9d1b94b4bb88382edae45b9276746574d / 2c16bf2de07c68513072bf3cc96401d2c6291a3e
386 CVE-2014-4609, 7b5c706494a775b2b0d0e0a38448610802eef8f4 / d6af26c55c1ea30f85a7d9edbc373f53be1743ee
387 CVE-2014-4609, 7b5c706494a775b2b0d0e0a38448610802eef8f4 / d6af26c55c1ea30f85a7d9edbc373f53be1743ee
388 </pre>
389
390 <h3>1.0.9</h3>
391 <p>
392 Fixes following vulnerabilities:
393 </p>
394 <pre>
395 CVE-2013-7023, 6f9ae27f5136a29eea18effb033fe9d6f67b892e / f31011e9abfb2ae75bb32bc44e2c34194c8dc40a
396 CVE-2014-2098, b9bf17c55ac2b3b06e44a221994563fa894c1347 / ec9578d54d09b64bf112c2bf7a34b1ef3b93dbd3
397 CVE-2014-2099, 54b61181ed55ab38034520eb27d18cf8a2d3732e / c919e1ca2ecfc47d796382973ba0e48b8f6f92a2
398 CVE-2014-2263, 7ad6b66370e59e7eafb17bd5d43c46e3abf51f04 / 842b6c14bcfc1c5da1a2d288fd65386eb8c158ad
399 </pre>
400
401 <h3>1.0.8</h3>
402 <p>
403 Fixes following vulnerabilities:
404 </p>
405 <pre>
406 CVE-2013-7009, 7549bcb295f04071dcbfc7a412e0618fb38dd8a3 / 3819db745da2ac7fb3faacb116788c32f4753f34
407 CVE-2013-7010, e12ada6fd1e5860cdbb328eddbcb51c52d2054ca / 454a11a1c9c686c78aa97954306fb63453299760
408 CVE-2013-7014, 5bd2b24db399d9821a0396f96dc8e2392d80abe1 / 86736f59d6a527d8bc807d09b93f971c0fe0bb07
409 CVE-2013-7015, 65753697efdb9e4dd61f4ba582bd04476acdc69a / 880c73cd76109697447fbfbaa8e5ee5683309446
410 CVE-2013-7018, f229c598939c34df75db7845495f077b49e233d4 / 9a271a9368eaabf99e6c2046103acb33957e63b7
411 CVE-2013-7021, 11586b077e6e81bc390b6df657429b4a39741d2f / cdd5df8189ff1537f7abe8defe971f80602cc2d2
412 </pre>
413
414 <h3>1.0.7</h3>
415 <p>
416 Fixes following vulnerabilities:
417 </p>
418 <pre>
419 CVE-2013-3670, d814b9b51ddd3764e809c1d0f82b770e0bc085fd / c1f2c4c3b49277d65b71ccdd3b6b2878f1b593eb
420 CVE-2013-3671, 52fa7a860318aa871624c7938801492983c24456 / 7edb984dd051b6919d7d8471c70499273f31b0fa
421 CVE-2013-3672, cd24fdad470724651f6d5506ef94da92106ac6d3 / 8d3c99e825317b7efda5fd12e69896b47c700303
422 CVE-2013-3674, 2c66058737e254756118b7f7be0be7d3bfbb4fe3 / ad002e1a13a8df934bd6cb2c84175a4780ab8942
423 CVE-2013-3675, 813b3d11e0286b1d656633cd5717f3f43db5d1ac / 9dd04f6d8cdd1c10c28b2cb4252c1a41df581915
424 </pre>
425
426 <h3>1.0.6</h3>
427 <p>
428 Fixes following vulnerabilities:
429 </p>
430 <pre>
431 CVE-2013-2495, 31f337c1e44ebe53e4e23b24aa6c2a62f6862236 / 3dbc0ff9c3e6f6e0d08ea3d42cb33761bae084ba
432 CVE-2013-2496, f84ddb0c0fbb7f1c0ff34418426840f6ea79448e / e398990eb87785e20e065cd3f14d1dbb69df4392
433 </pre>
434
435 <h3>1.0.5</h3>
436 <p>
437 Fixes following vulnerabilities:
438 </p>
439 <pre>
440 CVE-2013-0872, e35da91b52cc09d6e4f2a7191cfbc8127e2eda51 / 21cd905cd44a4bbafe8631bbaa6021d328413ce5
441 CVE-2013-0873, 82213d67bad8785aef8806855fd0d291954193df / 4f1279154ee9baf2078241bf5619774970d18b25
