[SCM] ffmpeg/stretch: New upstream security release
sramacher at users.alioth.debian.org
sramacher at users.alioth.debian.org
Mon Oct 9 17:12:29 UTC 2017
The following commit has been merged in the stretch branch:
commit 4e9af1cae021864855355bee249ebd9830ee9b29
Author: Sebastian Ramacher <sramacher at debian.org>
Date: Mon Oct 9 18:57:28 2017 +0200
New upstream security release
diff --git a/debian/changelog b/debian/changelog
index 954e3d9..a19b78a 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,23 @@
+ffmpeg (7:3.2.8-1~deb9u1) stretch-security; urgency=medium
+
+ * New upstream release.
+ - avformat/rmdec: Fix DoS due to lack of eof check. (CVE-2017-14054)
+ - avformat/mvdec: Fix DoS due to lack of eof check. (CVE-2017-14055)
+ - avformat/rl2: Fix DoS due to lack of eof check. (CVE-2017-14056)
+ - avformat/asfdec: Fix DoS due to lack of eof check. (CVE-2017-14057)
+ - avformat/hls: Fix DoS due to infinite loop. (CVE-2017-14058)
+ - avformat/cinedec: Fix DoS due to lack of eof check. (CVE-2017-14059)
+ - avformat/mxfdec: Fix Sign error. (CVE-2017-14169)
+ - avformat/mxfdec: Fix DoS issues. (CVE-2017-14170)
+ - avformat/nsvdec: Fix DoS due to lack of eof check. (CVE-2017-14171)
+ - avformat/mov: Fix DoS. (CVE-2017-14222)
+ - avformat/asfdec: Fix DoS. (CVE-2017-14223)
+ - ffprobe: Fix null pointer dereference with color primaries.
+ (CVE-2017-14225)
+ - avformat/rtpdec_h264: Fix heap-buffer-overflow. (CVE-2017-14767)
+
+ -- Sebastian Ramacher <sramacher at debian.org> Mon, 09 Oct 2017 18:57:17 +0200
+
ffmpeg (7:3.2.7-1~deb9u1) stretch-security; urgency=high
* New upstream release.
--
ffmpeg packaging
More information about the pkg-multimedia-commits
mailing list