|
Message-ID: <20140615172713.GI13210@danbala.tuwien.ac.at> Date: Sun, 15 Jun 2014 19:27:13 +0200 From: Thomas Klausner <wiz@...BSD.org> To: oss-security@...ts.openwall.com Subject: older ffmpeg overflows/out-of-bounds-accesses/etc. Hi! Here's a list of commits to the ffmpeg repository which look like they might fix trouble. I don't think CVEs are assigned for these, but it's a long list, so I'm not completely sure. I don't know if it's worth the trouble to assign CVEs for these now, since they all were fixed last year, but I thought I'd bring them to your attention. Please use your own judgment. June/July 2013: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=6e9bfc19bd7be2b28258ca93d706cb67ed482c65;hp=16f3102f41031f70a24cf25836b1b7ab972c1265 http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=bbc19010edfdb1b2e248a24894c5ec77960bbfc3;hp=702c1bf240f255d9afe2c3dbf2f07d7fbdc2ffc7 http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=c59ce1c98e5fdcd3d00fa4980ec8516eb9cad2c4;hp=b28851a1d688f2c650977ea73c1d775417a0bd0e http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=c51654fbc023f22feabee68a858a1a33e12ed9f6;hp=a28f4fd1ea45821100032403ebdac1c164b10007 http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=b26bcd08e670b90740f7253f21adddafb9d8c478;hp=c51654fbc023f22feabee68a858a1a33e12ed9f6 http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=c49d94487c6135325930cbc4a8cd96d38ef6653e;hp=75b9fb27f516f9db7995ab2c2abb83e25cae5813 http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=21d0f75f29ca97b2ca31bd4451f488163a27e24f;hp=c49d94487c6135325930cbc4a8cd96d38ef6653e http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=bce2ed55596a603b0dd35e000e064b9a40eee542;hp=369684f1092427a3cfa1a62b43f2952a5554061d http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=9c2216976907336dfae0e8e38a4d70ca2465a92c;hp=999ccd2d0a43640921088578f138c874f6cc0f8a http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=467e7a8f26e54c300ba494bf00033fec1078fa45;hp=0ea135613788ef69ee4f52afb520a169e6da6b9e http://git.videolan.org/?p=ffmpeg.git;a=commit;h=38229362529ed1619d8ebcc81ecde85b23b45895 http://git.videolan.org/?p=ffmpeg.git;a=commit;h=e30b068ef79f604ff439418da07f7e2efd01d4ea http://git.videolan.org/?p=ffmpeg.git;a=commit;h=6765ee7b9cba46818a45b051438b2552f0a1b70a http://git.videolan.org/?p=ffmpeg.git;a=commit;h=7388c0c58601477db076e2e74e8b11f8a644384a http://git.videolan.org/?p=ffmpeg.git;a=commit;h=95a57d26d8653d21f0dab1aff3558ee944853dbf http://git.videolan.org/?p=ffmpeg.git;a=commit;h=b564784a207b1395d2b5a41e580539df04651096 http://git.videolan.org/?p=ffmpeg.git;a=commit;h=78962d3df49afe5011b572656ecfe940bd5fbf2e http://git.videolan.org/?p=ffmpeg.git;a=commit;h=cf04af2086be105ff86088357b83d672d38417d9 http://git.videolan.org/?p=ffmpeg.git;a=commit;h=eae63e3c156f784ee0612422f0c95131ea913c14 http://git.videolan.org/?p=ffmpeg.git;a=commit;h=fd54dd028bc9f7bfb80ebf823a533dc84b73f936 http://git.videolan.org/?p=ffmpeg.git;a=commit;h=76f5dfbfd902178df4a38221a68dc8540189345a http://git.videolan.org/?p=ffmpeg.git;a=commit;h=c4abc9098cacb227dba39bac6aea16b2bceba0d0 http://git.videolan.org/?p=ffmpeg.git;a=commit;h=f5e646a00ac21e500dae4bcceded790a0fbc5246 http://git.videolan.org/?p=ffmpeg.git;a=commit;h=f27b22b4974c740f4c7b4140a793cac196179266 http://git.videolan.org/?p=ffmpeg.git;a=commit;h=ddefb80c95d88e88aeb7bc938d58c0389bb83b78 http://git.videolan.org/?p=ffmpeg.git;a=commit;h=8435bca087c0e79385763c51de009fd89390b6a5 http://git.videolan.org/?p=ffmpeg.git;a=commit;h=6255ccf7d51c82ab79bf0cd47a921f572dda4489 http://git.videolan.org/?p=ffmpeg.git;a=commit;h=cd78e934c246d1b2510f8fba0abfe40bb75795f6 http://git.videolan.org/?p=ffmpeg.git;a=commit;h=dc79685195a45c9b8b17d7b93d118e0aefa45462 August 2013 http://git.videolan.org/?p=ffmpeg.git;a=commit;h=5ef7c84a9374681c64722a96d91741f3b990af2b http://git.videolan.org/?p=ffmpeg.git;a=commit;h=c59967fa7cc5bc2fa06b36c17d2c207240c06b3e November 2013 http://git.videolan.org/?p=ffmpeg.git;a=commit;h=6d9dad6a7cb5d544d540abf941fedbd34c14d2bd http://git.videolan.org/?p=ffmpeg.git;a=commit;h=808c10e728db2d92ccbb0f8b3bcd4a2f4305a2cf http://git.videolan.org/?p=ffmpeg.git;a=commit;h=4d388c0cd05dd4de545e8ea333ab4de7d67ad12d Thomas
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.