442 CVE-2013-0874, d17b9469c940f056d87fefc79d80fac47c69c1d8 / e1219cdaf9fb4bc8cea410e1caf802373c1bfe51
443 CVE-2013-0875, 534c0df6e0ed9f26012d77e990d4da9b73d45e48 / 1ac0fa50eff30d413206cffa5f47f7fe6d4849b1
444 CVE-2013-0876, f62537d9f1b43b04e64e7dec79049556f7bc31a7 / 5260edee7e5bd975837696c8c8c1a80eb2fbd7c1
445 CVE-2013-0877, 4f873341b4d522b1bfa385a1f6fc86bb8b6dc879 / 365270aec5c2b9284230abc702b11168818f14cf
446 CVE-2013-2276, 1ddb0b6fa0bd46b730dc60240f738597cadfe1e0 / 8a6449167a6da8cb747cfe3502ae86ffaac2ed48
447 CVE-2013-2277, 676df8c4c70c67f8f31a439f8ab301f7de3fe977 / bdeb61ccc67911cfc5e20c7cfb1312d0501ca90a
448 </pre>
449
450 <h3>1.0.4</h3>
451 <p>
452 Fixes following vulnerabilities:
453 </p>
454 <pre>
455 CVE-2013-0866, c459c7b23efffab762560e41ad6a2c0dbbfd4915 / 96f452ac647dae33c53c242ef3266b65a9beafb6
456 CVE-2013-0865, 08e2c7a45f82b897a285548c257972eb1ad352c5 / ab6c9332bfa1e20127a16392a0b85a4aa4840889
457 CVE-2013-0863, 89e16e675d3cbe76cf4581f98bf4ac300cab0286 / 7357ca900efcf829de4cce4cec6ddc286526d417
458 CVE-2013-0861, 4cd1dad91ae97fe1f0dd534c3f5566787566f137 / d270c3202539e8364c46410e15f7570800e33343
459 CVE-2013-0860, 3e196e4def03c7a91423803402f84d638d316c33 / 23318a57358358e7a4dc551e830e4503f0638cfe
460 CVE-2013-0858, 2502914c5f8eb77659d7c0868396862557a63245 / 13451f5520ce6b0afde861b2285dda659f8d4fb4
461 CVE-2013-0845, 6df0d3e2916c223dbe4262bf1b876dff1cb3f980 / 0ceca269b66ec12a23bf0907bd2c220513cdbf16
462 CVE-2013-0844, 85a14dbd5dca34320f58b1ba11dd6dd0df4fb3be / f18c873ab5ee3c78d00fdcc2582b39c133faecb4
463 CVE-2013-0868, b666debffec1fcbb19ef377635a53b9a58bca8a4 / f67a0d115254461649470452058fa3c28c0df294
464                db0f7f7394e1f994ed38db043f78ed0f10bde0da / 0dfc01c2bbf4b71bb56201bc4a393321e15d1b31
465 CVE-2013-0862, 8eda88868399de00806cf21a966d9660db4ae9b4 / 49b729d3af8464de431362e6c5b3027102bc2f88
466 </pre>
467
468 <h3>1.0.2</h3>
469 <p>
470 Fixes following vulnerabilities:
471 </p>
472 <pre>
473 commit 20c121c00747d6c3b0b0f98deeff021171b2ed74 / c83002a4f8042ccfa0688a9a18e8fa0369c1fda8
474 commit 68e48ed72e0597ae61bc3e9e6e6d9edcb1a00073 / 7d66bc7920240cc0e8df6c44b2d2cdbe4b228fbe
475 CVE-2012-6617, 9929991da7b843e7d80154fcacc4e80579b86a2d / cbe43e62c9ac7d4aefdc13476f6f691bd626525f
476 CVE-2012-6618, e74cd2f4706f71da5e9205003c1d8263b54ed3fb / 03847eb8259291b4ff1bd840bd779d0699d71f96
477 </pre>
478
479 <h3>1.0.1</h3>
480 <p>
481 Fixes following vulnerabilities:
482 </p>
483 <pre>
484 CVE-2013-0859, 0b9be54e97fa574867d5e99a3623d1db7df7b274 / 6d1c5ea04af3e345232aa70c944de961061dab2d
485 CVE-2013-0857, 112d4c400f0e0d5d1621fc8db515907cffaae259 / 2fbb37b51bbea891392ad357baf8f3dff00bac05
486 CVE-2013-0856, e0884eadf6a15e93142131b695f48776f9a0ac31 / fd4f4923cce6a2cbf4f48640b4ac706e614a1594
487 CVE-2013-0855, c8c9740ee1ea4a4f857a24b1ce05dcd07b72ec2d / 3920d1387834e2bc334aff9f518f4beb24e470bd
488 CVE-2013-0853, c51c5f83c13b0fa3e332e59bf764fdc598476b2e / be818df547c3b0ae4fadb50fd210139a8636706a
489 CVE-2013-0852, 28bf685bfc6d0c744369cdf367f61a78d80d0b01 / c0d68be555f5858703383040e04fcd6529777061
490 CVE-2013-0851, c8833a13cf530fbf5b1d579cd1ae527a0904403f / 63ac64864c6e0e84355aa3caa5b92208997a9a8d
491 CVE-2013-0850, c82d6e05da0898c45ae915fb808e175f6a4ec7e5 / d6c184880ee2e09fd68c0ae217173832cee5afc1
492 CVE-2013-0849, 38e8f78c041bd28f5b8d32f2fd945eae8ce28598 / 3ae610451170cd5a28b33950006ff0bd23036845
493 CVE-2013-0848, 74241de7ed501a34e7dfe291eed3339ca7b50755 / 6abb9a901fca27da14d4fffbb01948288b5da3ba
494 CVE-2013-0846, e34369e8ece08b7bd820366dea5965f4c40c0080 / a7ee6281f7ef1c29284e3a4cadfe0f227ffde1ed
495 </pre>
496
497 <h2>FFmpeg 0.11</h2>
498
499 <h3>0.11.5</h3>
500 <p>
501 Fixes following vulnerabilities:
502 </p>
503 <pre>
504 CVE-2013-7010, fdf57ad2ff749fbea0fce24e16e27ac87eb834cd / 454a11a1c9c686c78aa97954306fb63453299760
505 CVE-2013-7014, 2d945ac68f7a515b1bdf77e2766ff398d843bbe6 / 86736f59d6a527d8bc807d09b93f971c0fe0bb07
506 CVE-2013-7021, ceff07dfb94af00233979ccd1cf6587b91a44d5f / cdd5df8189ff1537f7abe8defe971f80602cc2d2
507 CVE-2013-7023, 2289bffa312dc3589efbdf44a0a5f1a26a5b709f / f31011e9abfb2ae75bb32bc44e2c34194c8dc40a
508 CVE-2014-2098, c23597ec7eaea16a638729c60866befcd48eda3e / ec9578d54d09b64bf112c2bf7a34b1ef3b93dbd3
509 CVE-2014-2099, 3a893335bde2d4ba2fcd839df09afb2b95779856 / c919e1ca2ecfc47d796382973ba0e48b8f6f92a2
510 CVE-2014-2263, 12770701856a05b6b3cd706f708f8e9a4e8a1336 / 842b6c14bcfc1c5da1a2d288fd65386eb8c158ad
511 </pre>
512
513 <h3>0.11.4</h3>
514 <p>
515 Fixes following vulnerabilities:
516 </p>
517 <pre>
518 CVE-2013-0869, 1934bb75361e7859873c6bf94ee1ceb17981c550 / 695af8eed642ff0104834495652d1ee784a4c14d
519 CVE-2013-4358, 39ed5442620a7a0fd2328b7d4aefc6ae152c5441 / b9d887c225466576ae80ef7f2b109e866ff137b2
520 CVE-2013-7009, 453e2f1528811ac16d6a3fdef2058d0649eac00f / 3819db745da2ac7fb3faacb116788c32f4753f34
521 CVE-2013-7015, b25c3063b2fcad7bcf6a7337f101990085b1983d / 880c73cd76109697447fbfbaa8e5ee5683309446
522 CVE-2013-7018, f9e6fb50ceac05f8e0e9ff4a9a99674407fc8b85 / 9a271a9368eaabf99e6c2046103acb33957e63b7
523 </pre>
524
525 <h3>0.11.3</h3>
526 <p>
527 Fixes following vulnerabilities:
528 </p>
529 <pre>
530 CVE-2012-6618, d3835cb87714bece30e6ce748c9f11ca640859da / 03847eb8259291b4ff1bd840bd779d0699d71f96
531 CVE-2013-0868, 864a7e73b9604f3db1dd58f4580a1c8f05219ea4 / 0dfc01c2bbf4b71bb56201bc4a393321e15d1b31
