web/security: add CVEs for 2.4.2, 2.3.4, 2.2.9 and 1.2.9
authorMichael Niedermayer <michaelni@gmx.at>
Sat, 1 Nov 2014 11:57:17 +0000 (12:57 +0100)
committerMichael Niedermayer <michaelni@gmx.at>
Sat, 1 Nov 2014 11:58:22 +0000 (12:58 +0100)
src/security

index 32423de..e7e4bdd 100644 (file)
@@ -1,7 +1,33 @@
 <p>Please report vulnerabilities to <a href="mailto:ffmpeg-security@ffmpeg.org">ffmpeg-security@ffmpeg.org</a></p>
 
+<h2FFmpeg 2.4</h2>
+
+<h3>2.4.2</h2>
+<p>
+Fixes following vulnerabilities:
+</p>
+<pre>
+CVE-2014-8541, 6f5c5051096a842d49b8ae3b10462a6098d4b890 / 5c378d6a6df8243f06c87962b873bd563e58cd39
+CVE-2014-8542, f7c0f8355e5d3a2a5749676d32aec6ea437da984 / 105654e376a736d243aef4a1d121abebce912e6b
+CVE-2014-8543, 03d30d4c2c4d622ffd8b5603e6c41a7ca1151245 / 8b0e96e1f21b761ca15dbb470cd619a1ebf86c3e
+CVE-2014-8544, f6476944e1a70e1639ad45791cf94972e66ae5bb / e1c0cfaa419aa5d320540d5a1b3f8fd9b82ab7e5
+CVE-2014-8545, d9bef14e41a49b3ea2be407d02f0fe8d4c4a92eb / 3e2b745020c2dbf0201fe7df3dad9e7e0b2e1bb6
+CVE-2014-8546, 71f0a3c4adcf86303ed53696a70bb7398ae63c69 / e7e5114c506957f40aafd794e06de1a7e341e9d5
+CVE-2014-8547, 7f90eef87ac84c617b102b689eb68e7cb140167b / 8f1457864be8fb9653643519dea1c6492f1dde57
+CVE-2014-8548, c0c24bc9b32419c7883a344c74a6779374a3c16a / c727401aa9d62335e89d118a5b4e202edf39d905
+CVE-2014-8549, 84d26ab6eb07e22ad6ffcd8109ca1d1a0cd57bce / 550f3e9df3410b3dd975e590042c0d83e20a8da3
+</pre>
+
 <h2>FFmpeg 2.3</h2>
 
+<h3>2.3.4</h3>
+<p>
+Fixes following vulnerabilities:
+</p>
+<pre>
+ CVE-2014-8541, 57bdb3f3dde3de7e84c888ae205574873bd1787b / 5c378d6a6df8243f06c87962b873bd563e58cd39
+</pre>
+
 <h3>2.3.3</h3>
 <p>
 Fixes following vulnerabilities:
@@ -29,6 +55,21 @@ CVE-2014-4610, d6af26c55c1ea30f85a7d9edbc373f53be1743ee
 
 <h2>FFmpeg 2.2</h2>
 
+<h3>2.2.9</h3>
+<p>
+Fixes following vulnerabilities:
+</p>
+<pre>
+CVE-2014-8541, 6287107eae40750f47ec3888c52fd94a9c697b38 / 5c378d6a6df8243f06c87962b873bd563e58cd39
+CVE-2014-8542, e5ccd894d1c1c07c39876b650b2993de16547fb0 / 105654e376a736d243aef4a1d121abebce912e6b
+CVE-2014-8543, f2c6e2c3b4ee0b0b8e202ef2d8a6f3780d20595f / 8b0e96e1f21b761ca15dbb470cd619a1ebf86c3e
+CVE-2014-8544, f8bd98ae4d691fa7405856d83ca3d304429cc6f0 / e1c0cfaa419aa5d320540d5a1b3f8fd9b82ab7e5
+CVE-2014-8545, 64be1a45eb2604deca259319780ce02bd921859b / 3e2b745020c2dbf0201fe7df3dad9e7e0b2e1bb6
+CVE-2014-8546, 42bdcebf3360fca957e8224ff0a6573b05dbc249 / e7e5114c506957f40aafd794e06de1a7e341e9d
+CVE-2014-8547, 43881c773277c90ccb0dbfd2d5c3afd8f8603597 / 8f1457864be8fb9653643519dea1c6492f1dde57
+CVE-2014-8548, b0964918d882dd3ae589f76df01551ca0234d910 / c727401aa9d62335e89d118a5b4e202edf39d905
+</pre>
+
 <h3>2.2.7</h3>
 <p>
 Fixes following vulnerabilities:
@@ -182,6 +223,21 @@ CVE-2013-3675, 9dd04f6d8cdd1c10c28b2cb4252c1a41df581915
 
 
 <h2>FFmpeg 1.2</h2>
+<h3>1.2.9</h3>
+<p>
+Fixes following vulnerabilities:
+</p>
+<pre>
+CVE-2014-8541, 0ffa44340f247e5d24d006726ecc9c66c55dcf22 / 5c378d6a6df8243f06c87962b873bd563e58cd39
+CVE-2014-8542, e90d620cb93eb23a17b8803d8bb164c903633378 / 105654e376a736d243aef4a1d121abebce912e6b
+CVE-2014-8543, 76601e4ab8f5d304906766bffabefbc3791819e9 / 8b0e96e1f21b761ca15dbb470cd619a1ebf86c3e
+CVE-2014-8544, f56095c4d7e5a76be8b114bcf427ab0becf0c635 / e1c0cfaa419aa5d320540d5a1b3f8fd9b82ab7e5
+CVE-2014-8545, 12c8e4021c2db6c714bc0d419820c274f19333fc / 3e2b745020c2dbf0201fe7df3dad9e7e0b2e1bb6
+CVE-2014-8546, 75f5fe165cedc63ea89514b3e9f6da67fd1038ec / e7e5114c506957f40aafd794e06de1a7e341e9d5
+CVE-2014-8547, 24a5cd720d579634ab7140f4cb7fa09fe4b780e4 / 8f1457864be8fb9653643519dea1c6492f1dde57
+CVE-2014-8548, 4865948d2ea9d239ce0ebfe40420d111799ee742 / c727401aa9d62335e89d118a5b4e202edf39d905
+</pre>
+
 <h3>1.2.8</h3>
 <p>
 Fixes following vulnerabilities: