web/security: Add CVE-2017-7862 and CVE-2017-7866
[ffmpeg-web.git] / src / security
index 6758921..f4e61ae 100644 (file)
@@ -2,12 +2,22 @@
 
 <h2>FFmpeg 3.4</h2>
 
+<h3>3.4.1</h3>
+<p>
+Fixes following vulnerabilities:
+</p>
+<pre>
+CVE-2017-16840, a94cb36ab2ad99d3a1331c9f91831ef593d94f74 / 3228ac730c11eca49d5680d5550128e397061c85
+CVE-2017-17081, 6ccf19198b360cfc3fe5cd274948cfde2fe305e0 / 58cf31cee7a456057f337b3102a03206d833d5e8
+</pre>
+
 <h3>3.4</h3>
 <p>
 Fixes following vulnerabilities:
 </p>
 <pre>
 CVE-2017-15186, df62b70de8aaa285168e72fe8f6e740843ca91fa
+CVE-2017-17081, 127a362630e11fe724e2e63fc871791fdcbcfa64
 </pre>
 
 
@@ -77,6 +87,15 @@ CVE-2017-9996, 973a66108b8e01ceb85cf2d6922a5cbb47f6a657 / e1b60aad77c27ed5d4dfc1
 CVE-2017-9996, a483e46b794539d21b1ec0f3e521f681a54a86d2 / 1e42736b95065c69a7481d0cf55247024f54b660
 </pre>
 
+<h3>3.3</h3>
+<p>
+Fixes following vulnerabilities:
+</p>
+<pre>
+CVE-2017-7862, 8c2ea3030af7b40a3c4275696fb5c76cdb80950a
+CVE-2017-7866, e371f031b942d73e02c090170975561fabd5c264
+</pre>
+
 
 <h2>FFmpeg 3.2</h2>
 
@@ -135,7 +154,7 @@ Fixes following vulnerabilities:
 </p>
 <pre>
 CVE-2017-9991, 85c8c0c826e78d159ea242ce64d7e8feeeeca741 / 441026fcb13ac23aa10edc312bdacb6445a0ad06
-CVE-2017-9992, 536af4212100dee1577fe2d30814762c58038efc / f52fbf4f3ed02a7d872d8a102006f29b4421f360b
+CVE-2017-9992, 536af4212100dee1577fe2d30814762c58038efc / f52fbf4f3ed02a7d872d8a102006f29b4421f360
 CVE-2017-9994, 869e8b1d0f549e926ecb246f916c9066f881db4a / 6b5d3fb26fb4be48e4966e4b1d97c2165538d4ef
 CVE-2017-9996, 7a69c1b2abfa96f0578cbd3ff82126b883ba6ef0 / e1b60aad77c27ed5d4dfc11e5e6a05a38c70489d
 CVE-2017-9996, 7f3a671ece8fd711e2ebc71a4e08cda591d810a8 / 1e42736b95065c69a7481d0cf55247024f54b660
@@ -148,6 +167,15 @@ Fixes following vulnerabilities:
 <pre>
 CVE-2017-5024, ed2572b9c8f885e2a4764d2e34604442a71899a1 / 2d453188c2303da641dafb048dc1806790526dfd
 CVE-2017-5025, cf8e004a51b08c6e8ceaeebca85ab84c7ed0b4cf / fd30e4d57fe5841385f845440688505b88c0f4a9
+CVE-2017-7862, a1a14982ec5b9954637cdc9ce8daf01d211e5c79 / 8c2ea3030af7b40a3c4275696fb5c76cdb80950a
+</pre>
+
+<h3>3.2.3</h3>
+<p>
+Fixes following vulnerabilities:
+</p>
+<pre>
+CVE-2017-7866, bd6c1d5149fbc4f2a0200ad99e7f56f4fb7d518a / e371f031b942d73e02c090170975561fabd5c264
 </pre>
 