532                562aa82d2a22cba39caede1d7b1243fdb6311ce5 / f67a0d115254461649470452058fa3c28c0df294
533 </pre>
534
535 <h3>0.11</h3>
536 <p>
537 Fixes following vulnerabilities:
538 </p>
539 <pre>
540 CVE-2012-2772, cb7190cd2c691fd93e4d3664f3fce6c19ee001dd
541 CVE-2012-2774, 59a4b73531428d2f420b4dad545172c8483ced0f
542 CVE-2012-2775, 9d3032b960ae03066c008d6e6774f68b17a1d69d
543 CVE-2012-2776, ba775a54bc2136ec5da85385a923b05ee6fab159
544 CVE-2012-2777, 25715064c2ef4978672a91f8c856f3e8809a7c45
545 CVE-2012-2779, 229e4c133287955d5f3f837520a3602709b21950
546 CVE-2012-2782, 9a57a37b7041581c10629c8241260a5d7bfbc1e7
547 CVE-2012-2783, d85b3c4fff4c4b255232fcc01edbd57f19d60998
548 CVE-2012-2785, 326f7a68bbd429c63fd2f19f4050658982b5b081
549                d462949974668ffb013467d12dc4934b9106fe19
550 CVE-2012-2786, d1c95d2ce39560e251fdb14f4af91b04fd7b845c
551 CVE-2012-2787, 01bf2ad7351fdaa2e21b6bdf963d22d6ffccb920
552 CVE-2012-2788, c41ac870470c614185e1752c11f892809022248a
553 CVE-2012-2789, 97a5addfcf0029d0f5538ed70cb38cae4108a618
554 CVE-2012-2790, 2837d8dc276760db1821b81df3f794a90bfa56e6
555 CVE-2012-2791, 0846719dd11ab3f7a7caee13e7af71f71d913389
556 CVE-2012-2792, d442c4462a2692e27a24e1a9d0eb6f18725c7bd8
557 CVE-2012-2793, 83c7803f55b3231faeb93c1a634399a70fae9480
558 CVE-2012-2794, 5ad7335ebac2b38bb2a1c8df51a500b78461c05a
559 CVE-2012-2795, a0abefb0af64a311b15141062c77dd577ba590a3
560                2a7063de547b1d8fb1cef523469390fb59fb2c50
561                b3a43515827f3d22a881c33b87384f01c86786fd
562 CVE-2012-2796, 5e59a77cec804a9b44c60ea22c17beba6453ef23
563 CVE-2012-2797, cca9528524c7a4b91451f4322bd50849af5d057e
564 CVE-2012-2798, 72b9537d8886f679494651df517dfed9b420cf1f
565 CVE-2012-2799, 64bd7f8e4db1742e86c5ed02bd530688b74063e3
566 CVE-2012-2800, f0bf9e9c2a65e9a2b9d9e4e94f99acb191dc7ae7
567 CVE-2012-2801, 1df49142bab1b7bccd11392aa9e819e297d21a6e
568 CVE-2012-2802, 2c22701c371c2f3dea21fcdbb97c981939fb77af
569 CVE-2012-2803, 951cbea56fdc03ef96d07fbd7e5bed755d42ac8a
570 CVE-2012-2804, 4a80ebe491609e04110a1dd540a0ca79d3be3d04
571 CVE-2012-5359, msvr12-017
572 CVE-2012-5360, msvr12-017
573 CVE-2012-5361, msvr12-017
574 </pre>
575
576 <h2>FFmpeg 0.10</h2>
577
578 <h3>0.10.14</h3>
579 <p>
580 Fixes following vulnerabilities:
581 </p>
582 <pre>
583 CVE-2014-4609, 6a968073daa74ffb98368fefd476a4562ce84e1b / d6af26c55c1ea30f85a7d9edbc373f53be1743ee
584 CVE-2014-4610, 6a968073daa74ffb98368fefd476a4562ce84e1b / d6af26c55c1ea30f85a7d9edbc373f53be1743ee
585 </pre>
586
587 <h3>0.10.13</h3>
588 <p>
589 Fixes following vulnerabilities:
590 </p>
591 <pre>
592 CVE-2012-5150, 2facb10f705ab3f34b7a050107d7556b388c068c / ae3d41636942cbc0236bad21ad06c65f4eb0f096
593 </pre>
594
595 <h3>0.10.12</h3>
596 <p>
597 Fixes following vulnerabilities:
598 </p>
599 <pre>
600 CVE-2012-2795, ca8c3ec11b8ceb6d753176d5c04145cb83cbbe47 / a0abefb0af64a311b15141062c77dd577ba590a3
601 CVE-2014-2098, ae51d93983530a1900ee4e1e4bf43cb28a30efb2 / ec9578d54d09b64bf112c2bf7a34b1ef3b93dbd3
602 CVE-2014-2099, f157f18b3473dc5bcef8d21d25ce0cdb6597bafd / c919e1ca2ecfc47d796382973ba0e48b8f6f92a2
603 CVE-2014-2263, 68b14c044a4a00d69aeb620bdb57dce533c4190a / 842b6c14bcfc1c5da1a2d288fd65386eb8c158ad
604 </pre>
605
606 <h3>0.10.9</h3>
607 <p>
608 Fixes following vulnerabilities:
609 </p>
610 <pre>
611 CVE-2013-7009, ef8145270f4a91216b24b1552c73e7eda140c8b6 / 3819db745da2ac7fb3faacb116788c32f4753f34
612 CVE-2013-7010, a99aff4e4bbef8e64b51f267cd1769214e1b4e80 / 454a11a1c9c686c78aa97954306fb63453299760
613 CVE-2013-7014, 9300b1f64e5b85164e50d95dfed4a66452cb667e / 86736f59d6a527d8bc807d09b93f971c0fe0bb07
614 CVE-2013-7015, e288124394840f9e37e110afe47c737044372f89 / 880c73cd76109697447fbfbaa8e5ee5683309446
615 CVE-2013-7018, 1a311ad99a57ec3cd4f821f8a4c22973e2b4d740 / 9a271a9368eaabf99e6c2046103acb33957e63b7
616 CVE-2013-7023, 20854f9bffd2130b6b987c439c2b4002aa177dd0 / f31011e9abfb2ae75bb32bc44e2c34194c8dc40a
617 </pre>
618
619 <h3>0.10.7</h3>
620 <p>
621 Fixes following vulnerabilities:
622 </p>
623 <pre>
624 CVE-2013-0868, b07c791252707c88f610daa668eae3ddc6fbccc7 / 0dfc01c2bbf4b71bb56201bc4a393321e15d1b31
625                ba4b57e8024a9635b4eaf7f3cc08837b065bd4c9 / f67a0d115254461649470452058fa3c28c0df294
626 CVE-2013-0894, e050af9a809bd4e223c89e280ebd94da0e1034b5 / 11dcecfcca0eca1a571792c4fa3c21fb2cfddddc
627 c3d7c805bc9c1ed584e92649cd8fa8cbb7010967 / c83002a4f8042ccfa0688a9a18e8fa0369c1fda8
628 </pre>
629
630 <h3>0.10.6</h3>
631 <p>
632 Fixes following vulnerabilities:
633 </p>
634 <pre>
635 CVE-2012-2796, CVE-2012-2775, CVE-2012-2772, CVE-2012-2776,
636 CVE-2012-2779, CVE-2012-2787, CVE-2012-2794, CVE-2012-2800,
637 CVE-2012-2802, CVE-2012-2801, CVE-2012-2786, CVE-2012-2798,
638 CVE-2012-2793, CVE-2012-2789, CVE-2012-2788, CVE-2012-2790,
639 CVE-2012-2777, CVE-2012-2784
640 </pre>
641 <h3>0.10.3</h3>
642 <p>
643 Fixes following vulnerabilities:
644 </p>
645 <pre>
646 CVE-2012-0947, CVE-2012-2771, CVE-2012-2773, CVE-2012-2778, CVE-2012-2780,
647 CVE-2012-2781, CVE-2012-2805,
648 </pre>
649 <h3>0.10</h3>
650 <p>
651 Fixes following vulnerabilities:
652 </p>
653 <pre>
654 CVE-2011-3929, CVE-2011-3934, CVE-2011-3935, CVE-2011-3936,
655 CVE-2011-3937, CVE-2011-3940, CVE-2011-3941, CVE-2011-3944,
656 CVE-2011-3945, CVE-2011-3946, CVE-2011-3947, CVE-2011-3949,
657 CVE-2011-3950, CVE-2011-3951, CVE-2011-3952
658 </pre>
659 <p>
660 and several others that do not have a CVE number.