 <h3>3.2.2</h3>
@@ -157,7 +185,7 @@ Fixes following vulnerabilities:
 <pre>
 CVE-2016-10190, 0e0a413725e0221e1a9d0b7595e22bf57e23a09c / 2a05c8f813de6f2278827734bf8102291e7484aa
 CVE-2016-10191, 32b95471a86ae383c0f76361d954aec511f7043a / 7d57ca4d9a75562fa32e40766211de150f8b3ee7
-CVE-2016-10192, c12ee64e80af2517005231388fdf4ea78f16bb0e / a5d25faa3f4b18dac737fdb35d0dd68eb0dc2156B
+CVE-2016-10192, c12ee64e80af2517005231388fdf4ea78f16bb0e / a5d25faa3f4b18dac737fdb35d0dd68eb0dc2156
 </pre>
 
 <h3>3.2</h3>
@@ -238,7 +266,9 @@ Fixes following vulnerabilities:
 </p>
 <pre>
 CVE-2017-5024, 02a5e88ebc725b09f675bfcbbd4db1133e41708e / 2d453188c2303da641dafb048dc1806790526dfd
-CVE-2017-5025, b6efd022b77349f2797afe756b791e82ec4a1d96 / fd30e4d57fe5841385f845440688505b88c0f4a
+CVE-2017-5025, b6efd022b77349f2797afe756b791e82ec4a1d96 / fd30e4d57fe5841385f845440688505b88c0f4a9
+CVE-2017-7862, 68e9caf16f4421478634c1c2ffc4706393304db3 / 8c2ea3030af7b40a3c4275696fb5c76cdb80950a
+CVE-2017-7866, 00bbf3063c9ef8033c23612dc25a9928beb3aa3d / e371f031b942d73e02c090170975561fabd5c264
 </pre>
 
 <h3>3.1.6</h3>
@@ -321,6 +351,15 @@ Fixes following vulnerabilities:
 <pre>
 CVE-2017-5024, dc1e099bf281e69d162bde02bd87112bbcb1ab5c / 2d453188c2303da641dafb048dc1806790526dfd
 CVE-2017-5025, 4f7064c9da35cd8156f6aee4a25e9b4e7f4ae607 / fd30e4d57fe5841385f845440688505b88c0f4a9
+CVE-2017-7862, bb504aa5eb7eb32dbb62545772285e794af85651 / 8c2ea3030af7b40a3c4275696fb5c76cdb80950a
+</pre>
+
+<h3>3.0.6</h3>
+<p>
+Fixes following vulnerabilities:
+</p>
+<pre>
+CVE-2017-7866, 99c78466ff27311b2a06d874cb7bbd8b1cefc597 / e371f031b942d73e02c090170975561fabd5c264
 </pre>
 
 <h3>3.0.5</h3>
@@ -381,6 +420,8 @@ Fixes following vulnerabilities:
 <pre>
 CVE-2017-5024, 4adc99ecb6e9aec301fdd79ec097d433346045b6 / 2d453188c2303da641dafb048dc1806790526dfd
 CVE-2017-5025, 8be3724e55b2c55337c14c9cb7a69c5a85d42a65 / fd30e4d57fe5841385f845440688505b88c0f4a9
+CVE-2017-7862, 142c1737e325d324c46d9450dbce711720e84430 / 8c2ea3030af7b40a3c4275696fb5c76cdb80950a
+CVE-2017-7866, 1febd817b1d84a520dd2bc96ceacdfe7fb8a0dd2 / e371f031b942d73e02c090170975561fabd5c264
 </pre>
 
 <h3>2.8.10</h3>
@@ -401,7 +442,7 @@ Fixes following vulnerabilities:
 CVE-2016-7502, 69b00a7fb6faa1b19b5687a5762ff4f94d5ff9aa / 0e318f110bcd6bb8e7de9127f2747272e60f48d7
 CVE-2016-7785, a772613100514842008271c8d0e5d63a6979f9bf / 14bac7e00d72eac687612d9b125e585011a56d4f
 CVE-2016-7905, 239f75d6c3dfbe4def80a12913d5737dd5a5bbcc / 2679ad4773aa356e7c3da5c68bc81f02a194617f
-CVE-2016-7562, ab737ab31d4f126ed5a13a6a0498824141925108 / 69449da436169e7facaa6d1f3bcbc41cf6ce275
+CVE-2016-7562, ab737ab31d4f126ed5a13a6a0498824141925108 / 69449da436169e7facaa6d1f3bcbc41cf6ce2754
 </pre>
 