661 Many of these issues can be exploited when a remote file is
662 played back and some are probable arbitrary code execution vulnerabilities.
663 </p>
664
665 <p>
666 FFmpeg 0.10 is unaffected by:
667 </p>
668 <pre>
669 CVE-2011-3930, CVE-2011-3931, CVE-2011-3932, CVE-2011-3933,
670 CVE-2011-3938, CVE-2011-3939, CVE-2011-3942, CVE-2011-3943,
671 CVE-2011-3948.
672 </pre>
673
674 <h2>FFmpeg 0.9</h2>
675 <h3>0.9.4</h3>
676 <p>
677 Fixes following vulnerabilities:
678 </p>
679 <pre>
680 CVE-2012-2795, 356f8634e9919ff88038fda4b6e5271954892c89 / a0abefb0af64a311b15141062c77dd577ba590a3
681 CVE-2013-0894, 3926ebc7029d97f2aa8c1d834a9a67d821c43db8 / 2c16bf2de07c68513072bf3cc96401d2c6291a3e
682 CVE-2013-7023, 87d335c0075603e9d10463479d42d86016033390 / f31011e9abfb2ae75bb32bc44e2c34194c8dc40a
683 CVE-2014-2098, 954ce59a0abb8497864603499a1a4321fe4d8982 / ec9578d54d09b64bf112c2bf7a34b1ef3b93dbd3
684 CVE-2014-2099, 573d5fdedae72bf59d8c0b0766fdee171063d36f / c919e1ca2ecfc47d796382973ba0e48b8f6f92a2
685 CVE-2014-2263, d234e1d333c95d2f883830e8deeac04cd1c15673 / 842b6c14bcfc1c5da1a2d288fd65386eb8c158ad
686 </pre>
687
688 <h3>0.9.3</h3>
689 <p>
690 Fixes following vulnerabilities:
691 </p>
692 <pre>
693 CVE-2013-0868, 03e2e95beb1a6203e5bcd55b38926f71272a3c2b / f67a0d115254461649470452058fa3c28c0df294
694 CVE-2013-0868, 21dd8f5baa43d852354e9b6d8174be4095cdec0e / 0dfc01c2bbf4b71bb56201bc4a393321e15d1b31
695 CVE-2013-7009, 4490b3db23bd37ab9db15914f3a94a3caa090530 / 3819db745da2ac7fb3faacb116788c32f4753f34
696 CVE-2013-7010, a62852bae0ee29992a6218687cb74d1f4dcd4b8e / 454a11a1c9c686c78aa97954306fb63453299760
697 CVE-2013-7014, 40d4e82e2ecd53668d831df51ecc9e05ca41d5f0 / 86736f59d6a527d8bc807d09b93f971c0fe0bb07
698 CVE-2013-7015, edb4aad93dc2a08523ad16b5511cf985360dfd8e / 880c73cd76109697447fbfbaa8e5ee5683309446
699 CVE-2013-7018, a4b4be7493bdfd6d50ef6038adcc45e5b07878f1 / 9a271a9368eaabf99e6c2046103acb33957e63b7
700 </pre>
701
702 <h3>0.9.1</h3>
703 <p>
704 Fixes following vulnerabilities:
705 </p>
706 <pre>
707 CVE-2011-3893, CVE-2011-3895,
708
709 CVE-2012-0847 FFmpeg ae21776207e8a2bbe268e7c9e203f7599dd87ddb lavfi:
710 add missing check in avfilter_filter_samples()
711
712 CVE-2012-0848 FFmpeg 5257743aee0c3982f0079e6553aabc6aa39401d2 ws_snd1:
713 Fix wrong samples count and crash.
714
715 CVE-2012-0849 FFmpeg 1f99939a6361e2e6d6788494dd7c682b051c6c34 j2kdec:
716 Fix integer overflow leading to a segfault
717
718 CVE-2012-0850 FFmpeg 944f5b2779e4aa63f7624df6cd4de832a53db81b aacsbr:
719 Fix memory corruption.
720
721 CVE-2012-0851 FFmpeg 7fff64e00d886fde11d61958888c82b461cf99b9 h264:
722 check chroma_format_idc range.