 <h3>2.8.8</h3>
@@ -457,7 +498,7 @@ Fixes following vulnerabilities:
 CVE-2015-8363, dbfec68d323cd1497a291c6dcf12be7828c74636 / 44a7f17d0b20e6f8d836b2957e3e357b639f19a2
 CVE-2015-8364, f64ffbbdc0cc35fa3a478a8e6ca8b2342240bd02 / df91aa034b82b77a3c4e01791f4a2b2ff6c82066
 CVE-2015-8365, 093e58228e77f28fd8adf50435b30dcb9b246164 / 4a9af07a49295e014b059c1ab624c40345af5892
-CVE-2015-8661, 6b91701de322031d7ceacecbda3d71948fb4da04  / 4ea4d2f438c9a7eba37980c9a87be4b34943e4d5
+CVE-2015-8661, 6b91701de322031d7ceacecbda3d71948fb4da04 / 4ea4d2f438c9a7eba37980c9a87be4b34943e4d5
 </pre>
 
 <h3>2.8.2</h3>
@@ -593,7 +634,7 @@ CVE-2016-2326, fbfef00e688357494a5228897a6a865fded05b32 / 7c0b84d89911b2035161f5
 Fixes following vulnerabilities:
 </p>
 <pre>
-CVE-2015-6761, 292842a0ed80afc0ad80626397100fed5e9595f4 / dabea74d0e82ea80cd344f630497cafcb3ef872
+CVE-2015-6761, 292842a0ed80afc0ad80626397100fed5e9595f4 / dabea74d0e82ea80cd344f630497cafcb3ef872c
 CVE-2015-8661, dd4c2fe74afe76868a279fd96fbc56e1111effa5 / 4ea4d2f438c9a7eba37980c9a87be4b34943e4d5
 CVE-2015-8662, 20a96b9d8c71b77761b82edd1971dc54354c175f / 75422280fbcdfbe9dc56bde5525b4d8b280f1bc5
 CVE-2015-8663, a0a2bfbfd876571344df2b7fe5fd781791ec02a3 / abee0a1c60612e8638640a8a3738fffb65e16dbf
@@ -653,7 +694,7 @@ Fixes following vulnerabilities:
 <pre>
 CVE-2016-2213, 69e191f854f75815f17099a9a5f911dc30075c70 / 0aada30510d809bccfd539a90ea37b61188f2cb4
 CVE-2016-2328, 93c675d6a6c98e94ddce1a4b04bc1507f562249f / 757248ea3cd917a7755cb15f817a9b1f15578718
-CVE-2016-2328, 262192a48b598c4fc08567aff93966f9360632fc / ad3b6fa7d83db7de951ed891649af93a47e74be
+CVE-2016-2328, 262192a48b598c4fc08567aff93966f9360632fc / ad3b6fa7d83db7de951ed891649af93a47e74be5
 CVE-2016-2329, dee25a5fa5da52acf720dc74a5534471b18eb13f / 89f464e9c229006e16f6bb5403c5529fdd0a9edd
 CVE-2016-2330, 9f30eafd0f31c2b5c4f7c86fecabbdde1282e079 / 03d83ba34b2070878909eae18dfac0f519503777
 </pre>
@@ -752,6 +793,47 @@ CVE-2014-9319, ea38e5a6b75706477898eb1e6582d667dbb9946c
 