723
724 CVE-2012-0852 FFmpeg 608708009f69ba4cecebf05120c696167494c897 adpcm:
725 Fix crash
726
727 CVE-2012-0853 FFmpeg 9af6abdc17deb95c9b1f1d9242ba49b8b5e0b016 atrac3:
728 Fix crash in tonal component decoding.
729
730 CVE-2012-0854 FFmpeg 6d8e6fe9dbc365f50521cf0c4a5ffee97c970cb5
731 CODEC_ID_SOL_DPCM: Fix used write buffer.
732
733 CVE-2012-0855 FFmpeg 3eedf9f716733b3b4c5205726d2c1ca52b3d3d78 j2kdec:
734 Check curtileno for validity
735
736 CVE-2012-0856 FFmpeg 21270cffaeab2f67a613907516b2b0cd6c9eacf4 h263dec:
737 Fix regression / crash with lowres.
738
739 CVE-2012-0857 FFmpeg 282bb02839b1ce73963c8e3ee46804f1ade8b12a j2kdec:
740 Fix crash in get_qcx
741
742 CVE-2012-0858 FFmpeg 18bcfc912e48bf77a5202a0e24a3b884b9b2ff2c shorten:
743 Fix invalid free()
744
745 CVE-2012-0859 FFmpeg 6fcf2bb8af0e7d6bb179e71e67e5fab8ef0d2ec2 vorbis:
746 Fix last quarter of CVE-2011-3893
747 </pre>
748 <p>and more security issues that
749 have no CVE number. Many of these issues can be exploited when a remote file is
750 played back and a few are probable arbitrary code execution vulnerabilities</p>
751
752
753 <h2>FFmpeg 0.8</h2>
754 <h3>0.8.15</h3>
755 <p>
756 Fixes following vulnerabilities:
757 </p>
758 <pre>
759 CVE-2013-0894, d86a5ce03f6993aaf7a28f2c2b29a788d7ea76ab / 11dcecfcca0eca1a571792c4fa3c21fb2cfddddc
760 </pre>
761
762 <h3>0.8.11</h3>
763 <p>
764 Fixes following vulnerabilities:
765 </p>
766 <pre>
767 CVE-2012-0853, CVE-2012-0858, CVE-2011-3929, CVE-2011-3936,
768 CVE-2011-3937, CVE-2011-3940, CVE-2011-3945, CVE-2011-3947
769 Several security issues that dont have CVE numbers.
770 </pre>
771
772 <h3>0.8.10</h3>
773 <p>Fixes CVE-2011-3893 and CVE-2011-3895, and many more</p>
774
775 <h3>0.8.7</h3>
776 <p>Fixes CVE-2011-4352/NGS00145, CVE-2011-4579/NGS00148, CVE-2011-4351, NGS00144, CVE-2011-4353 among others</p>