 <h2>FFmpeg 2.4</h2>
 
+<h3>2.4.14</h3>
+<p>
+Fixes following vulnerabilities:
+</p>
+<pre>
+CVE-2016-10191, 4c5ebe4b014a208b8c8f52d61c4fb42b98d60e67 / 7d57ca4d9a75562fa32e40766211de150f8b3ee7
+CVE-2016-10192, a07cf6423ec30be54493d46ad541c8f91fe1c13e / a5d25faa3f4b18dac737fdb35d0dd68eb0dc2156
+CVE-2016-6164, d7ab6e93a688688ad27c03ba3ba15711e59036dc / 8a3221cc67a516dfc1700bdae3566ec52c7ee823
+CVE-2016-6881, 46ecb01f62e5944b46f1df23be714dc3e920649a / a453bbb68f3eec202673728988bba3bc76071761
+CVE-2016-7122, 1c5515181334c3da779fb8afcd4940ea2b092b27 / e4e4a9cad7f21593d4bcb1f2404ea0d373c36c43
+CVE-2016-7450, 9243dbb5599ed9e4796c0534cc2f77268fc27c8d / a5af1240fce845f645440364c1335e0f8e44ee6c
+CVE-2016-7502, 6438fb13406d2c0cc6023fa9d2ca8942e9ebd682 / 0e318f110bcd6bb8e7de9127f2747272e60f48d7
+CVE-2016-7562, a672688086ba51f51ccf6e580a076244778268a1 / 69449da436169e7facaa6d1f3bcbc41cf6ce2754
+CVE-2016-7785, b490cf4350abfec4746d6e033d533e0a15cfa93c / 14bac7e00d72eac687612d9b125e585011a56d4f
+CVE-2016-7905, 45f5e17aa43a4cebed77d8e9781447ad29a0ed61 / 2679ad4773aa356e7c3da5c68bc81f02a194617f
+CVE-2017-11399, 96349da5ec8eda9f0368446e557fe0c8ba0e66b7 / ba4beaf6149f7241c8bd85fe853318c2f6837ad0
+CVE-2017-11665, 52bb9d6d58c2df3044c793871bcbe8fe71002aff / ffcc82219cef0928bed2d558b19ef6ea35634130
+CVE-2017-11665, b7fed5da525a3a63d39ca63ce230562fcd8983a4 / 08c073434e25cba8c43aae5ed9554fdd594adfb0
+CVE-2017-14055, 0ca5c57d9d0670097235102abd54cccfb3f3c2db / 4f05e2e2dc1a89f38cd9f0960a6561083d714f1e
+CVE-2017-14056, 2ac9bc34978cf77eebaf288741bdfa669e1df195 / 96f24d1bee7fe7bac08e2b7c74db1a046c9dc0de
+CVE-2017-14057, e7dc286b16ab54342e0b415abb4dc4e0cc22f736 / 7f9ec5593e04827249e7aeb466da06a98a0d7329
+CVE-2017-14058, 7ba100d3e6e8b1e5d5342feb960a7f081d6e15af / 7ec414892ddcad88313848494b6fc5f437c9ca4a
+CVE-2017-14059, 983f90ef1819a0d4d3a5685b8a617a18eaecbd4b / 7e80b63ecd259d69d383623e75b318bf2bd491f6
+CVE-2017-14169, a4e85b2e1c8d5b4bf0091157bbdeb0e457fb7b8f / 9d00fb9d70ee8c0cc7002b89318c5be00f1bbdad
+CVE-2017-14170, f173cdfe669556aa92857adafe60cbe5f2aa1210 / 900f39692ca0337a98a7cf047e4e2611071810c2
+CVE-2017-14171, 4fedc4ceabe32bb3bea68ab71cb42f0b6e409586 / c24bcb553650b91e9eff15ef6e54ca73de2453b7
+CVE-2017-14223, f8c52dfa1583f0d2c039bad8c9422d2fd190a039 / afc9c683ed9db01edb357bc8c19edad4282b3a97
+CVE-2017-17081, 27f8d386829689c346ff0cef00d3af57b9fb8903 / 58cf31cee7a456057f337b3102a03206d833d5e8
+CVE-2017-5024, 01308b492a0e713eee078514d7b3143650dc5886 / 2d453188c2303da641dafb048dc1806790526dfd
+CVE-2017-5025, bb7fd512391ef891a85edccd446954b6a7198fd2 / fd30e4d57fe5841385f845440688505b88c0f4a9
+CVE-2017-7862, cdbaa022f4c814eb074b05dbeaa88d8af5ed6c2b / 8c2ea3030af7b40a3c4275696fb5c76cdb80950a
+CVE-2017-7866, 62244f37d116af28949787d160f80f5210083e55 / e371f031b942d73e02c090170975561fabd5c264
+CVE-2017-9991, a579264bc9f3014adcc9defae0086594a16d7f00 / 441026fcb13ac23aa10edc312bdacb6445a0ad06
+CVE-2017-9992, 5204a50013705ad3882413ff65edcfceb2e86fab / f52fbf4f3ed02a7d872d8a102006f29b4421f360
+CVE-2017-9993, 7e6b64a7d9a2dd64e652b3e42a741b673cda3a26 / 189ff4219644532bdfa7bab28dfedaee4d6d4021
+CVE-2017-9993, a34d0a23923db7b61776635350d43543ca678ca3 / a5d849b149ca67ced2d271dc84db0bc95a548abb
+CVE-2017-9994, 3f8882fa5bfd7b8d7f9388f21a08fa983a2322a4 / 6b5d3fb26fb4be48e4966e4b1d97c2165538d4ef
+CVE-2017-9996, 7c1be72e2461e3c6db61626df2c71f985ba0990e / 1e42736b95065c69a7481d0cf55247024f54b660
+CVE-2017-9996, e334e402fe727c630c2f9eae2b2f7f56d702ca1b / e1b60aad77c27ed5d4dfc11e5e6a05a38c70489d
+</pre>
+
 <h3>2.4.13</h3>
 <p>
 Fixes following vulnerabilities:
@@ -970,7 +1052,7 @@ CVE-2014-8542, e5ccd894d1c1c07c39876b650b2993de16547fb0 / 105654e376a736d243aef4
 CVE-2014-8543, f2c6e2c3b4ee0b0b8e202ef2d8a6f3780d20595f / 8b0e96e1f21b761ca15dbb470cd619a1ebf86c3e
 CVE-2014-8544, f8bd98ae4d691fa7405856d83ca3d304429cc6f0 / e1c0cfaa419aa5d320540d5a1b3f8fd9b82ab7e5
 CVE-2014-8545, 64be1a45eb2604deca259319780ce02bd921859b / 3e2b745020c2dbf0201fe7df3dad9e7e0b2e1bb6
-CVE-2014-8546, 42bdcebf3360fca957e8224ff0a6573b05dbc249 / e7e5114c506957f40aafd794e06de1a7e341e9d
+CVE-2014-8546, 42bdcebf3360fca957e8224ff0a6573b05dbc249 / e7e5114c506957f40aafd794e06de1a7e341e9d5
 CVE-2014-8547, 43881c773277c90ccb0dbfd2d5c3afd8f8603597 / 8f1457864be8fb9653643519dea1c6492f1dde57
 CVE-2014-8548, b0964918d882dd3ae589f76df01551ca0234d910 / c727401aa9d62335e89d118a5b4e202edf39d905
 CVE-2016-1528, b0964918d882dd3ae589f76df01551ca0234d910 / c727401aa9d62335e89d118a5b4e202edf39d905
@@ -1401,7 +1483,7 @@ Fixes following vulnerabilities:
 <pre>
 CVE-2013-2495, f719e6566c08dc1e18cf1caf07ba8c0e93cd7283 / 3dbc0ff9c3e6f6e0d08ea3d42cb33761bae084ba
 CVE-2013-2496, e398990eb87785e20e065cd3f14d1dbb69df4392 / b9a1efa6f4d4cda20ce796614ff5b0c523df5672
-CVE-2013-0894, 494ddd377ada76ed555f7a3f49391455daa099c9 / 11dcecfcca0eca1a571792c4fa3c21fb2cfdddd
+CVE-2013-0894, 494ddd377ada76ed555f7a3f49391455daa099c9 / 11dcecfcca0eca1a571792c4fa3c21fb2cfddddc
 </pre>
 
 <h3>1.1.3</h3>
@@ -1589,6 +1671,14 @@ CVE-2013-0848, 74241de7ed501a34e7dfe291eed3339ca7b50755 / 6abb9a901fca27da14d4ff
 CVE-2013-0846, e34369e8ece08b7bd820366dea5965f4c40c0080 / a7ee6281f7ef1c29284e3a4cadfe0f227ffde1ed
 </pre>
 
+<h3>1.0</h3>
+<p>
+Fixes following vulnerabilities:
+</p>
+<pre>
+CVE-2017-16803, b829da363985cb2f80130bba304cc29a632f6446
+</pre>
+
 <h2>FFmpeg 0.11</h2>
 
 <h3>0.11.5</h3>