777
778 <h3>0.8.6</h3>
779 <p>Fixes CVE-2011-3892 among others</p>
780
781 <h3>0.8.5</h3>
782 <p>Fixes CVE-2011-4364 among others</p>
783
784 <h2>FFmpeg 0.7</h2>
785 <h3>0.7.16</h3>
786 <p>
787 Fixes following vulnerabilities:
788 </p>
789 <pre>
790 CVE-2013-0894, d86a5ce03f6993aaf7a28f2c2b29a788d7ea76ab / 11dcecfcca0eca1a571792c4fa3c21fb2cfddddc
791 </pre>
792
793 <h3>0.7.12</h3>
794 <p>
795 Fixes following vulnerabilities:
796 </p>
797 <pre>
798 CVE-2012-0853, CVE-2012-0858, CVE-2011-3929, CVE-2011-3936,
799 CVE-2011-3937, CVE-2011-3940, CVE-2011-3945, CVE-2011-3947
800 Several security issues that dont have CVE numbers.
801 </pre>
802
803 <h3>0.7.11</h3>
804 <p>Fixes CVE-2011-3893 and CVE-2011-3895, and many more</p>
805
806 <h3>0.7.8</h3>
807 <p>Fixes CVE-2011-4352, CVE-2011-4579, CVE-2011-4351, CVE-2011-4353</p>
808
809 <h3>0.7.7</h3>
810 <p>Fixes CVE-2011-3892</p>
811
812 <h3>0.7.6</h3>
813 <p>Fixes CVE-2011-4364 among others</p>
814
815 <h2>FFmpeg 0.6</h2>
816 <h3>0.6.5</h3>
817 <p>Fixes CVE-2011-3892, CVE-2011-3893, CVE-2011-3895</p>
818
819 <h3>0.6.4</h3>
820 <p>Fixes CVE-2011-4352, CVE-2011-4579, CVE-2011-4353, CVE-2011-4351, CVE-2011-4364</p>
821
822 <h2>FFmpeg 0.5</h2>
823 <h3>0.5.14</h3>
824 <p>
825 Fixes following vulnerabilities:
826 </p>
827 <pre>
828 CVE-2012-5150, 90c8fa52216b7a9fc83167f791dd7bb1d01bbaf2 / ae3d41636942cbc0236bad21ad06c65f4eb0f096
829 CVE-2013-7023, 04fb6bb9155a5b1857027b78728badec72734c2e / f31011e9abfb2ae75bb32bc44e2c34194c8dc40a
830 CVE-2014-4609, 24a0273cb86ec0b8bf17c71e7f426c3aa9e4989f / 7b5c706494a775b2b0d0e0a38448610802eef8f4
831 CVE-2014-4609, 24a0273cb86ec0b8bf17c71e7f426c3aa9e4989f / d6af26c55c1ea30f85a7d9edbc373f53be1743ee
832 CVE-2014-4610, 24a0273cb86ec0b8bf17c71e7f426c3aa9e4989f / d6af26c55c1ea30f85a7d9edbc373f53be1743ee
833 </pre>
834
835 <h3>0.5.13</h3>
836 <p>
837 Fixes following vulnerabilities:
838 </p>
839 <pre>
840 CVE-2013-7009, fde0b7d91c9cbcc427f87c2651f39d0075c66efe / 3819db745da2ac7fb3faacb116788c32f4753f34
841 CVE-2013-7010, e7484d54252d3442b64ed09770d4c84c44e104e9 / 454a11a1c9c686c78aa97954306fb63453299760
842 </pre>
843
844 <h3>0.5.11</h3>
845 <p>
846 Fixes following vulnerabilities:
847 </p>
848 <pre>
849 CVE-2013-0849, fee26d352a52eb9f7fcd8d9167fb4a5ba015b612 / 3ae610451170cd5a28b33950006ff0bd23036845
850 CVE-2013-0846, a23a3dba25448939e6be43c9196f1e6917258e2e / a7ee6281f7ef1c29284e3a4cadfe0f227ffde1ed
851 CVE-2013-0865, 13093f9767b922661132a3c1f4b5ba2c7338b660 / ab6c9332bfa1e20127a16392a0b85a4aa4840889
852 CVE-2013-0868, ac476bfa9f90587eadef5b98cfc40ec77dde3f18 / 0dfc01c2bbf4b71bb56201bc4a393321e15d1b31
853 CVE-2013-0868, 272e7f6443b76fb47192930d157bfd9284294188 / f67a0d115254461649470452058fa3c28c0df294
854 </pre>
855
856 <h3>0.5.8</h3>
857 <p>Fixes CVE-2011-3892, CVE-2011-3893, CVE-2011-3895</p>
858
859 <h3>0.5.7</h3>
860 <p>CVE-2011-4353</p>
861
862 <h3>0.5.6</h3>
863 <p>Fixes CVE-2011-4579, CVE-2011-4351</p>
864
865 <h3>0.5.5</h3>
866 <p>Fixes CVE-2011-3504, CVE-2011-3362, CVE-2011-3973, CVE-2011-3974</p>
867
868 <h3>0.5.4</h3>
869 <p>Fixes CVE-2010-3908, CVE-2011-0722, CVE-2010-4704, CVE-2011-0480, CVE-2011-0723</p>
870
871 <h3>0.5</h3>
872 <p>
873 Fixes following vulnerabilities:
874 </p>
875 <pre>
876 CVE-2008-4610 00bbe27631ddce543e00d5fbdee445c39fc84d7f
877 CVE-2008-4867 4df7beb3686caf2df345d2e10564aa8cf6c24a65
878 CVE-2009-0385 0838cfdc8a10185604db5cd9d6bffad71279a0e8
879 </pre>